{ config, lib, pkgs, ... }: { imports = [ ../template/hardware-configuration.nix ../../system ../../common/vm ]; nixpkgs.config.allowUnfree = true; # Use the systemd-boot EFI boot loader. boot.loader.grub = { enable = true; device = "/dev/sda"; configurationLimit = 3; }; networking.hostName = "ha1"; networking.domain = "home.2rjus.net"; networking.useNetworkd = true; networking.useDHCP = false; services.resolved.enable = true; networking.nameservers = [ "10.69.13.5" "10.69.13.6" ]; systemd.network.enable = true; systemd.network.networks."ens18" = { matchConfig.Name = "ens18"; address = [ "10.69.13.9/24" ]; routes = [ { Gateway = "10.69.13.1"; } ]; linkConfig.RequiredForOnline = "routable"; }; time.timeZone = "Europe/Oslo"; nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.tarball-ttl = 0; environment.systemPackages = with pkgs; [ vim wget git ]; # Backup service dirs sops.secrets."backup_helper_secret" = { }; backup-helper = { enable = true; password-file = "/run/secrets/backup_helper_secret"; backup-dirs = [ "/var/lib/hass" "/var/lib/zigbee2mqtt" "/var/lib/mosquitto" ]; }; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. networking.firewall.enable = false; system.stateVersion = "23.11"; # Did you read the comment? }