roles/remote-server.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

{
  pkgs,
  ...
}:

{
  imports = [
    ../modules/common.nix
    ../modules/plasma.nix
    ../modules/fonts.nix
    ../modules/flatpak.nix
    ../modules/hardware-keys.nix

    # primary streaming setup
    ../modules/sunshine.nix
  ];

  services = {
    tailscale = {
      enable = true;
      useRoutingFeatures = "both";
      extraUpFlags = [ "--ssh" ];
    };
    openssh = {
      enable = true;
      openFirewall = true;
    };
  };

  programs = {
    steam = {
      enable = true;
      remotePlay.openFirewall = true;
      dedicatedServer.openFirewall = true;
      localNetworkGameTransfers.openFirewall = true;
    };
    virt-manager.enable = true;
  };

  virtualisation = {
    docker = {
      enable = true;
      daemon.settings.dns = [
        "1.1.1.1"
        "1.0.0.1"
      ];
    };
  };

  age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
}