forked from DGNum/infrastructure
Tom Hubrecht
88d9b8c3e3
Signed-off-by: Tom Hubrecht <tom.hubrecht@dgnum.eu> Acked-by: Ryan Lahfa <ryan.lahfa@dgnum.eu> Acked-by: Maurice Debray <maurice.debray@dgnum.eu> Acked-by: Lubin Bailly <lubin.bailly@dgnum.eu> Acked-by: Jean-Marc Gailis <jean-marc.gailis@dgnum.eu> as the legal authority, at the time of writing, in DGNum. Acked-by: Elias Coppens <elias.coppens@dgnum.eu> as a member, at the time of writing, of the DGNum executive counsel.
49 lines
1.4 KiB
Nix
49 lines
1.4 KiB
Nix
# SPDX-FileCopyrightText: 2024 Ryan Lahfa <ryan.lahfa@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{
|
|
config,
|
|
pkgs,
|
|
modulesPath,
|
|
...
|
|
}:
|
|
let
|
|
svc = config.system.service;
|
|
in
|
|
{
|
|
defaultProfile.packages = with pkgs; [
|
|
# Levitate enable us to mass-reinstall the system on the fly.
|
|
(levitate.override {
|
|
config = {
|
|
imports = [
|
|
"${modulesPath}/network"
|
|
"${modulesPath}/ssh"
|
|
"${modulesPath}/hardware.nix"
|
|
"${modulesPath}/kernel"
|
|
"${modulesPath}/outputs/tftpboot.nix"
|
|
"${modulesPath}/outputs.nix"
|
|
];
|
|
nixpkgs.buildPlatform = builtins.currentSystem;
|
|
services = {
|
|
# In this situation, we fallback to the appro VLAN.
|
|
# TODO: add support for the admin VLAN.
|
|
# Simplest DHCPv4 we can find.
|
|
dhcpv4 = svc.network.dhcp.client.build {
|
|
interface = config.hardware.networkInterfaces.lan;
|
|
};
|
|
inherit (config.services) sshd;
|
|
defaultroute4 = svc.network.route.build {
|
|
via = "$(output ${config.services.dhcpv4} router)";
|
|
target = "default";
|
|
dependencies = [ config.services.dhcpv4 ];
|
|
};
|
|
};
|
|
|
|
defaultProfile.packages = [ mtdutils ];
|
|
# Only keep root, which should inherit from DGN access control's root permissions.
|
|
users.root = config.users.root;
|
|
};
|
|
})
|
|
];
|
|
}
|