about summary refs log tree commit diff
path: root/configurations/yavanna/default.nix
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2022-08-12 22:53:53 +0300
committerAzat Bahawi <azat@bahawi.net>2022-08-12 22:53:53 +0300
commit61b94f0dd06cac0f7dcd38cce80f2a7ab8376098 (patch)
treeb703a9fe11eae6c4cae4e4682f02caf0caa171d0 /configurations/yavanna/default.nix
2022-08-12
Diffstat (limited to '')
-rw-r--r--configurations/yavanna/default.nix101
1 files changed, 101 insertions, 0 deletions
diff --git a/configurations/yavanna/default.nix b/configurations/yavanna/default.nix
new file mode 100644
index 0000000..b740da3
--- /dev/null
+++ b/configurations/yavanna/default.nix
@@ -0,0 +1,101 @@
+{
+  config,
+  inputs,
+  lib,
+  this,
+  ...
+}:
+with lib; {
+  secrets = {
+    wireguard-private-key-yavanna.file = "${inputs.self}/secrets/wireguard-private-key-yavanna";
+
+    syncthing-cert-yavanna = with config.services.syncthing; {
+      file = "${inputs.self}/secrets/syncthing-cert-yavanna";
+      owner = user;
+      inherit group;
+    };
+
+    syncthing-key-yavanna = with config.services.syncthing; {
+      file = "${inputs.self}/secrets/syncthing-key-yavanna";
+      owner = user;
+      inherit group;
+    };
+  };
+
+  nixfiles.modules = {
+    wireguard = {
+      privateKeyFile = config.secrets.wireguard-private-key-yavanna.path;
+      client.enable = true;
+    };
+
+    syncthing = with config.secrets; {
+      enable = true;
+      key = syncthing-key-yavanna.path;
+      cert = syncthing-cert-yavanna.path;
+    };
+
+    acme.enable = true;
+
+    rtorrent = {
+      enable = true;
+      flood.enable = true;
+    };
+  };
+
+  networking = let
+    interface = "eth0";
+  in {
+    interfaces.${interface} = {
+      ipv4.addresses = [
+        {
+          inherit (this.ipv4) address;
+          prefixLength = 24;
+        }
+      ];
+
+      ipv6.addresses = [
+        {
+          inherit (this.ipv6) address;
+          prefixLength = 128;
+        }
+      ];
+    };
+
+    defaultGateway = {
+      inherit interface;
+      address = this.ipv4.gateway;
+    };
+
+    defaultGateway6 = {
+      inherit interface;
+      address = this.ipv6.gateway;
+    };
+  };
+
+  boot = {
+    loader.grub = {
+      enable = true;
+      device = "/dev/sda";
+    };
+
+    initrd = {
+      availableKernelModules = ["uhci_hcd" "ahci"];
+      kernelModules = ["nvme"];
+    };
+  };
+
+  fileSystems."/" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
+    options = ["noatime"];
+  };
+
+  swapDevices = [
+    {
+      device = "/swapfile";
+      size = 4 * 1024;
+    }
+  ];
+
+  system.stateVersion = "22.05";
+}

Consider giving Nix/NixOS a try! <3