configuration
flake
hosts
_iso
aluminium
astatine
backup-4
beryllium
carbon
clerie-backup
dn42-il-gw1
dn42-il-gw5
dn42-il-gw6
dn42-ildix-clerie
dn42-ildix-service
gatekeeper
hydra-1
cache.nix.clerie.de
build-machines.nix
configuration.nix
hardware-configuration.nix
hydra.nix
nix-cache-key.pub
nix-cache.nix
secrets.json
ssh.pub
hydra-2
krypton
mail-2
monitoring-3
nonat
osmium
palladium
porter
storage-2
tungsten
web-2
zinc
lib
modules
pkgs
profiles
users
.gitignore
README.md
flake.lock
flake.nix
61 lines
1.2 KiB
Nix
61 lines
1.2 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
imports =
|
|
[
|
|
./hardware-configuration.nix
|
|
../../configuration/hydra-build-machine
|
|
|
|
./build-machines.nix
|
|
./hydra.nix
|
|
./nix-cache.nix
|
|
];
|
|
|
|
profiles.clerie.mercury-vm.enable = true;
|
|
|
|
boot.loader.grub.enable = true;
|
|
boot.loader.grub.device = "/dev/vda";
|
|
|
|
boot.binfmt.emulatedSystems = [
|
|
"armv6l-linux"
|
|
"armv7l-linux"
|
|
"aarch64-linux"
|
|
];
|
|
|
|
networking.useDHCP = false;
|
|
systemd.network.enable = true;
|
|
|
|
systemd.network.networks."10-wan" = {
|
|
matchConfig.Name = "ens18";
|
|
address = [
|
|
"2001:638:904:ffcb::a/64"
|
|
];
|
|
routes = [
|
|
{ Gateway = "2001:638:904:ffcb::1"; }
|
|
];
|
|
linkConfig.RequiredForOnline = "routable";
|
|
};
|
|
systemd.network.networks."10-nat-netz-mercury" = {
|
|
matchConfig.Name = "ens19";
|
|
address = [
|
|
"192.168.10.36/24"
|
|
];
|
|
routes = [
|
|
{ Gateway = "192.168.10.1"; }
|
|
];
|
|
linkConfig.RequiredForOnline = "routable";
|
|
};
|
|
|
|
services.nginx.enable = true;
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
|
|
clerie.monitoring = {
|
|
enable = true;
|
|
id = "210";
|
|
pubkey = "bA7b+vRlfvbGma74+Tz+FHGcRKPe+oAOfXmuqDR4+Sc=";
|
|
};
|
|
|
|
system.stateVersion = "22.11";
|
|
}
|