diff options
author | ADRN <adrien@luxeylab.net> | 2021-11-18 15:39:08 +0100 |
---|---|---|
committer | ADRN <adrien@luxeylab.net> | 2021-11-18 15:39:08 +0100 |
commit | a225d3bcbdfd8671da94968b3b4ebafc9769ae27 (patch) | |
tree | 6f66e4e96867758d04b41ae243d63cbd36d8bc16 | |
parent | b3c6816a1d1c8ae4f1894724ac6ae1877e9573ad (diff) | |
parent | 9d4973abcfd5aa86736955b4909a9c152c7f6c4e (diff) | |
download | nixcfg-a225d3bcbdfd8671da94968b3b4ebafc9769ae27.tar.gz nixcfg-a225d3bcbdfd8671da94968b3b4ebafc9769ae27.zip |
Merge branch 'main' of git.deuxfleurs.fr:Deuxfleurs/nixcfg into main
-rw-r--r-- | configuration.nix | 47 | ||||
-rw-r--r-- | node/carcajou.nix | 29 | ||||
-rw-r--r-- | node/cariacou.nix | 29 | ||||
-rw-r--r-- | node/caribou.nix | 21 |
4 files changed, 67 insertions, 59 deletions
diff --git a/configuration.nix b/configuration.nix index 65fa44b..dbdbd52 100644 --- a/configuration.nix +++ b/configuration.nix @@ -15,20 +15,6 @@ in ./node.nix ]; - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.timeout = 20; - boot.loader.efi.canTouchEfiVariables = true; - - nix = { - binaryCaches = [ - "http://binarycache.home.adnab.me" - ]; - binaryCachePublicKeys = [ - "binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw=" - ]; - }; - # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. @@ -36,12 +22,7 @@ in # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Networking configuration (static IPs for each node is defined in node/*.nix) - networking.nameservers = [ "9.9.9.9" ]; - networking.defaultGateway = { - address = "192.168.1.254"; - interface = "eno1"; - }; # Wireguard VPN configuration networking.wireguard.interfaces.wg0 = { @@ -59,6 +40,12 @@ in endpoint = "77.141.67.109:42136"; persistentKeepalive = 10; } + { # Robinson + publicKey = "ETaZFil3mFXlJ0LaJZyWqJVLV2IZUF5PB/8M7WbQSTg="; + allowedIPs = [ "10.42.0.42/32" ]; + endpoint = "77.141.67.109:33742"; + persistentKeepalive = 10; + } { # Shiki publicKey = "QUiUNMk70TEQ75Ut7Uqikr5uGVSXmx8EGNkGM6tANlg="; allowedIPs = [ "10.42.0.206/32" ]; @@ -214,33 +201,12 @@ in # List services that you want to enable: - # Enable Yggdrasil networking - services.yggdrasil.enable = true; - services.yggdrasil.persistentKeys = true; - services.yggdrasil.config = { - Listen = [ - "tcp://0.0.0.0:54312" - ]; - Peers = [ - "tcp://37.187.118.206:53102" - "tcp://192.168.1.21:54312" - "tcp://192.168.1.22:54312" - "tcp://192.168.1.23:54312" - ]; - MulticastInterfaces = [ - "eno1" - ]; - }; - # Enable network time services.ntp.enable = true; # Enable the OpenSSH daemon. services.openssh.enable = true; - # Enable netdata monitoring - services.netdata.enable = true; - # Enable Hashicorp Consul & Nomad services.consul.enable = true; services.consul.extraConfig = @@ -298,7 +264,6 @@ in 4646 4647 4648 # Nomad 8500 8300 8301 8302 # Consul 19999 # Netdata - 54312 # Yggdrasil ]; networking.firewall.allowedUDPPorts = [ 4648 # Nomad diff --git a/node/carcajou.nix b/node/carcajou.nix index 15e4395..0d12899 100644 --- a/node/carcajou.nix +++ b/node/carcajou.nix @@ -3,6 +3,11 @@ { config, pkgs, ... }: { + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.timeout = 20; + boot.loader.efi.canTouchEfiVariables = true; + networking.hostName = "carcajou"; networking.interfaces.eno1.useDHCP = false; @@ -12,15 +17,27 @@ prefixLength = 24; } ]; - # networking.interfaces.eno1.ipv6.addresses = [ - # { - # address = "2a01:e0a:c:a720::22"; - # prefixLength = 64; - # } - # ]; + networking.defaultGateway = { + address = "192.168.1.254"; + interface = "eno1"; + }; networking.wireguard.interfaces.wg0 = { ips = [ "10.42.0.22/16" ]; listenPort = 33722; }; + + # Enable netdata monitoring + services.netdata.enable = true; + + # ---- + + nix = { + binaryCaches = [ + "http://binarycache.home.adnab.me" + ]; + binaryCachePublicKeys = [ + "binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw=" + ]; + }; } diff --git a/node/cariacou.nix b/node/cariacou.nix index 9374744..bad08e8 100644 --- a/node/cariacou.nix +++ b/node/cariacou.nix @@ -3,6 +3,11 @@ { config, pkgs, ... }: { + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.timeout = 20; + boot.loader.efi.canTouchEfiVariables = true; + networking.hostName = "cariacou"; networking.interfaces.eno1.useDHCP = false; @@ -12,15 +17,27 @@ prefixLength = 24; } ]; - # networking.interfaces.eno1.ipv6.addresses = [ - # { - # address = "2a01:e0a:c:a720::21"; - # prefixLength = 64; - # } - # ]; + networking.defaultGateway = { + address = "192.168.1.254"; + interface = "eno1"; + }; networking.wireguard.interfaces.wg0 = { ips = [ "10.42.0.21/16" ]; listenPort = 33721; }; + + # Enable netdata monitoring + services.netdata.enable = true; + + # ---- + + nix = { + binaryCaches = [ + "http://binarycache.home.adnab.me" + ]; + binaryCachePublicKeys = [ + "binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw=" + ]; + }; } diff --git a/node/caribou.nix b/node/caribou.nix index 30b382e..b325739 100644 --- a/node/caribou.nix +++ b/node/caribou.nix @@ -3,6 +3,11 @@ { config, pkgs, ... }: { + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.timeout = 20; + boot.loader.efi.canTouchEfiVariables = true; + networking.hostName = "caribou"; # Define your hostname. networking.interfaces.eno1.useDHCP = false; @@ -12,12 +17,10 @@ prefixLength = 24; } ]; - # networking.interfaces.eno1.ipv6.addresses = [ - # { - # address = "2a01:e0a:c:a720::23"; - # prefixLength = 64; - # } - # ]; + networking.defaultGateway = { + address = "192.168.1.254"; + interface = "eno1"; + }; networking.wireguard.interfaces.wg0 = { ips = [ "10.42.0.23/16" ]; @@ -27,6 +30,12 @@ # OR use USB modem plugged in here #networking.interfaces.enp0s20u1.useDHCP = true; + + # Enable netdata monitoring + services.netdata.enable = true; + + # ---- + # Enable nix-serve services.nix-serve = { enable = true; |