1a6f9ffb8f
We will focus on growing it for KlubRZ usecases first and then grow it into a proper external project called Hypervisor NixOS routers.
36 lines
800 B
Nix
36 lines
800 B
Nix
{ config, pkgs, lib, ... }:
|
|
{
|
|
krz-router = {
|
|
enable = true;
|
|
enablePrimary = true;
|
|
vip = "129.199.146.230";
|
|
rip = "129.199.146.231";
|
|
trunkPort.macAddress = "92:E3:9C:CE:EF:14";
|
|
};
|
|
|
|
# services.keepalived.enable = true;
|
|
# services.keepalived.vrrpInstances.wan = {
|
|
# interface = "swp";
|
|
# state = "MASTER";
|
|
# priority = 50;
|
|
# virtualIps = [{ addr = "129.199.146.230"; }];
|
|
# virtualRouterId = 1;
|
|
# };
|
|
|
|
|
|
# systemd.services."systemd-networkd".environment.SYSTEMD_LOG_LEVEL = "debug";
|
|
environment.systemPackages = [ pkgs.tcpdump pkgs.wireguard-tools ];
|
|
|
|
# Zone based firewall
|
|
|
|
# Flow accounting in PostgreSQL.
|
|
services.postgresql = {
|
|
enable = true;
|
|
ensureUsers = [];
|
|
};
|
|
# services.ulogd = {
|
|
# enable = true;
|
|
# settings = {
|
|
# };
|
|
# };
|
|
}
|