Merge branch 'main' of git.deuxfleurs.fr:Deuxfleurs/nixcfg into main

This commit is contained in:
ADRN 2021-11-18 15:39:08 +01:00
commit a225d3bcbd
4 changed files with 67 additions and 59 deletions

View file

@ -15,20 +15,6 @@ in
./node.nix ./node.nix
]; ];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
nix = {
binaryCaches = [
"http://binarycache.home.adnab.me"
];
binaryCachePublicKeys = [
"binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
];
};
# The global useDHCP flag is deprecated, therefore explicitly set to false here. # The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config # Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour. # replicates the default behaviour.
@ -36,12 +22,7 @@ in
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Networking configuration (static IPs for each node is defined in node/*.nix) # Networking configuration (static IPs for each node is defined in node/*.nix)
networking.nameservers = [ "9.9.9.9" ]; networking.nameservers = [ "9.9.9.9" ];
networking.defaultGateway = {
address = "192.168.1.254";
interface = "eno1";
};
# Wireguard VPN configuration # Wireguard VPN configuration
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
@ -59,6 +40,12 @@ in
endpoint = "77.141.67.109:42136"; endpoint = "77.141.67.109:42136";
persistentKeepalive = 10; persistentKeepalive = 10;
} }
{ # Robinson
publicKey = "ETaZFil3mFXlJ0LaJZyWqJVLV2IZUF5PB/8M7WbQSTg=";
allowedIPs = [ "10.42.0.42/32" ];
endpoint = "77.141.67.109:33742";
persistentKeepalive = 10;
}
{ # Shiki { # Shiki
publicKey = "QUiUNMk70TEQ75Ut7Uqikr5uGVSXmx8EGNkGM6tANlg="; publicKey = "QUiUNMk70TEQ75Ut7Uqikr5uGVSXmx8EGNkGM6tANlg=";
allowedIPs = [ "10.42.0.206/32" ]; allowedIPs = [ "10.42.0.206/32" ];
@ -214,33 +201,12 @@ in
# List services that you want to enable: # List services that you want to enable:
# Enable Yggdrasil networking
services.yggdrasil.enable = true;
services.yggdrasil.persistentKeys = true;
services.yggdrasil.config = {
Listen = [
"tcp://0.0.0.0:54312"
];
Peers = [
"tcp://37.187.118.206:53102"
"tcp://192.168.1.21:54312"
"tcp://192.168.1.22:54312"
"tcp://192.168.1.23:54312"
];
MulticastInterfaces = [
"eno1"
];
};
# Enable network time # Enable network time
services.ntp.enable = true; services.ntp.enable = true;
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh.enable = true;
# Enable netdata monitoring
services.netdata.enable = true;
# Enable Hashicorp Consul & Nomad # Enable Hashicorp Consul & Nomad
services.consul.enable = true; services.consul.enable = true;
services.consul.extraConfig = services.consul.extraConfig =
@ -298,7 +264,6 @@ in
4646 4647 4648 # Nomad 4646 4647 4648 # Nomad
8500 8300 8301 8302 # Consul 8500 8300 8301 8302 # Consul
19999 # Netdata 19999 # Netdata
54312 # Yggdrasil
]; ];
networking.firewall.allowedUDPPorts = [ networking.firewall.allowedUDPPorts = [
4648 # Nomad 4648 # Nomad

View file

@ -3,6 +3,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "carcajou"; networking.hostName = "carcajou";
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
@ -12,15 +17,27 @@
prefixLength = 24; prefixLength = 24;
} }
]; ];
# networking.interfaces.eno1.ipv6.addresses = [ networking.defaultGateway = {
# { address = "192.168.1.254";
# address = "2a01:e0a:c:a720::22"; interface = "eno1";
# prefixLength = 64; };
# }
# ];
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
ips = [ "10.42.0.22/16" ]; ips = [ "10.42.0.22/16" ];
listenPort = 33722; listenPort = 33722;
}; };
# Enable netdata monitoring
services.netdata.enable = true;
# ----
nix = {
binaryCaches = [
"http://binarycache.home.adnab.me"
];
binaryCachePublicKeys = [
"binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
];
};
} }

View file

@ -3,6 +3,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "cariacou"; networking.hostName = "cariacou";
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
@ -12,15 +17,27 @@
prefixLength = 24; prefixLength = 24;
} }
]; ];
# networking.interfaces.eno1.ipv6.addresses = [ networking.defaultGateway = {
# { address = "192.168.1.254";
# address = "2a01:e0a:c:a720::21"; interface = "eno1";
# prefixLength = 64; };
# }
# ];
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
ips = [ "10.42.0.21/16" ]; ips = [ "10.42.0.21/16" ];
listenPort = 33721; listenPort = 33721;
}; };
# Enable netdata monitoring
services.netdata.enable = true;
# ----
nix = {
binaryCaches = [
"http://binarycache.home.adnab.me"
];
binaryCachePublicKeys = [
"binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
];
};
} }

View file

@ -3,6 +3,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "caribou"; # Define your hostname. networking.hostName = "caribou"; # Define your hostname.
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
@ -12,12 +17,10 @@
prefixLength = 24; prefixLength = 24;
} }
]; ];
# networking.interfaces.eno1.ipv6.addresses = [ networking.defaultGateway = {
# { address = "192.168.1.254";
# address = "2a01:e0a:c:a720::23"; interface = "eno1";
# prefixLength = 64; };
# }
# ];
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
ips = [ "10.42.0.23/16" ]; ips = [ "10.42.0.23/16" ];
@ -27,6 +30,12 @@
# OR use USB modem plugged in here # OR use USB modem plugged in here
#networking.interfaces.enp0s20u1.useDHCP = true; #networking.interfaces.enp0s20u1.useDHCP = true;
# Enable netdata monitoring
services.netdata.enable = true;
# ----
# Enable nix-serve # Enable nix-serve
services.nix-serve = { services.nix-serve = {
enable = true; enable = true;