{ modulesPath, pkgs, lib, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; networking.hostName = "lunasa"; zramSwap.enable = true; services.openssh.enable = true; boot.tmp.cleanOnBoot = true; boot.loader.grub.device = "/dev/sda"; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; boot.initrd.kernelModules = [ "nvme" ]; fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; nix = { package = pkgs.nixVersions.nix_2_22; settings = { auto-optimise-store = lib.mkDefault true; experimental-features = [ "nix-command" "flakes" "ca-derivations" ]; }; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKoDv47WF/WGsIn47xdmkNeScQSF3yTzLhaZoR+kFUJy" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOXWOPpEDdVUQEFLucXbxmOhW64QXbCu6lF8vRLlKyoT" ]; networking.firewall.allowedTCPPorts = [ 80 443 25565 # minecraft ]; services.forgejo = { enable = true; lfs.enable = true; settings = { server = { DOMAIN = "git.nazrin.limited"; ROOT_URL = "https://git.nazrin.limited/"; HTTP_PORT = 3000; }; service.DISABLE_REGISTRATION = true; repository = { ENABLE_PUSH_CREATE_USER = true; ENABLE_PUSH_CREATE_ORG = true; }; actions = { enabled = true; DEFAULT_ACTIONS_URL = "github"; }; }; }; services.caddy = { enable = true; email = "shadows@with.al"; virtualHosts = { "git.nazrin.limited" = { extraConfig = '' reverse_proxy localhost:3000 ''; }; }; }; services.tailscale.enable = true; networking.nftables = { enable = true; ruleset = '' table ip nat { chain PREROUTING { type nat hook prerouting priority dstnat; policy accept; iifname "enp1s0" tcp dport 25565 dnat to 100.66.105.22:25565 } } ''; }; networking.nat = { enable = true; internalInterfaces = [ "enp1s0" ]; externalInterface = "tailscale0"; forwardPorts = [{ destination = "100.66.105.22:25565"; proto = "tcp"; sourcePort = 25565; }]; }; system.stateVersion = "23.11"; }