cascade/nixos
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
James Andariese 2025-04-19 05:07:57 +00:00
parent ec462190f9
commit 210d5b135c
4 changed files with 55 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
hosts/yveltal.nix
View File

@ -4,18 +4,19 @@
{ config, pkgs, lib, inputs, ... }:
let iface = import ../iface-templates.nix {inherit lib;};
in {
{
imports =
[ # Include the results of the hardware scan.
../types/server.nix
];
config = lib.mkMerge [
(iface.bridge "lan0" "172.16.1.251/12" "172.16.1.1" "phy0" "50:9a:4c:49:cc:1b")
(iface.dhcp "phy1" "98:b7:85:01:36:ec")
(iface.dhcp "phy2" "98:b7:85:01:36:ed")
(iface.dhcp "phy3" "98:b7:85:01:36:ee")
(iface.dhcp "phy4" "98:b7:85:01:36:ef")
{networking.interfaces.enp0s31f6.useDHCP = true;}
#{networking.interfaces.enp0s31f6.ipv4.addresses = [ address = "172.16.1.251"; prefixLength = 12; }]}
#(iface.bridge "lan0" "172.16.1.251/12" "172.16.1.1" "phy0" "50:9a:4c:49:cc:1b")
#(iface.dhcp "phy1" "98:b7:85:01:36:ec")
#(iface.dhcp "phy2" "98:b7:85:01:36:ed")
#(iface.dhcp "phy3" "98:b7:85:01:36:ee")
#(iface.dhcp "phy4" "98:b7:85:01:36:ef")
];
}

57
iface-templates.nix
View File

@ -1,30 +1,57 @@
{lib,...}:
let build = iface: mac: rest: lib.recursiveUpdate rest {
systemd.network.enable = true;
systemd.network.links."${iface}" = {
linkConfig.Name = iface;
matchConfig.PermanentMACAddress = mac;
networking.usePredictableInterfaceNames = false;
boot.initrd.systemd.enable = true;
boot.initrd.services.udev.rules = ''
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", \
ADDR{address}=="${mac}", KERNEL="eth*", NAME="${iface}"
'';
boot.initrd.systemd.network = {
enable = true;
links."${iface}" = {
linkConfig.Name = iface;
matchConfig.PermanentMACAddress = mac;
};
wait-online.enable = false;
};
systemd.network = {
enable = true;
links."${iface}" = {
linkConfig.Name = iface;
matchConfig.PermanentMACAddress = mac;
};
networks."${iface}".enable = true;
wait-online.anyInterface = true;
};
systemd.network.networks."${iface}".enable = true;
}; in
{
bridge = br: ip: gateway: iface: mac: build iface mac {
systemd.network.networks."${iface}".bridge = [ br ];
systemd.network.networks."${br}" = {
address = [ ip ];
gateway = [ gateway ];
};
systemd.network.netdevs."${br}" = {
netdevConfig = {
Name = br;
Kind = "bridge";
systemd.network = {
networks = {
"${iface}".bridge = [ br ];
"${br}" = {
address = [ ip ];
gateway = [ gateway ];
};
};
netdevs = {
"${br}" = {
netdevConfig = {
Name = br;
Kind = "bridge";
};
};
};
};
};
};
dhcp = iface: mac: build iface mac {
systemd.network.networks."${iface}" = {
matchConfig.Name = iface;
DHCP = "yes";
};
networking.interfaces."${iface}".useDHCP = true;
};
}

BIN
modules/luks-zero.key Normal file
View File

Binary file not shown.

6
modules/luks.nix
View File

@ -7,9 +7,13 @@
device = "/dev/disk/by-partlabel/${config.networking.hostName}-luks0";
allowDiscards = true;
keyFileSize = 32;
keyFile = "/dev/zero";
keyFile = "/dev/zero";
#keyFile = "/etc/luks-zero.key";
};
};
#boot.initrd.systemd.contents = {
# "/etc/luks-zero.key".source = ./luks-zero.key;
#};
fileSystems."/" = {
device = "/dev/disk/by-label/${config.networking.hostName}-root";
fsType = "ext4";