{ config, modulesPath, lib, pkgs, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/profiles/qemu-guest.nix") ./vps-disk-config.nix ]; boot.loader.grub = { # no need to set devices, disko will add all devices that have a EF02 partition to the list already # devices = [ ]; efiSupport = true; efiInstallAsRemovable = true; }; environment.systemPackages = with pkgs; [ curl ]; networking.hostName = "tien"; # do not use DHCP, as dashserv provisions IPs using cloud-init (see service below) networking.useDHCP = pkgs.lib.mkForce false; networking.firewall = { enable = true; allowedTCPPorts = [ 80 443 ]; trustedInterfaces = [ "tailscale0" ]; }; services.caddy = { enable = true; email = lib.strings.concatStrings ["mail" "@" "johannes-rothe.de"]; virtualHosts = { "johannes-rothe.de".extraConfig = '' reverse_proxy base:11112 ''; "www.johannes-rothe.de".extraConfig = '' reverse_proxy base:11112 ''; "cloud.johannes-rothe.de".extraConfig = '' reverse_proxy base:5002 ''; "feeds.johannes-rothe.de".extraConfig = '' reverse_proxy base:1990 ''; "git.johannes-rothe.de".extraConfig = '' reverse_proxy base:3001 ''; "radicale.johannes-rothe.de".extraConfig = '' reverse_proxy base:5232 ''; }; }; services.cloud-init = { enable = true; network.enable = true; }; services.tailscale.enable = true; system.stateVersion = "24.05"; }