added actual hardware identifiers & atual network config

nixos/machines/nyarlathotep/boot.nix

@@ -0,0 +1,8 @@
+{
+  imports = [ ];
+  boot.loader.grub = {
+    device = "nodev";
+    enable = true;
+  };
+}
+

nixos/machines/nyarlathotep/configuration.nix

@@ -1,7 +1,15 @@
 flake-inputs:
 {config, pkgs, lib, ... }: {
 
-imports = [(import ./mail.nix flake-inputs)];
+imports = [
+  ./hardware-configuration.nix
+  (import ./mail.nix flake-inputs)
+  ../../roles
+  ./boot.nix
+  ./network.nix
+];
 
 # System configuration here
+
+  system.stateVersion = "23.11";
 }

nixos/machines/nyarlathotep/hardware-configuration.nix

@@ -0,0 +1,24 @@
+{config, lib, pkgs, modulesPath, ...}: {
+  imports = [ ];
+
+  boot.initrd.availableKernelModules =
+    [ "ata_piix" "sr_mod" "xen_bklfront" ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/a72da670-f631-49b1-bcb3-6d378cc1f2d0";
+    fsType = "ext4";
+  };
+  fileSystems."/var/mail" = {
+    device = "/dev/disk/by-uuid/23c44c93-5035-4e29-9e46-75c1c08f4cea";
+    fsType = "ext4";
+  };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/8bc30d17-3c08-4648-ab18-8c723523be1a"; }];
+
+  nix.settings.max-jobs = lib.mkDefault 4;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}

nixos/machines/nyarlathotep/mail.nix

@@ -23,12 +23,12 @@ flake-inputs:
 
     # Fun dovecot stuff :
 
-    # mailDirectory = "/var/vmail/"; # directory to store mail leave at default.
+    mailDirectory = "/var/mail/vmail/"; # directory to store mail
      
     hierarchySeparator = "/"; # seperator for imap mailboxes from client view
 
     # Caching of search indices
-    indexDir = "/var/lib/dovecot/indices";
+    indexDir = "/var/mail/lib/dovecot/indices";
     fullTextSearch = {
       enforced = "body"; # only brute force headers if no search index is available
     };

nixos/machines/nyarlathotep/network.nix

@@ -0,0 +1,15 @@
+# We sohuld put that config somewhere in roles and give it a parameter or something,
+# everyone gets the same nameserver and the same prefixLength and address vs defaultGateway alsways
+# depend on the same thing 
+{
+  imports = [ ];
+  networking = {
+    interfaces.enX0.ipv4.addresses = [ {
+      addresses = "192.168.0.28";
+      prefixLength = 16;
+    } ];
+    defaultGateway = "192.168.0.155";
+    nameservers = ["130.83.2.22" "130.83.56.60" "130.83.22.60" "130.82.22.63"];
+  };
+}
+

nixos/roles/default.nix

@@ -1,4 +1,52 @@
-{ ... } : {
+{pkgs, config, lib, ...} : {
+
+imports = [ ./admins.nix ];
+nix = {
+  extraOptions = ''
+    experimental-features = nix-command flakes
+    builders-use-substitutes = true
+  '';
+};
+
+networking = {
+  firewall = { # these shoud be default, but better make sure!
+    enable = true;
+    allowPing = true;
+  };
+  nftables.enable = true;
+  useDHCP = false; # We don't speak DHCP and even if we would, we should enable it per interface
+  # hosts = # TODO write something to autogenerate ip adresses!
+};
+
+users = {
+  mutableUsers = false;
+};
 
 sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+
+environment = {
+  systemPackages = builtins.attrValues {
+    inherit (pkgs)
+      htop lsof tmux btop;
+  };
+};
+
+services = {
+  journald.extraConfig = "SystemMaxUse=5G";
+
+  nginx = {
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedTlsSettings = true;
+  };
+
+  openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+    };
+  };
+};
+>>>>>>> 2b0eec7 (added actual hardware identifiers & atual network config)
 }