nix-config/hosts/server7/configuration.nix

{ config, pkgs, lib, ... }:

{
  imports = [
    <nixpkgs/nixos/modules/profiles/minimal.nix>
    ../../lib/hq.nix
    ../../lib/yggdrasil.nix
    ../../lib/emery.nix
    ./containers
    ./hardware-configuration.nix
    ./yggdrasil-prefix.nix
    ./hydra.nix
    ./nix-serve.nix
  ];

  security.sudo.wheelNeedsPassword = false;
  services.openssh = {
    enable = true;
    passwordAuthentication = false;
    # DO NOT CHANGE, KINDERGARTEN IS OVER
  };

  services.yggdrasil = {
    openMulticastPort = true;
    configFile = "/var/lib/yggdrasil/keys";
    config.Peers = [
      "tcp://[2a03:3b40:fe:ab::1]:46370" # Praha
      "tcp://ygg.thingylabs.io:443" # Nürnberg
      "tcp://176.223.130.120:22632" # Wrocław
      "tcp://[2a05:9403::8b]:7743" # Praha
    ];
  };

  programs.mosh.enable = true;

  nix = {
    package = pkgs.nixFlakes;
    extraOptions = "experimental-features = nix-command flakes";
    gc.automatic = true;
    trustedUsers = [ "root" ];
    buildMachines = [{
      hostName = "hydra.hq.c3d2.de";
      system = "x86_64-linux";
      maxJobs = 2;
    }];
  };

  networking = {
    firewall.enable = false;
    hostName = "serve7";
    useDHCP = false;
    bridges.br0.interfaces = [ "enp2s0f1" ];
    interfaces = {
      enp2s0f0 = {
        useDHCP = true;
        preferTempAddress = true;
        ipv4.addresses = [{
          address = "172.22.99.245";
          prefixLength = 24;
        }];
      };
      enp2s0f1.useDHCP = false;
    };
  };

  environment.systemPackages = with pkgs; [ tmux htop vim gitMinimal nixfmt ];

  services.collectd = {
    enable = true;
    autoLoadPlugin = true;
    extraConfig = ''
      Interval 10
      <Plugin "cpu">
      </Plugin>
      <Plugin "memory">
      </Plugin>
      <Plugin "interface">
      </Plugin>
      <Plugin "load">
      </Plugin>
      <Plugin "swap">
      </Plugin>
      <Plugin "network">
        Server "grafana.hq.c3d2.de" "25826"
      </Plugin>
    '';
  };

  boot.tmpOnTmpfs = true;

  # Use the systemd-boot EFI boot loader.
  boot.loader = {
    systemd-boot.enable = true;
    efi.canTouchEfiVariables = true;
  };

  time.timeZone = "Europe/Berlin";

  system.stateVersion = "19.09"; # Did you read the comment?
}