steffen/nixconf
1
0
Fork 0
Code Pull Requests Actions Packages Releases Wiki Activity

interfaces and package config externalized, also tmux added and version variable

Browse Source
This commit is contained in:
Steffen Illium
2025-07-16 20:33:59 +02:00
parent 80d8003e4d
commit 47f7bc25b7
6 changed files with 49 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
__vars.nix
+12 -5
View File
@@ -3,11 +3,18 @@ with lib;
{ {
# #
# SYSTEM # SYSTEM
vars.username = ""; vars.username = "";
vars.usermail = ""; vars.usermail = "";
vars.local_ip = ""; vars.local_ip = "";
vars.hostname = ""; vars.hostname = "";
vars.hostid = ""; vars.hostid = "";
vars.host_type = "";
vars.interfaces = [""];
# DO NOT TOUCH!!!!!!!!!!!!!!!!!!!!!!!!!!
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
vars.stateVersion = "23.11"; # Default to the oldest supported version in my fleet
# DO NOT TOUCH!!!!!!!!!!!!!!!!!!!!!!!!!!
# WIREGUARD # WIREGUARD
vars.wg_adress = ""; vars.wg_adress = "";
configuration.nix
+8 -13
View File
@@ -17,6 +17,7 @@
./users.nix ./users.nix
./program-homemanager.nix ./program-homemanager.nix
./ssh.nix ./ssh.nix
./program-tmux.nix
# Hardware # Hardware
./nfs-mount.nix ./nfs-mount.nix
@@ -46,18 +47,19 @@
networking.hostName = config.vars.hostname; # Define your hostname. networking.hostName = config.vars.hostname; # Define your hostname.
networking.hostId = config.vars.hostid; # Define your hostID - Needs to be unique!. networking.hostId = config.vars.hostid; # Define your hostID - Needs to be unique!.
networking = { networking = {
interfaces.enp1s0 = { interfaces.${lib.head config.vars.interfaces} = {
ipv4.addresses = [{ ipv4.addresses = [{
address = config.vars.local_ip; address = config.vars.local_ip;
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
defaultGateway = {
address = "192.168.178.1";
interface = "enp1s0";
};
nameservers = [ "192.168.178.10" "9.9.9.9" ];
}; };
networking.defaultGateway = {
address = "192.168.178.1";
interface = lib.head config.vars.interfaces;
};
networking.nameservers = [ "192.168.178.10" "9.9.9.9" ];
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
@@ -88,12 +90,10 @@
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget wget
htop htop
ncdu ncdu
git git
tmux
zsh zsh
zoxide zoxide
fzf fzf
@@ -103,11 +103,6 @@
seaweedfs seaweedfs
]; ];
programs.tmux = {
enable = true;
clock24 = true;
};
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
keepalived.nix
+3 -7
View File
@@ -1,10 +1,10 @@
{ config, pkgs, ... }: { { config, lib, pkgs, ... }: {
services.keepalived = { services.keepalived = {
enable = true; enable = true;
vrrpInstances = { vrrpInstances = {
V4 = { V4 = {
priority = config.vars.ka_priority; priority = config.vars.ka_priority;
interface = "enp1s0"; interface = lib.head config.vars.interfaces;
virtualRouterId = 69; virtualRouterId = 69;
virtualIps = [ virtualIps = [
{ {
@@ -14,7 +14,7 @@
}; };
V6 = { V6 = {
priority = config.vars.ka_priority; priority = config.vars.ka_priority;
interface = "enp1s0"; interface = lib.head config.vars.interfaces;
virtualRouterId = 96; virtualRouterId = 96;
virtualIps = [ virtualIps = [
{ {
@@ -25,7 +25,3 @@
}; };
}; };
} }
program-tmux.nix
+10
View File
@@ -0,0 +1,10 @@
{ config, pkgs, ... }:
{
programs.tmux = {
enable = true;
clock24 = true;
};
environment.systemPackages = [ pkgs.tmux ];
}
var_reg.nix
+9 -1
View File
@@ -36,7 +36,15 @@ with lib;
hostid = mkOption { hostid = mkOption {
type = types.str; type = types.str;
}; };
host_type = mkOption {
type = types.str;
};
stateVersion = mkOption {
type = types.str;
};
interfaces = mkOption {
type = listOf types.str;
};
# KEEPALIVED # KEEPALIVED
ka_addr_v4 = mkOption { ka_addr_v4 = mkOption {
wireguard.nix
+7 -6
View File
@@ -1,8 +1,8 @@
{ config, pkgs, ... }: { { config, lib, pkgs, ... }: {
networking.nat.enable = true; networking.nat.enable = true;
networking.nat.externalInterface = "enp1s0"; networking.nat.externalInterface = lib.head config.vars.interfaces;
networking.nat.internalInterfaces = [ "wg0" ]; networking.nat.internalInterfaces = [ "wg0" ] ++ config.vars.interfaces;
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
wg0 = { wg0 = {
@@ -11,11 +11,11 @@
autostart = true; autostart = true;
postUp = '' postUp = ''
${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o ${lib.head config.vars.interfaces} -j MASQUERADE
''; '';
postDown = '' postDown = ''
${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o enp1s0 ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o ${lib.head config.vars.interfaces}
''; '';
privateKey = config.vars.wg_privateKey; privateKey = config.vars.wg_privateKey;
peers = [{ peers = [{
@@ -27,5 +27,6 @@
}]; }];
}; };
}; };
}
environment.systemPackages = [ pkgs.wireguard-tools ];
}