main
1{lib, ...} @ topArgs: {
2 flake.modules.nixos."hosts/pardofelis" = {config, ...}: let
3 iface = "eth0";
4 in {
5 networking = {
6 useNetworkd = true;
7 useDHCP = false;
8 search = ["local"];
9 };
10
11 systemd.network.networks."10-${iface}" = {
12 matchConfig.Name = iface;
13 dns = ["172.16.36.100"] ++ config.networking.nameservers;
14 linkConfig.RequiredForOnline = "routable";
15 };
16
17 environment.etc."systemd/network/10-${iface}.network.d/99-address.conf" = {
18 source = config.vaultix.templates.networkd-address.path;
19 user = "root";
20 group = "systemd-network";
21 mode = "0440";
22 };
23 environment.etc."systemd/network/10-${iface}.network.d/99-route.conf" = {
24 source = config.vaultix.templates.networkd-route.path;
25 user = "root";
26 group = "systemd-network";
27 mode = "0440";
28 };
29
30 vaultix.templates.networkd-address = {
31 content = ''
32 [Network]
33 Address=${config.vaultix.placeholder.hosts-pardofelis-ipv4}/24
34 Address=${config.vaultix.placeholder.hosts-pardofelis-ipv6}/64
35 '';
36 owner = "root";
37 group = "systemd-network";
38 mode = "0440";
39 };
40 vaultix.templates.networkd-route = {
41 content = ''
42 [Route]
43 Gateway=${config.vaultix.placeholder.hosts-pardofelis-gateway}
44 Destination=0.0.0.0/0
45 [Route]
46 Gateway=${config.vaultix.placeholder.hosts-pardofelis-gateway6}
47 Destination=::/0
48 '';
49 owner = "root";
50 group = "systemd-network";
51 mode = "0440";
52 };
53
54 vaultix.secrets.hosts-pardofelis-ipv4.file = ./ipv4.age;
55 vaultix.secrets.hosts-pardofelis-ipv6.file = ./ipv6.age;
56 vaultix.secrets.hosts-pardofelis-gateway.file = ./gateway.age;
57 vaultix.secrets.hosts-pardofelis-gateway6.file = ./gateway6.age;
58 };
59
60 flake.modules.nixos.ssh-host-pardofelis = {config, ...}: {
61 programs.ssh.extraConfig = ''
62 Host pardofelis
63 Port ${toString (lib.elemAt (topArgs.config.flake.meta.host.hosts.pardofelis.sshPorts) 0)}
64 Include ${config.vaultix.templates."ssh-host-pardofelis".path}
65 '';
66
67 users.groups.nix-secrets-ssh-hosts = {};
68
69 vaultix.templates.ssh-host-pardofelis = {
70 content = ''
71 HostName ${config.vaultix.placeholder.hosts-pardofelis-ipv4}
72 '';
73 owner = "root";
74 group = "nix-secrets-ssh-hosts";
75 mode = "0440";
76 };
77
78 vaultix.secrets.hosts-pardofelis-ipv4.file = ./ipv4.age;
79 };
80}