machines/sin01/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

{ config, lib, pkgs, ... }:

let endpoint = "139.180.191.169";
in
{
  networking = {
    domain = "ns.vapor.systems";
    hostName = "sin01";

    interfaces.eth0 = {
      ipv4.addresses = [{
        address = "139.180.191.169";
        prefixLength = 23;
      }];
      ipv6.addresses = [{
        address = "2001:19f0:4400:7d6a:5400:3ff:fed5:f26d";
        prefixLength = 64;
      }];
    };

    defaultGateway = "139.180.190.1";
    defaultGateway6 = {
      address = "fe80::fc00:3ff:fed5:f26d";
      interface = "eth0";
    };
  };

  pubKey =
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJG9bqNAbHaWgiRgvNMntyW9IeLedXCF11KGB0iQsrJH";

  services.powerdns.role = "secondary";

  wireguard = {
    enable = true;
    inherit endpoint;
    v4 = { address = "10.10.0.5"; };
    v6 = { address = "5"; };
    publicKey = "0/g1/0fLOvMDKC87hu9fBDA38S8lzO7qJ+akLGTT/lc=";
    allowedIPs = [ "10.102.4.0/24" "fd15:3d8c:d429:102:400::/72" ];
  };

  deploy = {
    host = endpoint;
    buildOn = "local";
    substituteOnTarget = true;
    hermetic = false;
  };
}