{ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; private.url = "git+ssh://git@git.tempest.dev/ashe/nixos-config-private"; tmpfiles.url = "git+http://git.tempest.dev/ashe/tmpfiles"; tempestdev.url = "git+http://git.tempest.dev/ashe/tempest.dev"; tempest-secret.url = "git+ssh://git@git.tempest.dev/ashe/tempest-skycord-secret"; tempest-contact.url = "git+http://git.tempest.dev/ashe/contact-api"; }; outputs = { self, nixpkgs, private, tmpfiles, tempestdev, tempest-secret, tempest-contact }: { nixosConfigurations = { nyx = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./hosts/nyx/configuration.nix private.nixosModules.nyx tmpfiles.nixosModule tempestdev.nixosModule tempest-secret.nixosModule tempest-contact.nixosModule ({ pkgs, ...}: { networking.firewall.allowedTCPPorts = [ 80 443 ]; services.nginx.enable = true; security.acme.acceptTerms = true; security.acme.defaults.email = "acme@tempest.dev"; ashe.services.tmpfiles.enable = true; ashe.services.tmpfiles.domain = "files.tempest.dev"; ashe.services.tmpfiles.port = 4441; ashe.services."tempest.dev".enable = true; ashe.services."tempest.dev".domain = "test.tempest.dev"; ashe.services."tempest.dev".port = 4442; ashe.services.tempest-secret.enable = true; ashe.services.tempest-secret.domain = "test.tempest.dev"; ashe.services.tempest-secret.path = "/secret"; ashe.services.tempest-secret.port = 4443; ashe.services.tempest-api-contact.enable = true; ashe.services.tempest-api-contact.domain = "contact.tempest.dev"; ashe.services.tempest-api-contact.configFile = "/etc/tempest/contact.json"; ashe.services.tempest-api-contact.port = 4444; services.nginx.virtualHosts."static.tempest.dev" = { root = "/var/www/static"; forceSSL = true; enableACME = true; }; }) ]; }; }; }; }