{ config, lib, ... }: let inherit (lib) mkOption; in { options = { procolix.vm = { name = mkOption { }; ip4 = mkOption { }; ip6 = mkOption { }; }; }; config = { services.openssh = { enable = true; settings.PasswordAuthentication = false; }; networking = { hostName = config.procolix.vm.name; domain = "procolix.com"; interfaces = { eth0 = { ipv4 = { addresses = [ { address = config.procolix.vm.ip4; prefixLength = 24; } ]; }; ipv6 = { addresses = [ { address = config.procolix.vm.ip6; prefixLength = 64; } ]; }; }; }; defaultGateway = { address = "185.206.232.1"; interface = "eth0"; }; defaultGateway6 = { address = "2a00:51c0:12:1201::1"; interface = "eth0"; }; nameservers = [ "95.215.185.6" "95.215.185.7" "2a00:51c0::5fd7:b906" "2a00:51c0::5fd7:b907" ]; firewall.enable = false; nftables = { enable = true; rulesetFile = ./nftables-ruleset.nft; }; }; }; }