nixos-config/configs/workhorse/configuration.nix

{ lib, config, pkgs, ... }: {
  imports = [

    <system/server>
    ./hardware-configuration.nix

    ./bepasty.nix
    ./castget.nix
    ./gogs.nix
    ./grafana.nix
    ./graylog.nix
    ./jenkins.nix
    #./kibana.nix
    #./lektor-gaykraft.nix
    #./lektor-terranix.nix
    ./mail-fetcher.nix
    ./packages.nix
    ./prometheus.nix
    ./restic.nix
    ./syncthing.nix
    ./taskserver.nix
    ./tinc.nix
    ./transmission.nix
    ./weechat.nix
    #./wetten.nix
    ./nextcloud.nix
    ./mattermost.nix
  ];

  # todo: add this to each file instead summing that here
  on-failure.plans = {
    gogs.name = "gogs";
    jenkins.name = "jenkins";
    graylog.name = "graylog";
    prometheus.name = "prometheus";
    taskserver.name = "taskserver";
    weechat.name = "weechat";
    transmission.name = "transmission";
    mail-fetcher.name = "fetchmail";
  };

  networking.hostName = "workhorse";

  # enable initrd ssh
  configuration.init-ssh = {
    enable = "enabled";
    kernelModules = [ "r8169" ];
    hostECDSAKey = <secrets/init-ssh/host_ecdsa_key>;
  };

  # nix-shell -p speedtest_cli --run speedtest
  configuration.fireqos = {
    enable = true;
    interface = "eth0";
    input = 30000;
    output = 2000;
    balance = false;
  };

  security.wrappers = {
    pmount.source = "${pkgs.pmount}/bin/pmount";
    pumount.source = "${pkgs.pmount}/bin/pumount";
  };

  services.logind.lidSwitch = lib.mkForce "ignore";
  system.custom.x11.enable = lib.mkForce false;
  programs.custom.steam.enable = false;
  programs.custom.video.enable = false;

  # font
  # ----
  programs.custom.urxvt.fontSize = 17;
  programs.custom.xterm.fontSize = 17;
  system.custom.fonts.dpi = 140;

  services.printing.enable = true;
  nix.useSandbox = true;

  virtualisation = {
    docker.enable = true;
    #virtualbox = {
    #  host.enable = true;
    #  guest.x11 = true;
    #  guest.enable = true;
    #};
  };

  services.smartd.enable = true;

}