add and update servers

author: Max Audron <audron@cocaine.farm> 2023-10-02 14:05:36 +0200
committer: Max Audron <audron@cocaine.farm> 2023-10-02 14:05:36 +0200
commit: d53ddb8da1d41fbfa3935dcc13bf6d234f46d0c2 (patch)
tree: 19c4a85464c2b2d38a1d8e65f5a36473cba7b02d /machines/ettves/default.nix
parent: merge diverged changes (diff)
1 files changed, 29 insertions, 2 deletions
diff --git a/machines/ettves/default.nix b/machines/ettves/default.nix
index c614afb..5a4a8c0 100644
--- a/machines/ettves/default.nix
+++ b/machines/ettves/default.nix
@@ -1,6 +1,7 @@
 { config, lib, pkgs, ... }:
 
-{
+let endpoint = "195.201.245.25";
+in {
   imports = [ ./fs.nix ];
 
   boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
@@ -21,11 +22,12 @@
 
   networking = {
     domain = "vapor.systems";
+    hostName = "ettves";
     hostId = "14e28906";
     dhcpcd.enable = false;
     interfaces.eth0.ipv4.addresses = [
       {
-        address = "195.201.245.25";
+        address = endpoint;
         prefixLength = 26;
       }
       {
@@ -105,4 +107,29 @@
       interface = "eth0";
     };
   };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClYZUxD3Xb4bngOT03Bk/PQSwwYiSKuZm7lLoBEesLd root@ettves";
+
+  kubernetes = {
+    role = "server";
+    advertiseAddress = endpoint;
+  };
+
+  wireguard = {
+    enable = true;
+    roaming = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.1"; };
+    v6 = { address = "1"; };
+    publicKey = "5OTaf4MnSzTcCR10CGSrLFngGa3gdzajbqUKkRF+WlY=";
+    allowedIPs = [ "10.10.0.0/24" "10.102.0.0/24" "fd15:3d8c:d429:102::/72" ];
+  };
+
+  _module.args.nixinate = {
+    host = endpoint;
+    buildOn = "remote";
+    substituteOnTarget = true;
+    hermetic = false;
+  };
 }
author	Max Audron <audron@cocaine.farm>	2023-10-02 14:05:36 +0200
committer	Max Audron <audron@cocaine.farm>	2023-10-02 14:05:36 +0200
commit	d53ddb8da1d41fbfa3935dcc13bf6d234f46d0c2 (patch)
tree	19c4a85464c2b2d38a1d8e65f5a36473cba7b02d /machines/ettves/default.nix
parent	merge diverged changes (diff)