2024-01-02 00:31:55 +01:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
{
|
2024-01-12 02:22:05 +01:00
|
|
|
krz-router = {
|
|
|
|
|
enable = true;
|
|
|
|
|
enablePrimary = true;
|
2024-01-12 04:04:10 +01:00
|
|
|
routerId = 1;
|
2024-01-12 04:22:34 +01:00
|
|
|
virtualRouterId = 51;
|
2024-01-12 02:22:05 +01:00
|
|
|
vip = "129.199.146.230";
|
|
|
|
|
rip = "129.199.146.231";
|
|
|
|
|
trunkPort.macAddress = "92:E3:9C:CE:EF:14";
|
2024-01-12 04:22:34 +01:00
|
|
|
virtualNeighbors = [ 2 ];
|
2024-01-02 00:31:55 +01:00
|
|
|
};
|
|
|
|
|
|
2024-01-12 02:22:05 +01:00
|
|
|
# systemd.services."systemd-networkd".environment.SYSTEMD_LOG_LEVEL = "debug";
|
|
|
|
|
environment.systemPackages = [ pkgs.tcpdump pkgs.wireguard-tools ];
|
2024-01-02 00:31:55 +01:00
|
|
|
|
2024-01-12 02:22:05 +01:00
|
|
|
# Zone based firewall
|
2024-01-02 00:31:55 +01:00
|
|
|
|
2024-01-12 02:22:05 +01:00
|
|
|
# Flow accounting in PostgreSQL.
|
|
|
|
|
services.postgresql = {
|
|
|
|
|
enable = true;
|
|
|
|
|
ensureUsers = [];
|
|
|
|
|
};
|
|
|
|
|
# services.ulogd = {
|
|
|
|
|
# enable = true;
|
|
|
|
|
# settings = {
|
|
|
|
|
# };
|
|
|
|
|
# };
|
2024-01-02 00:31:55 +01:00
|
|
|
}
|
