nixos/hosts/cloudnix/default.nix

{
  configVars,
  outputs,
  lib,

  ...
}: let
  user = "admin";
  merlinIp = configVars.networking.addresses.merlin.ip;
  cloudnixIp = configVars.networking.addresses.cloudnix.ip;
  btrfsMountDevice = "/dev/sda2";
in {
  imports = [
    # Create users for this host
    ../common/users/${user}

    # Import core options
    ./hardware-configuration.nix
    ../common/core

    # Impermanence
    ../common/optional/persistence.nix
    (import ../common/disks/btrfs/impermanence.nix {
      btrfsMountDevice = btrfsMountDevice;
      lib = lib;
    })

    # Import optional options
    ../common/optional/persistence.nix
    ../common/optional/openssh.nix

    ../common/optional/distributed-builds/local-machine.nix

    outputs.nixosModules.nixosAutoUpgrade
  ];

  boot = {
    loader = {
      efi.canTouchEfiVariables = false;
      grub = {
        enable = true;
        devices = ["/dev/sda"];
      };
    };
  };

  services = {
    earlyoom = {
      enable = true;
      freeMemThreshold = 5; # <%5 free
    };
  };

  system.services.nixosAutoUpgrade = {
    enable = true;
    persistent = true;
    remote = "remotebuild@${merlinIp}";
    reboot = false;
    pushUpdates = false;
    configDir = "/etc/nixos";
    onCalendar = "*-*-* 06:00:00";
    user = "admin";
  };

  networking = {
    hostName = "cloudnix";
    nameservers = ["8.8.8.8"];
    firewall.enable = true;
  };

  systemd.network.networks."10-wan" = {
    networkConfig.DHCP = "no";
    address = [
      "${cloudnixIp}/32"
    ];
    routes = [
      { routeConfig = { Destination = "172.31.1.1"; }; }
      { routeConfig = { Gateway = "172.31.1.1"; GatewayOnLink = true; }; }
    ];
  };

  services.libinput.enable = true;
}