machines/mail/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

{ config, lib, pkgs, ... }:

let endpoint = "2a01:4f8:1c1c:3ce7::1";
in
{
  networking = {
    domain = ".vapor.systems";
    hostName = "mail";
    dhcpcd.enable = false;
    interfaces.eth0 = {
      ipv4 = {
        addresses = [
          { address="116.203.26.228"; prefixLength=32; }
        ];

        routes = [
          { address = "172.31.1.1"; prefixLength = 32; }
        ];
      };
      ipv6 = {
        addresses = [
          { address="2a01:4f8:1c1c:3ce7::1"; prefixLength=64; }
          { address="fe80::9000:6ff:fe53:14ce"; prefixLength=64; }
        ];
        
        routes = [
          { address = "fe80::1"; prefixLength = 128; }
        ];
      };
    };

    defaultGateway = "172.31.1.1";
    defaultGateway6 = {
      address = "fe80::1";
      interface = "eth0";
    };
  };

  pubKey =
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPVwt+/sB77NZnjwqgwtkcqKsIYyMnYh5qlqYoY9dLEd";

  wireguard = {
    enable = true;
    inherit endpoint;
    v4 = { address = "10.10.0.6"; };
    v6 = { address = "6"; };
    publicKey = "lk0mN1R5Uf5iwvWe/4mOmrMap7xtsieQaJSHcXQ7+VY=";
    allowedIPs = [];
  };

  deploy = {
    host = endpoint;
    sshUser = "audron";
    buildOn = "remote";
    substituteOnTarget = true;
    hermetic = false;
  };
}