{ config, pkgs, ... }:

{
  imports = [
    ./hardware-configuration.nix
    # ./services/hedgedoc.nix
    #./services/daemoniones.nix
    ./services/nginx.nix
    ./services/pleroma.nix
    ./services/cgit.nix
    # ./services/surveys.nix
    #./services/picarones.nix
    ./services/dockerhub.nix
    ./services/blog.nix
    ./services/znc.nix
    ./services/mail.nix
    ./services/trainspotter.nix
  ];
  
  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.devices = [ "/dev/sda" ];

  networking = {
    hostName = "flora";
    
    enableIPv6 = true;
    defaultGateway6 = {
      address = "fe80::1";
      interface = "ens3";
    };
    
    interfaces.ens3.ipv6.addresses = [ {
      address = "2a01:4f9:c010:df15::1";
      prefixLength = 64;
    } ]; 
    
    useDHCP = false;
    interfaces.ens3.useDHCP = true;

    firewall.logRefusedConnections = false;
    

  };

  services.fail2ban = {
    enable = true;
    bantime-increment.enable = true;
    bantime-increment.overalljails = true;
    bantime-increment.maxtime = "1312m";
    ignoreIP = [ "88.133.194.232" ];
  };
  
  services.logrotate = {
    enable = true;
    # the nginx module does stuff here, which apparently no one tells anyone about
    settings.nginx = {
      rotate = 2;
      nocompress = true;
      compress = false;
    };
  };

  
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "20.09"; # Did you read the comment?

}