m : init drop

author: makefu <github@syntax-fehler.de> 2016-08-21 01:24:50 +0200
committer: makefu <github@syntax-fehler.de> 2016-08-21 01:24:50 +0200
commit: ccf521e4a46fed3b4e2075a4ace7b9ed382d4b82 (patch)
tree: 54b3f65606f2c9ed490ff4ccad05413f712adb23 /makefu/1systems/drop.nix
parent: 08f1686dd30e5cace0713158e87d2c4bad27bddf (diff)
1 files changed, 40 insertions, 0 deletions
diff --git a/makefu/1systems/drop.nix b/makefu/1systems/drop.nix
new file mode 100644
index 00000000..4a94c3f6
--- /dev/null
+++ b/makefu/1systems/drop.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, ... }:
+let
+  external-ip = "45.55.145.62";
+  default-gw = "45.55.128.1";
+  prefixLength = 18;
+in {
+  imports = [
+      ../.
+      ../2configs/hw/CAC.nix
+      ../2configs/save-diskspace.nix
+      ../2configs/torrent.nix
+  ];
+  krebs = {
+    enable = true;
+    tinc.retiolum.enable = true;
+    build.host = config.krebs.hosts.drop;
+  };
+
+  boot.loader.grub.device = "/dev/vda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ];
+  fileSystems."/" = {
+    device = "/dev/vda1";
+    fsType = "ext4";
+  };
+
+  networking = {
+    firewall = {
+      allowPing = true;
+      logRefusedConnections = false;
+      allowedTCPPorts = [ ];
+      allowedUDPPorts = [ 655 ];
+    };
+    interfaces.enp0s3.ip4 = [{
+      address = external-ip;
+      inherit prefixLength;
+    }];
+    defaultGateway = default-gw;
+    nameservers = [ "8.8.8.8" ];
+  };
+}
author	makefu <github@syntax-fehler.de>	2016-08-21 01:24:50 +0200
committer	makefu <github@syntax-fehler.de>	2016-08-21 01:24:50 +0200
commit	ccf521e4a46fed3b4e2075a4ace7b9ed382d4b82 (patch)
tree	54b3f65606f2c9ed490ff4ccad05413f712adb23 /makefu/1systems/drop.nix
parent	08f1686dd30e5cace0713158e87d2c4bad27bddf (diff)