{ flake, config, pkgs, lib, ... }: { networking.hostName = "droppie"; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. #networking.useDHCP = true; #networking.interfaces.enp2s0f0.useDHCP = true; #networking.interfaces.enp2s0f1.useDHCP = true; networking.useDHCP = false; networking.interfaces.enp2s0f0 = { ipv4.addresses = [ { address = "192.168.178.3"; prefixLength = 32; } ]; ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 128; } ]; }; age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-droppie.age"; # Allow pub.solar restic backups services.openssh.allowSFTP = true; pub-solar.wireguard-client = { ownIPs = [ "10.0.1.3/32" "fd00:b12f:acab:1312:acab:3::/96" ]; wireguardPrivateKeyFile = "/run/agenix/wg-private-key"; }; }