64 lines
1.5 KiB
Nix
64 lines
1.5 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
pkgsUnstable,
|
|
inputs,
|
|
...
|
|
}:
|
|
{
|
|
boot.loader.grub.device = "/dev/sda";
|
|
|
|
network-static = {
|
|
enable = true;
|
|
hardwareAddress = "96:00:04:60:9D:9C";
|
|
staticAddresses = [
|
|
"65.108.93.48/32"
|
|
"2a01:4f9:c010:ba5e::1/64"
|
|
];
|
|
staticRoutes = [
|
|
{
|
|
Gateway = "172.31.1.1";
|
|
GatewayOnLink = true;
|
|
}
|
|
{
|
|
Gateway = "fe80::1";
|
|
}
|
|
];
|
|
};
|
|
qemu.enable = true;
|
|
spice.enable = true;
|
|
|
|
sops.secrets = {
|
|
#"crowdsec/lapiKey" = {
|
|
# owner = "traefik";
|
|
# mode = "0400";
|
|
#};
|
|
"borgmatic_pass/local" = { };
|
|
"borgmatic_pass/remote" = { };
|
|
};
|
|
|
|
crowdsec-firewall-bouncer = {
|
|
enable = true;
|
|
};
|
|
|
|
#borg-config = {
|
|
# enable = true;
|
|
|
|
# backupLabel = "hel-01";
|
|
# localRepoPath = "ssh://borg@borg-01.tail755c5.ts.net/./";
|
|
# remoteRepoPath = "ssh://fm1833@fm1833.rsync.net/./hosts/hel-01";
|
|
# sourceDirectories = [
|
|
# ];
|
|
# hcPingUrlLocal = "https://hc.its-et.me/ping/PlGPBqq-0rLI4N4ya3jYmg/backup-hel-01";
|
|
# hcPingUrlRemote = "https://hc.its-et.me/ping/PlGPBqq-0rLI4N4ya3jYmg/backup-hel-01-remote";
|
|
#};
|
|
|
|
base.userSSHKeys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF3oNF68M+TaN8LB+jQH9hFaW3vpR3i54UiVRPqJxyAN etorres@xenon"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIISjU0h15s29Ir6ANHNujlOO0/7+bGvkpbpN6WzVhgW6 etorres@radon"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIISjU0h15s29Ir6ANHNujlOO0/7+bGvkpbpN6WzVhgW6 etorres@radon"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEfb0bbETv9ZGjNoWaJuVQeSZTiIIXjZPPOdXL9aXxO etorres@iphone"
|
|
];
|
|
}
|