2019-11-28 11:38:03 +01:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
2019-11-29 23:33:30 +01:00
|
|
|
let yggaddr = import ./yggaddr.nix;
|
|
|
|
in {
|
2019-11-28 11:38:03 +01:00
|
|
|
imports = [
|
|
|
|
<nixpkgs/nixos/modules/profiles/minimal.nix>
|
|
|
|
../../lib/hq.nix
|
2019-11-29 23:33:30 +01:00
|
|
|
../../lib/default-gateway.nix
|
2019-11-28 11:38:03 +01:00
|
|
|
../../lib/emery.nix
|
2019-11-29 23:33:30 +01:00
|
|
|
../../lib/yggdrasil.nix
|
2019-11-28 11:38:03 +01:00
|
|
|
./containers
|
|
|
|
./hardware-configuration.nix
|
|
|
|
./hydra.nix
|
2019-11-29 15:52:06 +01:00
|
|
|
./nix-serve.nix
|
2019-11-28 11:38:03 +01:00
|
|
|
];
|
|
|
|
|
2019-11-29 23:33:30 +01:00
|
|
|
# Route IPv6
|
|
|
|
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
|
|
|
# Obtain global IPv6 despite being a router myself
|
|
|
|
boot.kernel.sysctl."net.ipv6.conf.eth0.accept_ra" = 2;
|
|
|
|
|
|
|
|
services.yggdrasil = {
|
|
|
|
configFile = "/var/lib/yggdrasil/keys";
|
|
|
|
config.Peers = [
|
|
|
|
"tcp://[2a03:3b40:fe:ab::1]:46370" # Praha
|
|
|
|
"tcp://ygg.thingylabs.io:443" # Nürnberg
|
|
|
|
"tcp://176.223.130.120:22632" # Wrocław
|
|
|
|
"tcp://[2a05:9403::8b]:7743" # Praha
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
2019-11-28 11:38:03 +01:00
|
|
|
security.sudo.wheelNeedsPassword = false;
|
|
|
|
services.openssh = {
|
|
|
|
enable = true;
|
|
|
|
passwordAuthentication = false;
|
|
|
|
# DO NOT CHANGE, KINDERGARTEN IS OVER
|
|
|
|
};
|
|
|
|
|
|
|
|
programs.mosh.enable = true;
|
|
|
|
|
|
|
|
nix = {
|
|
|
|
package = pkgs.nixFlakes;
|
2019-11-29 15:52:06 +01:00
|
|
|
extraOptions = "experimental-features = nix-command flakes";
|
2019-11-28 11:38:03 +01:00
|
|
|
gc.automatic = true;
|
|
|
|
trustedUsers = [ "root" ];
|
2019-11-29 15:52:06 +01:00
|
|
|
buildMachines = [{
|
|
|
|
hostName = "hydra.hq.c3d2.de";
|
|
|
|
system = "x86_64-linux";
|
|
|
|
maxJobs = 2;
|
|
|
|
}];
|
2019-11-28 11:38:03 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
networking = {
|
2019-11-29 15:52:06 +01:00
|
|
|
firewall.enable = false;
|
2019-11-29 18:09:04 +01:00
|
|
|
hostName = "server7";
|
2019-11-28 11:38:03 +01:00
|
|
|
useDHCP = false;
|
2019-11-29 20:33:22 +01:00
|
|
|
bridges.br0.interfaces = [ "enp2s0f0" ];
|
2019-11-28 11:38:03 +01:00
|
|
|
interfaces = {
|
2019-11-29 20:33:22 +01:00
|
|
|
br0 = {
|
2019-11-28 11:38:03 +01:00
|
|
|
useDHCP = true;
|
2019-11-29 20:33:22 +01:00
|
|
|
preferTempAddress = false;
|
2019-11-28 11:38:03 +01:00
|
|
|
ipv4.addresses = [{
|
|
|
|
address = "172.22.99.245";
|
|
|
|
prefixLength = 24;
|
|
|
|
}];
|
2019-11-29 23:33:30 +01:00
|
|
|
ipv6.addresses = [{
|
|
|
|
address = yggaddr.prefix + ":1";
|
|
|
|
prefixLength = 64;
|
|
|
|
}];
|
2019-11-28 11:38:03 +01:00
|
|
|
};
|
|
|
|
enp2s0f1.useDHCP = false;
|
|
|
|
};
|
|
|
|
};
|
2019-11-29 23:33:30 +01:00
|
|
|
|
2019-11-28 11:38:03 +01:00
|
|
|
environment.systemPackages = with pkgs; [ tmux htop vim gitMinimal nixfmt ];
|
|
|
|
|
|
|
|
services.collectd = {
|
|
|
|
enable = true;
|
|
|
|
autoLoadPlugin = true;
|
|
|
|
extraConfig = ''
|
2019-11-29 22:20:19 +01:00
|
|
|
HostName "${config.networking.hostName}"
|
|
|
|
FQDNLookup false
|
2019-11-28 11:38:03 +01:00
|
|
|
Interval 10
|
2019-11-29 22:20:19 +01:00
|
|
|
|
|
|
|
LoadPlugin sensors
|
|
|
|
LoadPlugin memory
|
|
|
|
LoadPlugin irq
|
|
|
|
LoadPlugin thermal
|
|
|
|
LoadPlugin processes
|
|
|
|
LoadPlugin disk
|
|
|
|
LoadPlugin hddtemp
|
|
|
|
LoadPlugin df
|
|
|
|
LoadPlugin cpu
|
|
|
|
LoadPlugin cpufreq
|
|
|
|
LoadPlugin entropy
|
|
|
|
LoadPlugin load
|
|
|
|
LoadPlugin swap
|
|
|
|
LoadPlugin cgroups
|
|
|
|
LoadPlugin vmem
|
|
|
|
LoadPlugin interface
|
|
|
|
LoadPlugin network
|
2019-11-28 11:38:03 +01:00
|
|
|
<Plugin "network">
|
|
|
|
Server "grafana.hq.c3d2.de" "25826"
|
|
|
|
</Plugin>
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
boot.tmpOnTmpfs = true;
|
|
|
|
|
|
|
|
# Use the systemd-boot EFI boot loader.
|
|
|
|
boot.loader = {
|
|
|
|
systemd-boot.enable = true;
|
|
|
|
efi.canTouchEfiVariables = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Berlin";
|
|
|
|
|
|
|
|
system.stateVersion = "19.09"; # Did you read the comment?
|
|
|
|
}
|