{ lib, ... }: let mkAddress = addr: let splitted = lib.splitString "/" addr; elemAt = builtins.elemAt splitted; in { address = (elemAt 0); prefixLength = lib.toInt (elemAt 1); }; in { networking = { hostName = "public-cof"; # Default IPv4 exit route defaultGateway = { address = ""; interface = "ens20"; }; localCommands = "ip route add default dev ens20 metric 10"; useDHCP = false; interfaces.ens18 = { useDHCP = true; ipv6.addresses = [{ address = "2001:470:1f13:187:c08e:feff:fe4d:f5f5"; prefixLength = 64; }]; }; interfaces.ens19 = { useDHCP = false; ipv4.addresses = [{ address = "10.1.1.21"; prefixLength = 22; }]; }; interfaces.ens20 = { # 1st is for public-cof # 2nd is for IPv4 → IPv6 proxy in v6proxy/ ipv4.addresses = map mkAddress [ "45.13.104.27/32" "45.13.104.29/32" ]; }; firewall.allowedTCPPorts = [ 22 ]; firewall.enable = true; }; services.nginx.defaultListenAddresses = [ "[::0]" "45.13.104.27" ]; }