factor out some configs

This commit is contained in:
Alex 2021-11-18 14:38:48 +01:00
parent 45f0309608
commit 478249fbe8
No known key found for this signature in database
GPG key ID: EDABF9711E244EB1
4 changed files with 61 additions and 59 deletions

View file

@ -15,20 +15,6 @@ in
./node.nix ./node.nix
]; ];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
nix = {
binaryCaches = [
"http://binarycache.home.adnab.me"
];
binaryCachePublicKeys = [
"binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
];
};
# The global useDHCP flag is deprecated, therefore explicitly set to false here. # The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config # Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour. # replicates the default behaviour.
@ -36,12 +22,7 @@ in
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Networking configuration (static IPs for each node is defined in node/*.nix) # Networking configuration (static IPs for each node is defined in node/*.nix)
networking.nameservers = [ "9.9.9.9" ]; networking.nameservers = [ "9.9.9.9" ];
networking.defaultGateway = {
address = "192.168.1.254";
interface = "eno1";
};
# Wireguard VPN configuration # Wireguard VPN configuration
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
@ -214,33 +195,12 @@ in
# List services that you want to enable: # List services that you want to enable:
# Enable Yggdrasil networking
services.yggdrasil.enable = true;
services.yggdrasil.persistentKeys = true;
services.yggdrasil.config = {
Listen = [
"tcp://0.0.0.0:54312"
];
Peers = [
"tcp://37.187.118.206:53102"
"tcp://192.168.1.21:54312"
"tcp://192.168.1.22:54312"
"tcp://192.168.1.23:54312"
];
MulticastInterfaces = [
"eno1"
];
};
# Enable network time # Enable network time
services.ntp.enable = true; services.ntp.enable = true;
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh.enable = true;
# Enable netdata monitoring
services.netdata.enable = true;
# Enable Hashicorp Consul & Nomad # Enable Hashicorp Consul & Nomad
services.consul.enable = true; services.consul.enable = true;
services.consul.extraConfig = services.consul.extraConfig =
@ -298,7 +258,6 @@ in
4646 4647 4648 # Nomad 4646 4647 4648 # Nomad
8500 8300 8301 8302 # Consul 8500 8300 8301 8302 # Consul
19999 # Netdata 19999 # Netdata
54312 # Yggdrasil
]; ];
networking.firewall.allowedUDPPorts = [ networking.firewall.allowedUDPPorts = [
4648 # Nomad 4648 # Nomad

View file

@ -3,6 +3,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "carcajou"; networking.hostName = "carcajou";
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
@ -12,15 +17,27 @@
prefixLength = 24; prefixLength = 24;
} }
]; ];
# networking.interfaces.eno1.ipv6.addresses = [ networking.defaultGateway = {
# { address = "192.168.1.254";
# address = "2a01:e0a:c:a720::22"; interface = "eno1";
# prefixLength = 64; };
# }
# ];
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
ips = [ "10.42.0.22/16" ]; ips = [ "10.42.0.22/16" ];
listenPort = 33722; listenPort = 33722;
}; };
# Enable netdata monitoring
services.netdata.enable = true;
# ----
nix = {
binaryCaches = [
"http://binarycache.home.adnab.me"
];
binaryCachePublicKeys = [
"binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
];
};
} }

View file

@ -3,6 +3,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "cariacou"; networking.hostName = "cariacou";
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
@ -12,15 +17,27 @@
prefixLength = 24; prefixLength = 24;
} }
]; ];
# networking.interfaces.eno1.ipv6.addresses = [ networking.defaultGateway = {
# { address = "192.168.1.254";
# address = "2a01:e0a:c:a720::21"; interface = "eno1";
# prefixLength = 64; };
# }
# ];
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
ips = [ "10.42.0.21/16" ]; ips = [ "10.42.0.21/16" ];
listenPort = 33721; listenPort = 33721;
}; };
# Enable netdata monitoring
services.netdata.enable = true;
# ----
nix = {
binaryCaches = [
"http://binarycache.home.adnab.me"
];
binaryCachePublicKeys = [
"binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
];
};
} }

View file

@ -3,6 +3,11 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.timeout = 20;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "caribou"; # Define your hostname. networking.hostName = "caribou"; # Define your hostname.
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
@ -12,12 +17,10 @@
prefixLength = 24; prefixLength = 24;
} }
]; ];
# networking.interfaces.eno1.ipv6.addresses = [ networking.defaultGateway = {
# { address = "192.168.1.254";
# address = "2a01:e0a:c:a720::23"; interface = "eno1";
# prefixLength = 64; };
# }
# ];
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
ips = [ "10.42.0.23/16" ]; ips = [ "10.42.0.23/16" ];
@ -27,6 +30,12 @@
# OR use USB modem plugged in here # OR use USB modem plugged in here
#networking.interfaces.enp0s20u1.useDHCP = true; #networking.interfaces.enp0s20u1.useDHCP = true;
# Enable netdata monitoring
services.netdata.enable = true;
# ----
# Enable nix-serve # Enable nix-serve
services.nix-serve = { services.nix-serve = {
enable = true; enable = true;