fix(photoprism): fix network declaration

This commit is contained in:
Constantin Gierczak--Galle 2024-11-03 16:11:27 +01:00
parent d072b19c00
commit 697070ebf9
No known key found for this signature in database
2 changed files with 23 additions and 14 deletions

View file

@ -25,7 +25,11 @@ in
environment.systemPackages = with pkgs; [ neovim ]; environment.systemPackages = with pkgs; [ neovim ];
services.openssh.enable = true; services.openssh = {
enable = true;
settings = { PasswordAuthentication = false; };
};
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrijwPlb7KQkYPLznMPVzPPT69cLzhEsJzZi9tmxzTh cst1@x270" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrijwPlb7KQkYPLznMPVzPPT69cLzhEsJzZi9tmxzTh cst1@x270"
@ -34,22 +38,28 @@ in
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.defaults.email = "webmaster@nixos.org"; security.acme.defaults.email = "webmaster@nixos.org";
networking.firewall.allowedTCPPorts = [ 80 443 8007 ]; networking.firewall.allowedTCPPorts = [ 22 80 443 8007 ];
networking.firewall.allowedUDPPorts = [ ]; networking.firewall.allowedUDPPorts = [ ];
networking.useNetworkd = true; networking.useNetworkd = true;
systemd.network.networks."ens18" = { systemd.network = {
matchConfig.Name = "ens18"; config.routeTables = {
networkConfig = { he = 100;
DHCP = "ipv4"; mwan = 110;
};
networks = {
"10-ens18" = {
name = "ens18";
networkConfig = {
Description = "ENS uplink";
Address = [ "129.199.146.101/24" ];
Gateway = "129.199.146.254";
LLDP = true;
};
};
}; };
ipv4.addresses = [
{ address = address; }
];
gateway = "129.199.146.254";
# make routing on this interface a dependency for network-online.target
linkConfig.RequiredForOnline = "routable";
}; };
# NOTE: for now, we use internal ports # NOTE: for now, we use internal ports
@ -59,6 +69,5 @@ in
recommendedGzipSettings = true; recommendedGzipSettings = true;
}; };
system.stateVersion = "24.05"; system.stateVersion = "24.05";
} }

View file

@ -9,7 +9,7 @@
boot.kernelModules = [ ]; boot.kernelModules = [ ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault false;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
} }