{ hostRegistry, config, pkgs, lib, strings, ... }: let eth0 = "ens18"; in { imports = [ ./hardware-configuration.nix ./streamdump.nix ]; c3d2 = { k-ot.enable = true; isInHq = true; mergeHostsFile = true; hq.interface = eth0; mountCeph = "/mnt/cephfs"; }; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; boot = { kernelPackages = pkgs.linuxPackages_latest; loader = { efi.canTouchEfiVariables = true; grub = { enable = true; version = 2; efiSupport = true; devices = [ "nodev" ]; }; }; }; systemd.enableEmergencyMode = false; networking = { hostName = "storage-ng"; # usePredictableInterfacenames = false; interfaces."${eth0}" = { ipv4.addresses = [{ address = config.c3d2.hosts.${config.networking.hostName}.ip4; prefixLength = 24; }]; ipv6.addresses = [{ address = config.c3d2.hosts.${config.networking.hostName}.ip6; prefixLength = 64; }]; }; defaultGateway = { address = "172.22.99.4"; interface = eth0; }; nameservers = [ hostRegistry.hosts.dnscache.ip4 hostRegistry.hosts.dnscache.ip6 "9.9.9.9" ]; firewall.enable = false; }; environment.systemPackages = with pkgs; [ screen zsh lftp lsof psmisc git-annex mpv iotop ]; programs = { bash.enableCompletion = true; mtr.enable = true; }; services = { atftpd = { enable = true; root = "/mnt/cephfs/c3d2/tftp"; }; openssh = { enable = true; allowSFTP = true; }; samba = { enable = true; enableNmbd = true; extraConfig = '' workgroup = HQ server string = storage netbios name = storage hosts allow = 172.20.0.0/14 127.0.0.0/8 ::1/128 fe80::/64 fd23:42:c3d2:500::/56 2a00:8180:2c00:200::/56 hosts deny = 0.0.0.0/0 security = user guest account = nobody map to guest = bad user smb encrypt = required ntlm auth = yes passdb backend = smbpasswd server smb encrypt = desired ''; shares = { c3d2 = { path = "/mnt/cephfs/c3d2"; browseable = "yes"; writable = "yes"; "valid users" = "k-ot"; "guest ok" = "no"; "create mode" = "0666"; "directory mode" = "0777"; }; }; }; }; system.stateVersion = "19.03"; # Did you read the comment? }