48 lines
1.4 KiB
Nix
48 lines
1.4 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
let
|
|
meta = import ../../meta;
|
|
plessur-net = meta.network.physical-networks.plessur;
|
|
montalin-net = plessur-net.dmz.hosts.montalin;
|
|
in {
|
|
networking.hostName = "montalin"; # Define your hostname.
|
|
|
|
networking.useDHCP = false;
|
|
networking.interfaces.eno1 = {
|
|
ipv4.addresses = [{
|
|
address = montalin-net.v4.ip;
|
|
prefixLength = plessur-net.dmz.v4.bitmask;
|
|
}];
|
|
};
|
|
networking.interfaces.wlp1s0.useDHCP = true;
|
|
|
|
networking.defaultGateway = plessur-net.dmz.v4.gateway;
|
|
networking.nameservers = plessur-net.dmz.v4.nameservers;
|
|
|
|
# Configure network proxy if necessary
|
|
# networking.proxy.default = "http://user:password@proxy:port/";
|
|
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
|
networking.firewall.allowedUDPPorts =
|
|
[ meta.network.virtual.mgmt.server.port ];
|
|
|
|
services.qois.luks-ssh = {
|
|
enable = true;
|
|
interface = "eno1";
|
|
ip = montalin-net.v4.ip;
|
|
netmask = "255.255.255.0";
|
|
gateway = plessur-net.dmz.v4.gateway;
|
|
sshPort = 2222;
|
|
};
|
|
|
|
networking.wireguard.enable = true;
|
|
networking.wireguard.interfaces = let
|
|
network = meta.network.virtual;
|
|
networkName = "mgmt";
|
|
in {
|
|
"wg-${networkName}" =
|
|
pkgs.lib.qois.wireguard.makeInterface config.networking.hostName
|
|
networkName network.${networkName};
|
|
};
|
|
}
|