Fediversity/infra/common/networking.nix

74 lines
1.4 KiB
Nix
Raw Normal View History

{ config, lib, ... }:
let
2024-11-20 16:48:36 +01:00
inherit (lib) mkOption mkDefault;
in
{
options = {
procolix.vm = {
name = mkOption { };
ip4 = mkOption { };
ip6 = mkOption { };
};
};
config = {
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
};
networking = {
hostName = config.procolix.vm.name;
domain = "procolix.com";
2024-11-20 15:51:09 +01:00
2024-11-20 16:48:36 +01:00
## REVIEW: Do we actually need that, considering that we have static IPs?
useDHCP = mkDefault true;
interfaces = {
eth0 = {
ipv4 = {
addresses = [
{
address = config.procolix.vm.ip4;
prefixLength = 24;
}
];
};
ipv6 = {
addresses = [
{
address = config.procolix.vm.ip6;
prefixLength = 64;
}
];
};
};
};
2024-11-20 15:51:09 +01:00
defaultGateway = {
address = "185.206.232.1";
interface = "eth0";
};
defaultGateway6 = {
address = "2a00:51c0:12:1201::1";
interface = "eth0";
};
2024-11-20 15:51:09 +01:00
nameservers = [
"95.215.185.6"
"95.215.185.7"
"2a00:51c0::5fd7:b906"
2024-11-21 11:32:48 +01:00
"2a00:51c0::5fd7:b907"
];
2024-11-20 15:51:09 +01:00
firewall.enable = false;
nftables = {
enable = true;
2024-11-20 15:51:09 +01:00
rulesetFile = ./nftables-ruleset.nft;
};
};
};
}