2020-12-06 16:40:47 +01:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
imports =
|
|
|
|
|
[
|
|
|
|
|
./hardware-configuration.nix
|
|
|
|
|
../../configuration/common
|
2020-12-07 15:14:33 +01:00
|
|
|
../../configuration/router
|
2020-12-06 16:40:47 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
boot.kernelParams = [ "console=ttyS0,115200n8" ];
|
|
|
|
|
|
|
|
|
|
boot.loader.grub.enable = true;
|
|
|
|
|
boot.loader.grub.version = 2;
|
|
|
|
|
boot.loader.grub.device = "/dev/sda";
|
|
|
|
|
boot.loader.grub.extraConfig = "
|
|
|
|
|
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
|
|
|
|
|
terminal_input serial
|
|
|
|
|
terminal_output serial
|
|
|
|
|
";
|
|
|
|
|
|
|
|
|
|
networking.hostName = "carbon";
|
|
|
|
|
|
|
|
|
|
networking.useDHCP = false;
|
|
|
|
|
networking.interfaces.enp1s0.useDHCP = true;
|
|
|
|
|
|
2020-12-07 15:24:04 +01:00
|
|
|
networking.wireguard.enable = true;
|
|
|
|
|
networking.wireguard.interfaces = {
|
|
|
|
|
wg-gatekeeper = {
|
|
|
|
|
ips = [
|
|
|
|
|
"10.20.30.104/24"
|
2020-12-07 15:29:42 +01:00
|
|
|
"2a01:4f8:c0c:15f1::8104/113"
|
2020-12-07 15:24:04 +01:00
|
|
|
];
|
2020-12-07 15:26:35 +01:00
|
|
|
allowedIPsAsRoutes = false;
|
2020-12-07 15:24:04 +01:00
|
|
|
peers = [
|
|
|
|
|
{
|
|
|
|
|
allowedIPs = [
|
|
|
|
|
"0.0.0.0/0"
|
|
|
|
|
"::/0"
|
|
|
|
|
];
|
|
|
|
|
endpoint = "gatekeeper.net.clerie.de:51820";
|
|
|
|
|
publicKey = "2p1Jqs3bkXbXHFWE6vp1yxHIFoUaZQEARS2nJzbkuBA=";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
privateKeyFile = "/var/src/secrets/wireguard/wg-gatekeeper";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2020-12-06 16:40:47 +01:00
|
|
|
system.stateVersion = "21.03";
|
|
|
|
|
}
|
