From 4300a66aaf683fd452837c81c1f498c125e6664b Mon Sep 17 00:00:00 2001 From: Ember 'n0emis' Keske Date: Sat, 16 Jul 2022 21:32:14 +0200 Subject: [PATCH] bootstrap host yate --- flake.nix | 4 + hosts/yate/configuration.nix | 101 ++++++++++++++++++++++++++ hosts/yate/hardware-configuration.nix | 37 ++++++++++ hosts/yate/voip.nix | 23 ++++++ 4 files changed, 165 insertions(+) create mode 100644 hosts/yate/configuration.nix create mode 100644 hosts/yate/hardware-configuration.nix create mode 100644 hosts/yate/voip.nix diff --git a/flake.nix b/flake.nix index 24bcbaa..d1a186b 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,10 @@ deployment.targetHost = "nerd.bula22.de"; }; + yate = { ... }: { + deployment.targetHost = "yate.bula22.de"; + }; + pre-router = { config, pkgs, ... }: { deployment.targetHost = "lightbuffet.bula22.de"; deployment.keys = { diff --git a/hosts/yate/configuration.nix b/hosts/yate/configuration.nix new file mode 100644 index 0000000..75925e6 --- /dev/null +++ b/hosts/yate/configuration.nix @@ -0,0 +1,101 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ./voip.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "yate"; + + boot.kernel.sysctl = { + "net.ipv4.conf.all.forwarding" = true; + "net.ipv6.conf.all.forwarding" = true; + }; + + networking.useNetworkd = true; + systemd.network = { + networks."10-ens18" = { + matchConfig = { + Name = "ens18"; + }; + address = [ + "10.42.10.6/24" + "2a01:4f8:1c0c:8221::6/64" + ]; + gateway = [ + "10.42.10.1" + "2a01:4f8:1c0c:8221::1" + ]; + dns = [ + "10.42.10.8" + "2a01:4f8:1c0c:8221::8" + ]; + }; + + links."20-vlan132" = { + matchConfig.MACAddress = "4e:9e:f3:3e:ed:36"; + linkConfig.Name = "vlan132"; + }; + networks."20-vlan132" = { + matchConfig = { + Name = "vlan132"; + }; + address = [ "10.42.132.1/24" ]; + }; + + links."20-vlan133" = { + matchConfig.MACAddress = "86:3c:c7:51:c4:82"; + linkConfig.Name = "vlan133"; + }; + networks."20-vlan133" = { + matchConfig = { + Name = "vlan133"; + }; + address = [ "10.42.133.1/24" ]; + }; + }; + + services.kea.dhcp4 = { + settings = { + interfaces-config = { + interfaces = [ "vlan133" ]; + }; + subnet4 = [ + { + id = 133; + subnet = "10.42.133.1/24"; + pools = [ + { + pool = "10.42.133.100 - 10.42.133.240"; + } + ]; + option-data = [ + { + name = "routers"; + data = "10.42.133.1"; + } + { + name = "domain-name-servers"; + data = "10.42.10.8"; + } + ]; + } + ]; + }; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.05"; # Did you read the comment? + +} diff --git a/hosts/yate/hardware-configuration.nix b/hosts/yate/hardware-configuration.nix new file mode 100644 index 0000000..e0dd843 --- /dev/null +++ b/hosts/yate/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/c63fbce0-c409-4c1b-911c-25cd08cc7722"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/B481-41BF"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} + diff --git a/hosts/yate/voip.nix b/hosts/yate/voip.nix new file mode 100644 index 0000000..93f0529 --- /dev/null +++ b/hosts/yate/voip.nix @@ -0,0 +1,23 @@ +{ config, pkgs, lib, ... }: + +{ + services.fieldpoc = { + enable = true; + dhcp = { + enable = true; + interface = "vlan132"; + subnet = "10.42.132.0/24"; + pool = "10.42.132.200 - 10.42.132.250"; + router = "10.42.132.1"; + dnsServers = "10.42.10.8"; + omm = "10.42.132.11"; + reservations = [ + { + name = "rfp-01"; + macAddress = "00:30:42:1B:8C:7A"; + ipAddress = "10.42.132.11"; + } + ]; + }; + }; +}