Add config for outpost

2025-06-10 22:51:08 -05:00 · 2025-06-10 22:51:08 -05:00 · 4ee0f79bc9
commit 4ee0f79bc9
parent 535b8c5230
5 changed files with 120 additions and 37 deletions
--- a/systems/outpost.nix
+++ b/systems/outpost.nix
@ -0,0 +1,80 @@
+{ pkgs, ... }: {
+  networking.hostName = "outpost";
+  networking.hostId = "373a7023";
+
+  imports = [
+    # Base Config
+    ../features/base.nix
+    ../features/headless.nix
+
+    # Features
+    ../features/tui-apps.nix
+    ../features/openssh-server.nix
+    ../features/virtualization/dockge.nix
+    ../features/virtualization/docker.nix
+
+    # Tweaks
+    ../tweaks/zfs.nix
+    ../tweaks/zram.nix
+    ../tweaks/enable_flakes.nix
+    ../tweaks/disable_firewall.nix
+    ../tweaks/systemd-resolved_nonsense.nix
+
+    # Dotspace
+    ../secrets/dotspace.nix
+
+    # Users
+    ../users/lauren_lagarde/lauren_lagarde.nix
+  ];
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Networking
+
+  networking.useNetworkd = true;
+
+  systemd.network = {
+    enable = true;
+    networks = {
+      "30-end0" = {
+        matchConfig.Name = "end0";
+        linkConfig = {
+          RequiredForOnline = "routable";
+        };
+        networkConfig = {
+          DHCP = "ipv4";
+          IPv6AcceptRA = true;
+        };
+      };
+
+      "90-tinc" = {
+        matchConfig.Name = "tinc.dotspace";
+        address = [ "10.86.84.106/32" ];
+        routes = [ { Destination = "10.86.84.0/24"; } ];
+      };
+    };
+  };
+
+  services.tinc.networks.dotspace = {
+    name = "outpost";
+    ed25519PrivateKeyFile = "/root/tinc/dotspace_ed25519_key.priv";
+
+    chroot = false;
+    settings.ConnectTo = [ "fortress" "stronghold" ];
+  };
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Services
+
+  # TODO: Put scripts into version control
+  services.cron = {
+    enable = true;
+    mailto = "";
+    systemCronJobs = [
+      "* * * * *	lauren_lagarde		/home/lauren_lagarde/bin/PublishStats > /dev/null"
+    ];
+  };
+}