2024-07-29 15:22:47 +02:00
|
|
|
{ config, pkgs, lib, values, ... }:
|
2022-12-17 21:51:43 +01:00
|
|
|
{
|
|
|
|
imports = [
|
|
|
|
# Include the results of the hardware scan.
|
|
|
|
./hardware-configuration.nix
|
|
|
|
../../base.nix
|
2022-12-19 22:56:42 +01:00
|
|
|
../../misc/metrics-exporters.nix
|
2022-12-20 00:26:29 +01:00
|
|
|
|
2024-04-21 23:36:25 +02:00
|
|
|
./services/monitoring
|
2022-12-20 00:26:29 +01:00
|
|
|
./services/nginx
|
2022-12-17 21:51:43 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
sops.defaultSopsFile = ../../secrets/ildkule/ildkule.yaml;
|
|
|
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
|
|
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
|
|
|
|
sops.age.generateKey = true;
|
|
|
|
|
2024-04-21 23:36:25 +02:00
|
|
|
boot.loader.grub.device = "/dev/vda";
|
|
|
|
boot.tmp.cleanOnBoot = true;
|
|
|
|
zramSwap.enable = true;
|
2022-12-17 21:51:43 +01:00
|
|
|
|
2024-07-29 15:22:47 +02:00
|
|
|
# Openstack Neutron and systemd-networkd are not best friends, use something else:
|
|
|
|
systemd.network.enable = lib.mkForce false;
|
|
|
|
networking = let
|
|
|
|
hostConf = values.hosts.ildkule;
|
|
|
|
in {
|
|
|
|
hostName = "ildkule";
|
|
|
|
tempAddresses = "disabled";
|
|
|
|
useDHCP = lib.mkForce true;
|
|
|
|
|
|
|
|
search = values.defaultNetworkConfig.domains;
|
|
|
|
nameservers = values.defaultNetworkConfig.dns;
|
|
|
|
defaultGateway.address = hostConf.ipv4_internal_gw;
|
|
|
|
|
|
|
|
interfaces."ens4" = {
|
|
|
|
ipv4.addresses = [
|
|
|
|
{ address = hostConf.ipv4; prefixLength = 32; }
|
|
|
|
{ address = hostConf.ipv4_internal; prefixLength = 24; }
|
|
|
|
];
|
|
|
|
ipv6.addresses = [
|
|
|
|
{ address = hostConf.ipv6; prefixLength = 64; }
|
|
|
|
];
|
|
|
|
};
|
2022-12-17 21:51:43 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
# List packages installed in system profile
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
];
|
|
|
|
|
2024-04-21 23:36:25 +02:00
|
|
|
system.stateVersion = "23.11"; # Did you read the comment?
|
2022-12-17 21:51:43 +01:00
|
|
|
|
|
|
|
}
|