agares: use as router
This commit is contained in:
parent
572d813eed
commit
b6d36100b7
SSH key fingerprint:
SHA256:bFAjFH3hR8zRBaJjzQDjc3o4jqoq5EZ87l+KXEjxIz0
13 changed files with 640 additions and 76 deletions
|
|
@ -1,18 +1,45 @@
|
|||
{ config
|
||||
, pkgs
|
||||
, lib
|
||||
, modulesPath
|
||||
, pkgs
|
||||
, ...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
./ddns.nix
|
||||
./dns.nix
|
||||
./firewall.nix
|
||||
../modules/profiles/server.nix
|
||||
./hardware-configuration.nix
|
||||
./network.nix
|
||||
./ntp.nix
|
||||
./ppp.nix
|
||||
];
|
||||
|
||||
# to be able to use qemu from substituter
|
||||
environment.noXlibs = false;
|
||||
fileSystems."/" = {
|
||||
device = "/dev/sda1";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=root" ];
|
||||
};
|
||||
|
||||
# libvirtd
|
||||
security.polkit.enable = true;
|
||||
#fileSystems."/nix/store" = {
|
||||
# device = "/dev/sda1";
|
||||
# fsType = "btrfs";
|
||||
# options = [ "subvol=/root/nix" "noatime" ];
|
||||
#};
|
||||
|
||||
fileSystems."/swap" = {
|
||||
device = "/dev/sda1";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=/root/swap" "noatime" ];
|
||||
};
|
||||
|
||||
#swapDevices = [{
|
||||
# device = "/swap/swapfile";
|
||||
# size = 32 * 1024; # 32 GByte
|
||||
#}];
|
||||
|
||||
hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware;
|
||||
|
||||
dadada = {
|
||||
admin.enable = true;
|
||||
|
|
@ -23,9 +50,17 @@
|
|||
networking.hostName = "agares";
|
||||
networking.domain = "bs.dadada.li";
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
|
||||
# Use the GRUB 2 boot loader.
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.extraConfig = "
|
||||
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
|
||||
terminal_input serial
|
||||
terminal_output serial
|
||||
";
|
||||
|
||||
boot.kernelParams = [
|
||||
"console=ttyS0,115200"
|
||||
|
|
@ -41,46 +76,15 @@
|
|||
"vfio_virqfd"
|
||||
];
|
||||
|
||||
networking.vlans = {
|
||||
lan = {
|
||||
id = 11;
|
||||
interface = "enp1s0";
|
||||
};
|
||||
backup = {
|
||||
id = 13;
|
||||
interface = "enp1s0";
|
||||
};
|
||||
};
|
||||
|
||||
networking.bridges = {
|
||||
"br-lan" = {
|
||||
interfaces = [ "lan" ];
|
||||
};
|
||||
"br-backup" = {
|
||||
interfaces = [ "backup" ];
|
||||
};
|
||||
};
|
||||
|
||||
networking.interfaces.enp1s0.useDHCP = true;
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedTCPPorts = [
|
||||
22 # SSH
|
||||
];
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
flashrom
|
||||
dmidecode
|
||||
tcpdump
|
||||
];
|
||||
|
||||
# Running router VM. They have to be restarted in the right order, so network comes up cleanly. Not ideal.
|
||||
system.autoUpgrade.allowReboot = false;
|
||||
|
||||
system.stateVersion = "22.05";
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue