2023-10-19 18:55:56 +00:00
|
|
|
{
|
|
|
|
flake,
|
|
|
|
config,
|
|
|
|
pkgs,
|
2023-11-08 00:16:38 +00:00
|
|
|
lib,
|
2023-10-19 18:55:56 +00:00
|
|
|
...
|
|
|
|
}: {
|
2023-11-07 23:09:49 +00:00
|
|
|
networking.hostName = "droppie";
|
|
|
|
|
2023-11-08 00:16:00 +00:00
|
|
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
|
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
|
|
# still possible to use this option, but it's recommended to use it in conjunction
|
|
|
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
|
|
networking.useDHCP = lib.mkDefault false;
|
|
|
|
networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault false;
|
|
|
|
networking.interfaces.enp2s0f1.useDHCP = lib.mkDefault false;
|
|
|
|
|
2023-11-05 18:46:52 +00:00
|
|
|
networking.interfaces.enp2s0f0 = {
|
2023-11-07 23:09:49 +00:00
|
|
|
ipv4.addresses = [ { address = "192.168.178.3"; prefixLength = 32; } ];
|
|
|
|
ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 128; } ];
|
2023-11-05 18:21:28 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-droppie.age";
|
2023-10-19 18:55:56 +00:00
|
|
|
|
2023-11-06 21:32:44 +00:00
|
|
|
# Allow pub.solar restic backups
|
|
|
|
services.openssh.allowSFTP = true;
|
|
|
|
|
2023-11-05 18:21:28 +00:00
|
|
|
pub-solar.wireguard-client = {
|
|
|
|
ownIPs = [
|
|
|
|
"10.0.1.3/32"
|
|
|
|
"fd00:b12f:acab:1312:acab:3::/96"
|
|
|
|
];
|
|
|
|
wireguardPrivateKeyFile = "/run/agenix/wg-private-key";
|
2023-10-19 18:55:56 +00:00
|
|
|
};
|
|
|
|
}
|