os/hosts/droppie/networking.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

36 lines
1.1 KiB
Nix
Raw Normal View History

2023-10-19 18:55:56 +00:00
{
flake,
config,
pkgs,
2023-11-08 00:16:38 +00:00
lib,
2023-10-19 18:55:56 +00:00
...
}: {
networking.hostName = "droppie";
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault false;
networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault false;
networking.interfaces.enp2s0f1.useDHCP = lib.mkDefault false;
networking.interfaces.enp2s0f0 = {
ipv4.addresses = [ { address = "192.168.178.3"; prefixLength = 32; } ];
ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 128; } ];
2023-11-05 18:21:28 +00:00
};
age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-droppie.age";
2023-10-19 18:55:56 +00:00
# Allow pub.solar restic backups
services.openssh.allowSFTP = true;
2023-11-05 18:21:28 +00:00
pub-solar.wireguard-client = {
ownIPs = [
"10.0.1.3/32"
"fd00:b12f:acab:1312:acab:3::/96"
];
wireguardPrivateKeyFile = "/run/agenix/wg-private-key";
2023-10-19 18:55:56 +00:00
};
}