diff options
| author | Azat Bahawi <azat@bahawi.net> | 2022-08-12 22:53:53 +0300 |
|---|---|---|
| committer | Azat Bahawi <azat@bahawi.net> | 2022-08-12 22:53:53 +0300 |
| commit | 61b94f0dd06cac0f7dcd38cce80f2a7ab8376098 (patch) | |
| tree | b703a9fe11eae6c4cae4e4682f02caf0caa171d0 /configurations/yavanna/default.nix | |
2022-08-12
Diffstat (limited to 'configurations/yavanna/default.nix')
| -rw-r--r-- | configurations/yavanna/default.nix | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/configurations/yavanna/default.nix b/configurations/yavanna/default.nix new file mode 100644 index 0000000..b740da3 --- /dev/null +++ b/configurations/yavanna/default.nix @@ -0,0 +1,101 @@ +{ + config, + inputs, + lib, + this, + ... +}: +with lib; { + secrets = { + wireguard-private-key-yavanna.file = "${inputs.self}/secrets/wireguard-private-key-yavanna"; + + syncthing-cert-yavanna = with config.services.syncthing; { + file = "${inputs.self}/secrets/syncthing-cert-yavanna"; + owner = user; + inherit group; + }; + + syncthing-key-yavanna = with config.services.syncthing; { + file = "${inputs.self}/secrets/syncthing-key-yavanna"; + owner = user; + inherit group; + }; + }; + + nixfiles.modules = { + wireguard = { + privateKeyFile = config.secrets.wireguard-private-key-yavanna.path; + client.enable = true; + }; + + syncthing = with config.secrets; { + enable = true; + key = syncthing-key-yavanna.path; + cert = syncthing-cert-yavanna.path; + }; + + acme.enable = true; + + rtorrent = { + enable = true; + flood.enable = true; + }; + }; + + networking = let + interface = "eth0"; + in { + interfaces.${interface} = { + ipv4.addresses = [ + { + inherit (this.ipv4) address; + prefixLength = 24; + } + ]; + + ipv6.addresses = [ + { + inherit (this.ipv6) address; + prefixLength = 128; + } + ]; + }; + + defaultGateway = { + inherit interface; + address = this.ipv4.gateway; + }; + + defaultGateway6 = { + inherit interface; + address = this.ipv6.gateway; + }; + }; + + boot = { + loader.grub = { + enable = true; + device = "/dev/sda"; + }; + + initrd = { + availableKernelModules = ["uhci_hcd" "ahci"]; + kernelModules = ["nvme"]; + }; + }; + + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; + options = ["noatime"]; + }; + + swapDevices = [ + { + device = "/swapfile"; + size = 4 * 1024; + } + ]; + + system.stateVersion = "22.05"; +} |