makefu/1systems/drop/config.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

{ config, pkgs, ... }:
let
  external-ip = "45.55.145.62";
  default-gw = "45.55.128.1";
  prefixLength = 18;
in {
  imports = [
      <stockholm/makefu>
      <stockholm/makefu/2configs/hw/CAC.nix>
      <stockholm/makefu/2configs/save-diskspace.nix>
      <stockholm/makefu/2configs/torrent.nix>
  ];
  krebs = {
    enable = true;
    tinc.retiolum.enable = true;
    build.host = config.krebs.hosts.drop;
  };

  boot.loader.grub.device = "/dev/vda";
  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ];
  fileSystems."/" = {
    device = "/dev/vda1";
    fsType = "ext4";
  };

  networking = {
    firewall = {
      allowPing = true;
      logRefusedConnections = false;
      allowedTCPPorts = [ ];
      allowedUDPPorts = [ 655 ];
    };
    interfaces.enp0s3.ipv4.addresses = [{
      address = external-ip;
      inherit prefixLength;
    }];
    defaultGateway = default-gw;
    nameservers = [ "8.8.8.8" ];
  };
}