{ config, pkgs, lib, ... }: let user = config.makefu.gui.user; primaryIP = "192.168.8.11"; in { imports = [ # Include the results of the hardware scan. ./nuc # # # # # # # ## no need for dns logs anymore # # Services # # Sensors # # # # { environment.systemPackages = [ pkgs.vlc ]; } # new hass entry point # # #mpd is only used for TTS, this is the web interface (let collectd-port = 25826; influx-port = 8086; admin-port = 8083; grafana-port = 3000; # TODO nginx forward db = "collectd_db"; logging-interface = "enp0s25"; in { networking.firewall.allowedTCPPorts = [ 3000 influx-port admin-port ]; services.grafana.enable = true; services.grafana.addr = "0.0.0.0"; services.influxdb.enable = true; services.influxdb.extraConfig = { meta.hostname = config.krebs.build.host.name; # meta.logging-enabled = true; http.bind-address = ":${toString influx-port}"; admin.bind-address = ":${toString admin-port}"; collectd = [{ enabled = true; typesdb = "${pkgs.collectd}/share/collectd/types.db"; database = db; bind-address = ":${toString collectd-port}"; }]; }; networking.firewall.extraCommands = '' iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT ''; }) # temporary # ]; krebs = { enable = true; build.host = config.krebs.hosts.wbob; }; networking.firewall.allowedUDPPorts = [ 655 ]; networking.firewall.allowedTCPPorts = [ 655 8081 #smokeping 49152 ]; networking.firewall.trustedInterfaces = [ "enp0s25" ]; #services.tinc.networks.siem = { # name = "display"; # extraConfig = '' # ConnectTo = sjump # Port = 1655 # ''; #}; boot.kernelPackages = pkgs.linuxPackages_latest; # rt2870.bin wifi card, part of linux-unfree hardware.enableRedistributableFirmware = true; nixpkgs.config.allowUnfree = true; # rt2870 with nonfree creates wlp2s0 from wlp0s20u2 # not explicitly setting the interface results in wpa_supplicant to crash networking.interfaces.virbr1.ipv4.addresses = [{ address = "10.8.8.11"; prefixLength = 24; }]; # nuc hardware }