1 files changed, 60 insertions, 0 deletions

diff --git a/com/simatime.nix b/com/simatime.nix
new file mode 100644
index 0000000..e26219a
--- /dev/null
+++ b/com/simatime.nix
@@ -0,0 +1,60 @@
+{ nixos }:
+
+/*
+
+com.simatime - cloud infrastructure server.
+
+This serves the git repo, mailserver, znc bouncer, user sites, and so on.
+
+Currently also used as a catch-all production/staging server, until I get real
+stuff deployed.
+
+*/
+
+{
+  service =
+    let
+      nixos-mailserver = builtins.fetchTarball {
+        url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz";
+        sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx";
+      };
+    in nixos {
+      system = "x86_64-linux";
+      configuration = {
+        imports = [
+          ./simatime/hardware.nix
+          ./simatime/networking.nix
+
+          # common infra
+          ./simatime/users.nix
+          ./simatime/packages.nix
+
+          # configured modules
+          ./simatime/git.nix
+          ./simatime/mail.nix
+          ./simatime/web.nix
+          ./simatime/znc.nix
+
+          # third party
+          nixos-mailserver
+        ];
+
+        nixpkgs.config.allowUnfree = true;
+
+        programs.mosh = {
+          enable = true;
+          withUtempter = true;
+        };
+
+        services.openssh = {
+          enable = true;
+          passwordAuthentication = false;
+        };
+
+        security.sudo.wheelNeedsPassword = true;
+        boot.cleanTmpDir = true;
+      };
+    };
+
+  dev = import ./simatime/dev.nix { inherit nixos; };
+}