rm BOQ
This commit is contained in:
parent
60ff7b5e8e
commit
a36419634f
6 changed files with 0 additions and 486 deletions
|
@ -1,56 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
users,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./hardware-configuration.nix
|
|
||||||
./router.nix
|
|
||||||
./net_config.nix
|
|
||||||
(users.root { ssh = true; })
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
|
||||||
boot.supportedFilesystems = [ "bcachefs" ];
|
|
||||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
|
||||||
|
|
||||||
time.timeZone = "Europe/Paris";
|
|
||||||
|
|
||||||
i18n.defaultLocale = "en_US.UTF-8";
|
|
||||||
console = {
|
|
||||||
font = "Lat2-Terminus16";
|
|
||||||
keyMap = "fr";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.dbus.packages = with pkgs; [ dconf ];
|
|
||||||
|
|
||||||
programs.zsh.enable = true;
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
wget
|
|
||||||
brightnessctl
|
|
||||||
nix-search-cli
|
|
||||||
git
|
|
||||||
btop
|
|
||||||
ranger
|
|
||||||
dnsmasq
|
|
||||||
screen
|
|
||||||
];
|
|
||||||
|
|
||||||
programs.gnupg.agent = {
|
|
||||||
enable = true;
|
|
||||||
enableSSHSupport = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.openssh.enable = true;
|
|
||||||
|
|
||||||
networking.firewall.enable = false;
|
|
||||||
networking.useDHCP = false;
|
|
||||||
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
}
|
|
|
@ -1,50 +0,0 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
modulesPath,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [
|
|
||||||
"xhci_pci"
|
|
||||||
"ehci_pci"
|
|
||||||
"ahci"
|
|
||||||
"usbhid"
|
|
||||||
"usb_storage"
|
|
||||||
"sd_mod"
|
|
||||||
];
|
|
||||||
boot.initrd.kernelModules = [ ];
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "/dev/disk/by-uuid/b56a6a08-60e7-4997-9f7b-05c58006e730";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/3975-DEB6";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [ { device = "/dev/disk/by-uuid/b196b10b-5480-49b9-a6fb-ed2f21850815"; } ];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.enp3s2.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
||||||
}
|
|
|
@ -1,168 +0,0 @@
|
||||||
distant-users-id:
|
|
||||||
{
|
|
||||||
pkgs,
|
|
||||||
lib,
|
|
||||||
users,
|
|
||||||
mods,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
<nixos/nixos/modules/installer/netboot/netboot.nix>
|
|
||||||
<nixos/nixos/modules/installer/cd-dvd/channel.nix>
|
|
||||||
<home-manager/nixos>
|
|
||||||
(users.root { ssh = true; })
|
|
||||||
];
|
|
||||||
system.stateVersion = "23.11";
|
|
||||||
networking = {
|
|
||||||
hostName = "net-bocal";
|
|
||||||
firewall.enable = false;
|
|
||||||
};
|
|
||||||
time.timeZone = "Europe/Paris";
|
|
||||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
|
||||||
console = {
|
|
||||||
font = "Lat2-Terminus16";
|
|
||||||
keyMap = "fr";
|
|
||||||
};
|
|
||||||
environment.systemPackages = with pkgs; [ git ];
|
|
||||||
security.polkit.extraConfig = ''
|
|
||||||
polkit.addRule(function(action, subject) {
|
|
||||||
if (
|
|
||||||
subject.isInGroup("bocal")
|
|
||||||
&& (
|
|
||||||
//action.id == "org.freedesktop.login1.chvt" ||
|
|
||||||
action.id == "org.freedesktop.accounts.change-own-password" ||
|
|
||||||
action.id == "org.freedesktop.locale1.set-keyboard" ||
|
|
||||||
action.id == "org.freedesktop.locale1.set-locale" ||
|
|
||||||
action.id == "org.freedesktop.login1.attach-device" ||
|
|
||||||
action.id == "org.freedesktop.login1.flush-devices" ||
|
|
||||||
action.id == "org.freedesktop.login1.halt" ||
|
|
||||||
action.id == "org.freedesktop.login1.halt-ignore-inhibit" ||
|
|
||||||
action.id == "org.freedesktop.login1.halt-multiple-sessions" ||
|
|
||||||
action.id == "org.freedesktop.login1.hibernate" ||
|
|
||||||
action.id == "org.freedesktop.login1.hibernate-ignore-inhibit" ||
|
|
||||||
action.id == "org.freedesktop.login1.hibernate-multiple-sessions" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-block-idle" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-block-shutdown" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-block-sleep" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-delay-shutdown" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-delay-sleep" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-handle-hibernate-key" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-handle-lid-switch" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-handle-power-key" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-handle-reboot-key" ||
|
|
||||||
action.id == "org.freedesktop.login1.inhibit-handle-suspend-key" ||
|
|
||||||
action.id == "org.freedesktop.login1.lock-sessions" ||
|
|
||||||
action.id == "org.freedesktop.login1.manage" ||
|
|
||||||
action.id == "org.freedesktop.login1.power-off" ||
|
|
||||||
action.id == "org.freedesktop.login1.power-off-ignore-inhibit" ||
|
|
||||||
action.id == "org.freedesktop.login1.power-off-multiple-sessions" ||
|
|
||||||
action.id == "org.freedesktop.login1.reboot" ||
|
|
||||||
action.id == "org.freedesktop.login1.reboot-ignore-inhibit" ||
|
|
||||||
action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-reboot-parameter" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-entry" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-menu" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-reboot-to-firmware-setup" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-self-linger" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-user-linger" ||
|
|
||||||
action.id == "org.freedesktop.login1.set-wall-message" ||
|
|
||||||
action.id == "org.freedesktop.login1.suspend" ||
|
|
||||||
action.id == "org.freedesktop.login1.suspend-ignore-inhibit" ||
|
|
||||||
action.id == "org.freedesktop.login1.suspend-multiple-sessions"
|
|
||||||
)
|
|
||||||
)
|
|
||||||
{
|
|
||||||
return polkit.Result.NO;
|
|
||||||
}
|
|
||||||
})
|
|
||||||
'';
|
|
||||||
|
|
||||||
users.groups.bocal.gid = 2000;
|
|
||||||
users.users =
|
|
||||||
let
|
|
||||||
template =
|
|
||||||
{ name, uid }:
|
|
||||||
{
|
|
||||||
inherit name;
|
|
||||||
value = {
|
|
||||||
isNormalUser = true;
|
|
||||||
inherit uid;
|
|
||||||
shell = pkgs.zsh;
|
|
||||||
group = "bocal";
|
|
||||||
homeMode = "750";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
builtins.listToAttrs (map template distant-users-id)
|
|
||||||
// {
|
|
||||||
root.hashedPassword = "$y$j9T$GK2ejPfMgk0GlBqZX0aBo/$n3nds9zcBi8X8p9aG5Aywq1A.R6Bt/dIOccvfIdMM/1";
|
|
||||||
root.openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
home-manager.users =
|
|
||||||
let
|
|
||||||
template =
|
|
||||||
{ name, uid }:
|
|
||||||
{
|
|
||||||
inherit name;
|
|
||||||
value = {
|
|
||||||
home.stateVersion = "23.11";
|
|
||||||
imports = with mods.home; [
|
|
||||||
zsh
|
|
||||||
neovim
|
|
||||||
];
|
|
||||||
programs.zsh.profileExtra = "exec ${pkgs.plasma5Packages.plasma-workspace}/bin/startplasma-wayland";
|
|
||||||
programs.firefox.enable = true;
|
|
||||||
home.packages = with pkgs; [ gedit ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
builtins.listToAttrs (map template distant-users-id);
|
|
||||||
|
|
||||||
services.getty = {
|
|
||||||
loginProgram = pkgs.writeShellScript "autologin" ''
|
|
||||||
${pkgs.sudo}/bin/sudo -u $BOCAL rm /home/$BOCAL/.local/state/nix/profiles/home-manager*
|
|
||||||
${pkgs.sudo}/bin/sudo -u $BOCAL rm /home/$BOCAL/.local/state/home-manager/gcroots/current-home
|
|
||||||
${pkgs.systemd}/bin/systemctl restart home-manager-''${BOCAL}.service
|
|
||||||
exec ${pkgs.shadow}/bin/login -f $BOCAL
|
|
||||||
'';
|
|
||||||
autologinUser = "bocal";
|
|
||||||
};
|
|
||||||
systemd.services.unlock = {
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
script = ''
|
|
||||||
${pkgs.dbus}/bin/dbus-monitor --system "type='signal',interface='org.freedesktop.DBus.Properties',path_namespace='/org/freedesktop/login1/session'" | while read x; do
|
|
||||||
case "$x" in
|
|
||||||
*"boolean true"*) ${pkgs.systemd}/bin/loginctl unlock-sessions
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
services.xserver = {
|
|
||||||
enable = true;
|
|
||||||
xkb.layout = "fr";
|
|
||||||
desktopManager.plasma5.enable = true;
|
|
||||||
displayManager.lightdm.enable = false;
|
|
||||||
};
|
|
||||||
fileSystems =
|
|
||||||
let
|
|
||||||
template =
|
|
||||||
{ name, uid }:
|
|
||||||
{
|
|
||||||
name = "/home/${name}";
|
|
||||||
value = {
|
|
||||||
device = "192.168.222.1:/home/${name}";
|
|
||||||
fsType = "nfs";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
"/home/bocal" = {
|
|
||||||
device = "192.168.222.1:/home/bocal";
|
|
||||||
fsType = "nfs";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
// builtins.listToAttrs (map template distant-users-id);
|
|
||||||
}
|
|
|
@ -1,139 +0,0 @@
|
||||||
{
|
|
||||||
lib,
|
|
||||||
users,
|
|
||||||
mods,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
let
|
|
||||||
machines = {
|
|
||||||
"54:bf:64:5d:33:5e" = "arturgo";
|
|
||||||
"54:bf:64:5d:33:f9" = "catvayor";
|
|
||||||
"54:bf:64:5d:32:d4" = "darksysy";
|
|
||||||
"48:4d:7e:d6:fa:1e" = "empraeleerup";
|
|
||||||
"48:4d:7e:d6:cf:57" = "glohuglohu";
|
|
||||||
"54:bf:64:5d:33:7e" = "h";
|
|
||||||
"54:bf:64:5d:32:b7" = "inutile.club";
|
|
||||||
"54:bf:64:5d:33:f5" = "jimmicrosoft";
|
|
||||||
"48:4d:7e:d6:fc:e8" = "krik";
|
|
||||||
"54:bf:64:5d:31:fd" = "loony";
|
|
||||||
};
|
|
||||||
distant-users = builtins.attrValues machines;
|
|
||||||
distant-users-id = builtins.genList (i: {
|
|
||||||
name = builtins.elemAt distant-users i;
|
|
||||||
uid = 2001 + i;
|
|
||||||
}) (builtins.length distant-users);
|
|
||||||
remote_sys = (
|
|
||||||
import (pkgs.path + "/nixos/lib/eval-config.nix") {
|
|
||||||
system = "x86_64-linux";
|
|
||||||
specialArgs = {
|
|
||||||
inherit users mods;
|
|
||||||
};
|
|
||||||
modules = [ (import ./net-user/configuration.nix distant-users-id) ];
|
|
||||||
}
|
|
||||||
);
|
|
||||||
remote_build = remote_sys.config.system.build;
|
|
||||||
json_maker =
|
|
||||||
mac: user:
|
|
||||||
pkgs.writeText "netboot-${mac}.json" ''
|
|
||||||
{
|
|
||||||
"kernel": "/kernel",
|
|
||||||
"initrd": [ "/initrd" ],
|
|
||||||
"cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}"
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
json_ln = mac: json: ''ln -s ${json} $out/v1/boot/${mac}'';
|
|
||||||
cmds = [
|
|
||||||
"mkdir -p $out/v1/boot"
|
|
||||||
"ln -s ${remote_build.kernel}/bzImage $out/kernel"
|
|
||||||
"ln -s ${remote_build.netbootRamdisk}/initrd $out/initrd"
|
|
||||||
] ++ builtins.attrValues (builtins.mapAttrs json_ln (builtins.mapAttrs json_maker machines));
|
|
||||||
webroot = pkgs.runCommand "netboot-apiroot" { } (builtins.concatStringsSep "\n" cmds);
|
|
||||||
in
|
|
||||||
{
|
|
||||||
users.groups.bocal.gid = 2000;
|
|
||||||
users.users =
|
|
||||||
let
|
|
||||||
template =
|
|
||||||
{ name, uid }:
|
|
||||||
{
|
|
||||||
inherit name;
|
|
||||||
value = {
|
|
||||||
isNormalUser = true;
|
|
||||||
inherit uid;
|
|
||||||
shell = pkgs.zsh;
|
|
||||||
group = "bocal";
|
|
||||||
homeMode = "750";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
builtins.listToAttrs (map template distant-users-id)
|
|
||||||
// {
|
|
||||||
bocal = {
|
|
||||||
isNormalUser = true;
|
|
||||||
uid = 2000;
|
|
||||||
shell = pkgs.zsh;
|
|
||||||
group = "bocal";
|
|
||||||
homeMode = "750";
|
|
||||||
openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
home-manager.users.bocal = {
|
|
||||||
home.stateVersion = "23.11";
|
|
||||||
imports = with mods.home; [
|
|
||||||
zsh
|
|
||||||
neovim
|
|
||||||
];
|
|
||||||
programs.zsh.shellAliases = {
|
|
||||||
"redac" = "/home/bocal/bin/redac";
|
|
||||||
"faire" = "redac faire";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.pixiecore = {
|
|
||||||
enable = true;
|
|
||||||
openFirewall = true;
|
|
||||||
dhcpNoBind = true;
|
|
||||||
apiServer = "http://localhost:8000";
|
|
||||||
mode = "api";
|
|
||||||
listen = "192.168.222.1";
|
|
||||||
};
|
|
||||||
services.nfs.server = {
|
|
||||||
enable = true;
|
|
||||||
exports =
|
|
||||||
let
|
|
||||||
template =
|
|
||||||
{ name, uid }:
|
|
||||||
"/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)";
|
|
||||||
in
|
|
||||||
builtins.concatStringsSep "\n" (
|
|
||||||
[ "/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" ]
|
|
||||||
++ map template distant-users-id
|
|
||||||
);
|
|
||||||
};
|
|
||||||
services.dnsmasq = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
interface = [ "netboot-client" ];
|
|
||||||
bind-dynamic = true;
|
|
||||||
dhcp-option = "3,0.0.0.0";
|
|
||||||
dhcp-range = "192.168.222.100,192.168.222.200,255.255.255.0,12h";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
services.nginx = {
|
|
||||||
enable = true;
|
|
||||||
virtualHosts."localhost" = {
|
|
||||||
listen = [
|
|
||||||
{
|
|
||||||
addr = "localhost";
|
|
||||||
port = 8000;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
root = webroot;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,64 +0,0 @@
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}:
|
|
||||||
{
|
|
||||||
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
|
|
||||||
|
|
||||||
systemd.network = {
|
|
||||||
enable = true;
|
|
||||||
networks = {
|
|
||||||
"uplink" = {
|
|
||||||
name = "eno1";
|
|
||||||
DHCP = "ipv4";
|
|
||||||
# networkConfig.IPMasquerade = "ipv4";
|
|
||||||
};
|
|
||||||
"10-enp2s0" = {
|
|
||||||
name = "enp2s0";
|
|
||||||
bridge = [ "netboot-client" ];
|
|
||||||
networkConfig = {
|
|
||||||
LLDP = false;
|
|
||||||
EmitLLDP = false;
|
|
||||||
LinkLocalAddressing = false;
|
|
||||||
IPv6AcceptRA = false;
|
|
||||||
IPv6SendRA = false;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"10-enp3s2" = {
|
|
||||||
name = "enp3s2";
|
|
||||||
bridge = [ "netboot-client" ];
|
|
||||||
networkConfig = {
|
|
||||||
LLDP = false;
|
|
||||||
EmitLLDP = false;
|
|
||||||
LinkLocalAddressing = false;
|
|
||||||
IPv6AcceptRA = false;
|
|
||||||
IPv6SendRA = false;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"11-netboot-client" = {
|
|
||||||
name = "netboot-client";
|
|
||||||
address = [ "192.168.222.1/24" ];
|
|
||||||
# dhcpServerConfig = {
|
|
||||||
# PoolOffset = 100;
|
|
||||||
# PoolSize = 100;
|
|
||||||
# BootServerAddress = "192.168.222.1";
|
|
||||||
# };
|
|
||||||
};
|
|
||||||
};
|
|
||||||
netdevs."10-client".netdevConfig = {
|
|
||||||
Name = "netboot-client";
|
|
||||||
Kind = "bridge";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
networking.nameservers = [ "208.67.222.222" ];
|
|
||||||
|
|
||||||
networking.nat = {
|
|
||||||
enable = true;
|
|
||||||
internalInterfaces = [ "netboot-client" ];
|
|
||||||
externalInterface = "eno1";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.netbird.enable = true;
|
|
||||||
}
|
|
9
hive.nix
9
hive.nix
|
@ -90,15 +90,6 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
BOcal = {
|
|
||||||
deployment.targetHost = "bocal.tmp";
|
|
||||||
imports = [ ./BOcal/configuration.nix ];
|
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
kat-iso =
|
kat-iso =
|
||||||
{ name, pkgs, ... }:
|
{ name, pkgs, ... }:
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue