Fediversity/machines/dev/fedi201/fedipanel.nix

{
  config,
  sources,
  ...
}:
let
  name = "panel";
in
{
  _class = "nixos";

  imports = [
    (../../../panel { }).module
    "${sources.home-manager}/nixos"
  ];

  security.acme = {
    acceptTerms = true;
    defaults.email = "beheer@procolix.com";
  };

  age.secrets.panel-ssh-key = {
    owner = name;
    mode = "400";
  };

  programs.ssh.startAgent = true;

  home-manager = {
    users.${name}.home = {
      stateVersion = "25.05";
      file.".ssh/config" = {
        text = ''
          IdentityFile ${config.age.secrets.panel-ssh-key.path}
        '';
      };
    };
  };

  services.${name} = {
    enable = true;
    production = true;
    domain = "demo.fediversity.eu";
    secrets = {
      SECRET_KEY = config.age.secrets.panel-secret-key.path;
    };
    port = 8000;
  };
}