{ config, pkgs, lib, ... }:
let yggaddr = import ./yggaddr.nix;
in {
imports = [
c3d2 = {
isInHq = true;
mapHqHosts = true;
hq = {
interface = "br0";
statistics.enable = true;
# Route IPv6
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
# Obtain global IPv6 despite being a router myself
boot.kernel.sysctl."net.ipv6.conf.eth0.accept_ra" = 2;
services.yggdrasil = {
configFile = "/var/lib/yggdrasil/keys";
config.Peers = [
"tcp://[2a03:3b40:fe:ab::1]:46370" # Praha
"tcp://" # Nürnberg
"tcp://" # Wrocław
"tcp://[2a05:9403::8b]:7743" # Praha
security.sudo.wheelNeedsPassword = false;
services.openssh = {
enable = true;
passwordAuthentication = false;
programs.mosh.enable = true;
nix = {
package = pkgs.nixFlakes;
extraOptions = "experimental-features = nix-command flakes ca-references";
gc.automatic = true;
distributedBuilds = true;
buildMachines = [
hostName = "localhost";
system = "x86_64-linux";
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 8;
hostName = "hydra.hq";
system = "x86_64-linux";
sshUser = "buildfarmer";
sshKey = "/etc/hydra.id_ed25519"; # shit is dumb
virtualisation.docker.enable = true;
networking = {
firewall.enable = false;
hostName = "server7";
useDHCP = false;
bridges.br0.interfaces = [ "enp2s0f0" ];
interfaces = {
br0 = {
useDHCP = true;
preferTempAddress = false;
ipv4.addresses = [{
address = "";
prefixLength = 24;
ipv6.addresses = [{
address = yggaddr.prefix + ":1";
prefixLength = 64;
enp2s0f1.useDHCP = false;
environment.systemPackages = with pkgs; [ tmux htop vim gitMinimal nixfmt ];
services.collectd.extraConfig = ''
LoadPlugin sensors
LoadPlugin memory
LoadPlugin irq
LoadPlugin thermal
LoadPlugin processes
LoadPlugin disk
LoadPlugin hddtemp
LoadPlugin df
LoadPlugin cpu
LoadPlugin cpufreq
LoadPlugin entropy
LoadPlugin load
LoadPlugin swap
LoadPlugin cgroups
LoadPlugin vmem
LoadPlugin interface
boot.tmpOnTmpfs = true;
# Use the systemd-boot EFI boot loader.
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
time.timeZone = "Europe/Berlin";
system.stateVersion = "19.09"; # Did you read the comment?