nixos-config/sites/daisy/configuration.nix

{ config, lib, pkgs, ... }:

{
  imports = [ ./hardware-configuration.nix ../../configuration-desktop.nix ];

  boot.initrd.supportedFilesystems = [ "zfs" ];
  boot.initrd.systemd.enable = true;
  services.zfs.autoScrub.enable = true;
  services.zfs.trim.enable = true;
  # fstrim is also enabled by nixos-hardware, but only runs for /boot

  services.fprintd.enable = true;
  # fix hang on initial login
  security.pam.services.login.fprintAuth = false;

  networking.hostName = "daisy";
  networking.hostId = "293a1290";

  # Open ports in the firewall.
  networking.firewall.allowedTCPPorts = [ 22 80 443 1337 8081 ];
  networking.firewall.allowedUDPPorts = [ 1337 ];

  system.stateVersion = "24.11";
  #services.immich.enable = true;

  environment.systemPackages = [
    pkgs.idapro9
    pkgs.qemu_kvm
    (pkgs.runCommand "OVMF-fd" {} ''
      mkdir -p $out/share/FV
      ln -s ${pkgs.OVMF.fd}/FV/OVMF_CODE.fd $out/share/FV/OVMF_CODE.fd
    '')
    pkgs.OVMF.fd
  ];

  services.postgresql = {
    enable = true;
    ensureDatabases = [ "bingosync" ];
    ensureUsers = [
      {
        name = "bingosync";
        ensureDBOwnership = true;
      }
    ];
  };
  #services.postgresql.authentication = ''
  #  local all all peer map=pgadmin-superuser
  #'';
  #services.postgresql.identMap = ''
  #  pgadmin-superuser pgadmin postgres
  #  pgadmin-superuser postgres postgres
  #'';
  #services.pgadmin.enable = true;
  #services.pgadmin.initialEmail = "audrey@rhelmot.io";
  #services.pgadmin.initialPasswordFile = "/var/lib/pgadmin/initial_password_file";

  services.bingosync = {
    enable = true;
    debug = true;
    domain = "celestebingo";
    socketsDomain = "sockets-celestebingo";
    #databaseUrl = "sqlite:////tmp/bingosync.db";
    databaseUrl = "postgres://%2Frun%2Fpostgresql/bingosync";
    extraPythonPackages = p: [ p.psycopg2 ];
  };

  networking.extraHosts = ''
    127.0.0.1 celestebingo
    127.0.0.1 sockets-celestebingo
  '';
}