NixOS/hosts/miniserver/configuration.nix

{ ... }:
{
  imports = [
    ./hardware-configuration.nix
    ../../base.nix
  ];
  my = import ./toggles.nix;
  networking = {
    hostName = "miniserver";
    firewall = {
      allowedTCPPorts = [ 2049 ];
      allowedUDPPorts = [ 2049 ];
    };
  };
  nix =
    let
      featuresList = [
        "nixos-test"
        "benchmark"
        "big-parallel"
        "kvm"
        "gccarch-znver3"
        "gccarch-skylake"
        "gccarch-alderlake"
      ];
    in
    {
      settings.cores = 3;
      buildMachines =
        let
          buildMachine = hostName: maxJobs: {
            inherit hostName maxJobs;
            system = "x86_64-linux";
            sshUser = "nixremote";
            speedFactor = 1;
            supportedFeatures = featuresList;
          };
        in
        [
          (buildMachine "workstation" 10)
          (buildMachine "server" 6)
        ];
    };
  nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1w" ];
  users = {
    groups.nixremote.gid = 555;
    users.nixremote = {
      isNormalUser = true;
      createHome = true;
      group = "nixremote";
      home = "/var/nixremote/";
      openssh.authorizedKeys.keyFiles = [ ../../secrets/ssh/ed25519_nixworkstation.pub ];
    };
  };
  services = {
    btrfs.autoScrub = {
      enable = true;
      fileSystems = [ "/" ];
    };
    minidlna = {
      enable = false;
      openFirewall = true;
      settings = {
        inotify = "yes";
        media_dir = [ "/srv/pool/" ];
      };
    };
  };
}