{ pkgs , lib , config , ... }: let keys = import ../../../variables/keys.nix; in { # TASK: new device networking.hostName = "vmd32387"; # Define your hostname. networking.domain = "contaboserver.net"; networking.firewall.enable = true; networking.firewall.allowedTCPPorts = [ # iperf3 5201 ]; networking.firewall.logRefusedConnections = false; networking.usePredictableInterfaceNames = false; networking.dhcpcd = { enable = true; persistent = true; }; networking.interfaces.eth0 = { useDHCP = true; ipv6.addresses = [ { address = "2a02:c207:3003:2387::1"; prefixLength = 64; } ]; }; networking.defaultGateway6 = { address = "fe80::1"; interface = "eth0"; }; networking.nat = { enable = true; internalInterfaces = [ "ve-+" ]; externalInterface = "eth0"; }; # Kubernetes # services.kubernetes.roles = ["master" "node"]; # virtualization virtualisation = { docker.enable = true; }; services.spice-vdagentd.enable = true; services.qemuGuest.enable = true; boot.initrd.network = { enable = true; udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ]; ssh = { enable = true; authorizedKeys = keys.users.steveej.openssh; }; }; boot.initrd.postMountCommands = '' for iface in $(cd /sys/class/net && ls); do echo "Bringing down $iface..." ip address flush dev $iface ip link set $iface down done ''; containers = { mailserver = import ../../containers/mailserver.nix { hostAddress = "192.168.100.10"; localAddress = "192.168.100.11"; }; webserver = import ../../containers/webserver.nix { hostAddress = "192.168.100.12"; localAddress = "192.168.100.13"; }; syncthing = import ../../containers/syncthing.nix { hostAddress = "192.168.100.14"; localAddress = "192.168.100.15"; }; backup = import ../../containers/backup.nix { inherit config; hostAddress = "192.168.100.16"; localAddress = "192.168.100.17"; }; }; }