{ imports = [ ./hardware-configuration.nix ]; modules = { meta = { tailscale.ip = "100.64.0.6"; }; services.tailscale = { enable = true; tags = [ "server" "backup" ]; extraFlags = [ "--accept-dns=false" ]; # Want to disable that since *server* can't access the private dns... for now }; server = { rsync-daemon = { enable = true; openFirewall = true; location = "/mnt/backups"; address = "100.64.0.6"; modules = [ { name = "paperless-backup"; comment = "backups for paperless"; mode = "write"; } { name = "immich-backup"; comment = "backups for immich"; mode = "write"; } { name = "shan"; comment = "backups for shan"; mode = "write"; } { name = "music-backup"; comment = "backup location for music files"; mode = "write"; } { name = "shows-backup"; comment = "backup location for tv shows"; mode = "write"; } { name = "movies"; comment = "backup location for movies and shows"; mode = "write"; } { name = "books"; comment = "backup location for books"; mode = "write"; } { name = "games"; comment = "backup location for games"; mode = "write"; } { name = "brontes-backup"; comment = "brontes's backup space"; mode = "write"; } ]; }; }; }; security.polkit.enable = true; services.prometheus.exporters.node = { enable = true; port = 9000; # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix enabledCollectors = [ "systemd" ]; # /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help extraFlags = [ "--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi" ]; }; networking.firewall.allowedTCPPorts = [ 9000 ]; boot.initrd.systemd.tpm2.enable = false; system.stateVersion = "24.11"; }