80 lines
		
	
	
	
		
			2.5 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
			
		
		
	
	
			80 lines
		
	
	
	
		
			2.5 KiB
		
	
	
	
		
			Nix
		
	
	
	
	
	
| { inputs, self, pkgs, pkgs-unstable, ... }: {
 | |
|   networking.hostName = "stronghold";
 | |
|   networking.hostId = "c581a1cd";
 | |
| 
 | |
|   imports = [
 | |
|     inputs.disko.nixosModules.default
 | |
|     inputs.lix-module.nixosModules.default
 | |
|     inputs.home-manager.nixosModules.home-manager
 | |
| 
 | |
|     # Core Features
 | |
|     ../../nixos/features/base.nix
 | |
|     ../../nixos/features/tui-apps.nix
 | |
|     ../../nixos/features/openssh-server.nix
 | |
| 
 | |
|     # Core Tweaks
 | |
|     ../../nixos/tweaks/zram.nix
 | |
|     ../../nixos/tweaks/enable_flakes.nix
 | |
|     ../../nixos/tweaks/disable_nixos_user.nix
 | |
|     ../../nixos/tweaks/systemd-resolved_nonsense.nix
 | |
| 
 | |
|     # Lauren Base
 | |
|     ../../users/lauren_lagarde/lauren_lagarde.nix
 | |
| 
 | |
|     # Dotspace
 | |
|     ../../secrets/dotspace.nix
 | |
|     ../../nixos/features/stronghold-binary-cache.nix
 | |
| 
 | |
|     # Docker Host Stuff
 | |
|     ../../nixos/tweaks/disable_firewall.nix
 | |
|     ../../nixos/features/virtualization/docker.nix
 | |
|     ../../nixos/features/virtualization/dockge.nix
 | |
| 
 | |
|     # UEFI SSH ZFS
 | |
|     #../../nixos/tweaks/zfs.nix
 | |
|     #../../nixos/features/initrd-ssh.nix
 | |
|     #../../nixos/features/virtualization/libvirt-guest-uefi.nix
 | |
| 
 | |
|     #../../nixos/disko/libvirt/uefi-zfs-base.nix
 | |
|     #../../nixos/disko/libvirt/zfs-encrypted.nix
 | |
|   ];
 | |
| 
 | |
|   ##############################################################################
 | |
|   ##############################################################################
 | |
|   ##############################################################################
 | |
|   # Networking
 | |
| 
 | |
|   # To generate keys:
 | |
|   # sudo mkdir -p /root/wireguard && wg genkey | sudo tee /root/wireguard/dotspace.priv | wg pubkey
 | |
|   networking.wireguard.enable = true;
 | |
|   networking.wireguard.interfaces."wg.dotspace" = {
 | |
|     ips = [ "10.13.13.2" ];
 | |
|     listenPort = 51820;
 | |
|     privateKeyFile = "/root/wireguard/dotspace.priv";
 | |
|   };
 | |
| 
 | |
|   systemd.network = {
 | |
|     networks = {
 | |
|       "90-tinc-dotspace" = {
 | |
|         matchConfig.Name = "tinc.dotspace";
 | |
|         address = [ "10.86.84.3/32" ];
 | |
|         routes = [ { Destination = "10.86.84.0/24"; } ];
 | |
|       };
 | |
|     };
 | |
|   };
 | |
| 
 | |
|   # To Generate Keys:
 | |
|   # sudo tinc -b -n dotspace generate-ed25519-keys; cat /etc/tinc/dotspace/hosts/$(hostname) | grep "^Ed"
 | |
|   services.tinc.networks.dotspace = {
 | |
|     name = "stronghold";
 | |
|     ed25519PrivateKeyFile = "/etc/tinc/dotspace/ed25519_key.priv";
 | |
| 
 | |
|     chroot = false;
 | |
|     settings.ConnectTo = [ "fortress" "citadel" ];
 | |
|   };
 | |
| 
 | |
|   ##############################################################################
 | |
|   ##############################################################################
 | |
|   ##############################################################################
 | |
|   # Services
 | |
| }
 |