feat(bridge02): Initialize and add instructions to the README

machines/bridge01/_configuration.nix

@@ -0,0 +1,20 @@
+{ lib, pkgs, ... }:
+
+lib.extra.mkConfig {
+  enabledModules = [
+    # List of modules to enable
+  ];
+
+  enabledServices = [
+    # List of services to enable
+    "network"
+  ];
+
+  extraConfig = {
+    services.netbird.enable = true;
+
+    environment.systemPackages = [ pkgs.bcachefs-tools ];
+  };
+
+  root = ./.;
+}

machines/bridge01/_hardware-configuration.nix

@@ -0,0 +1,53 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ modulesPath, pkgs, ... }:
+
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
+  boot = {
+    initrd = {
+      availableKernelModules = [
+        "xhci_pci"
+        "ehci_pci"
+        "ahci"
+        "sd_mod"
+        "sr_mod"
+      ];
+    };
+
+    kernelModules = [ "kvm-intel" ];
+    kernelPackages = pkgs.linuxPackages_latest;
+
+    supportedFilesystems.bcachefs = true;
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "UUID=3da58b64-a2fd-428d-bde8-3a185e2f73fd";
+      fsType = "bcachefs";
+      options = [ "compression=zstd" ];
+    };
+
+    "/boot" = {
+      device = "/dev/disk/by-uuid/4D0A-AF11";
+      fsType = "vfat";
+      options = [
+        "fmask=0022"
+        "dmask=0022"
+      ];
+    };
+  };
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vlan-admin.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vlan-uplink-oob.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = true;
+}

machines/bridge01/network.nix

@@ -0,0 +1,79 @@
+_:
+
+{
+  networking = {
+    useNetworkd = true;
+    useDHCP = false;
+
+    nftables.enable = true;
+    firewall.allowedUDPPorts = [ 67 ];
+  };
+
+  systemd.network = {
+    networks = {
+      "10-eno1" = {
+        name = "eno1";
+        networkConfig = {
+          VLAN = [
+            "vlan-admin"
+            "vlan-uplink-oob"
+          ];
+
+          LinkLocalAddressing = false;
+          LLDP = false;
+          EmitLLDP = false;
+          IPv6AcceptRA = false;
+          IPv6SendRA = false;
+        };
+        # address = [ "192.168.222.1/24" ];
+      };
+
+      "10-vlan-admin" = {
+        name = "vlan-admin";
+        # DHCP for the BMC
+        networkConfig.DHCPServer = "yes";
+
+        dhcpServerConfig = {
+          PoolOffset = 128;
+          EmitDNS = false;
+          EmitNTP = false;
+          EmitSIP = false;
+          EmitPOP3 = false;
+          EmitSMTP = false;
+          EmitLPR = false;
+          UplinkInterface = ":none";
+        };
+
+        address = [
+          "fd26:baf9:d250:8000::ffff/64"
+          "192.168.222.1/24"
+        ];
+      };
+
+      "10-vlan-uplink-oob" = {
+        name = "vlan-uplink-oob";
+        networkConfig.DHCP = "ipv4";
+      };
+    };
+
+    netdevs = {
+      "10-vlan-admin" = {
+        netdevConfig = {
+          Name = "vlan-admin";
+          Kind = "vlan";
+        };
+
+        vlanConfig.Id = 3000;
+      };
+
+      "10-vlan-uplink-oob" = {
+        netdevConfig = {
+          Name = "vlan-uplink-oob";
+          Kind = "vlan";
+        };
+
+        vlanConfig.Id = 500;
+      };
+    };
+  };
+}

machines/bridge01/secrets/secrets.nix

@@ -0,0 +1,5 @@
+let
+  lib = import ../../../lib { };
+in
+
+lib.setDefault { publicKeys = lib.getNodeKeys "bridge01"; } [ ]