From 697070ebf9318dd45290bd994af56240bb209454 Mon Sep 17 00:00:00 2001
From: Constantin Gierczak--Galle <git.cst1@mailbox.org>
Date: Sun, 3 Nov 2024 16:11:27 +0100
Subject: [PATCH] fix(photoprism): fix network declaration

---
 configuration.nix | 35 ++++++++++++++++++++++-------------
 hardware.nix      |  2 +-
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 33d1471..6f83f4a 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -25,7 +25,11 @@ in
 
   environment.systemPackages = with pkgs; [ neovim ];
 
-  services.openssh.enable = true;
+  services.openssh = {
+    enable = true;
+    settings = { PasswordAuthentication = false; };
+  };
+
   users.users.root.openssh.authorizedKeys.keys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrijwPlb7KQkYPLznMPVzPPT69cLzhEsJzZi9tmxzTh cst1@x270"
@@ -34,22 +38,28 @@ in
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "webmaster@nixos.org";
 
-  networking.firewall.allowedTCPPorts = [ 80 443 8007 ];
+  networking.firewall.allowedTCPPorts = [ 22 80 443 8007 ];
   networking.firewall.allowedUDPPorts = [ ];
 
   networking.useNetworkd = true;
 
-  systemd.network.networks."ens18" = {
-    matchConfig.Name = "ens18";
-    networkConfig = {
-      DHCP = "ipv4";
+  systemd.network = {
+    config.routeTables = {
+      he = 100;
+      mwan = 110;
+    };
+    networks = {
+      "10-ens18" = {
+        name = "ens18";
+
+        networkConfig = {
+          Description = "ENS uplink";
+          Address = [ "129.199.146.101/24" ];
+          Gateway = "129.199.146.254";
+          LLDP = true;
+        };
+      };
     };
-    ipv4.addresses = [
-      { address = address; }
-    ];
-    gateway = "129.199.146.254";
-    # make routing on this interface a dependency for network-online.target
-    linkConfig.RequiredForOnline = "routable";
   };
 
   # NOTE: for now, we use internal ports
@@ -59,6 +69,5 @@ in
     recommendedGzipSettings = true;
   };
 
-
   system.stateVersion = "24.05";
 }
diff --git a/hardware.nix b/hardware.nix
index 46f5e7f..51f6e9a 100644
--- a/hardware.nix
+++ b/hardware.nix
@@ -9,7 +9,7 @@
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
 
-  networking.useDHCP = lib.mkDefault true;
+  networking.useDHCP = lib.mkDefault false;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }