diff options
| author | Tim Keller <tjk@tjkeller.xyz> | 2026-03-28 18:46:16 -0500 |
|---|---|---|
| committer | Tim Keller <tjk@tjkeller.xyz> | 2026-03-28 18:46:16 -0500 |
| commit | 07cc1920136ce61980c80c6bde3c267fcbc6218f (patch) | |
| tree | c2a2afeaf1d782c54347a2baaee0429ec9449bd3 | |
| parent | 23b92aaaa7702221e80199c9d47fa1f73b3722c1 (diff) | |
| download | nixos-07cc1920136ce61980c80c6bde3c267fcbc6218f.tar.xz nixos-07cc1920136ce61980c80c6bde3c267fcbc6218f.zip | |
begin poweredge config
| -rw-r--r-- | hosts/poweredge/configuration.nix | 37 | ||||
| -rw-r--r-- | hosts/poweredge/ddns-updater.nix | 14 | ||||
| -rw-r--r-- | hosts/poweredge/networking.nix | 78 | ||||
| -rw-r--r-- | hosts/poweredge/notification-mailer.nix | 27 |
4 files changed, 145 insertions, 11 deletions
diff --git a/hosts/poweredge/configuration.nix b/hosts/poweredge/configuration.nix index f031a3b..f62d017 100644 --- a/hosts/poweredge/configuration.nix +++ b/hosts/poweredge/configuration.nix @@ -1,15 +1,30 @@ -{ config, lib, pkgs, ... }: { - imports = [ ./hardware-configuration.nix ]; - - # Grub bootloader with zfs support - boot._loader = { - enable = true; - type = "grub"; - grub.zfsSupport = true; +{ config, lib, pkgs, ... }: let + serverEmail = "poweredge@tjkeller.xyz"; +in { + imports = [ + ./ddns-updater.nix + ./networking.nix + ./notification-mailer.nix # TODO move some of this stuff to archetype + ]; + + # Setup bootloader + boot._loader.enable = true; + + # Enable common options + _archetypes = { + profiles.headless = { + enable = true; + home.users.timmy.enable = true; + }; + profiles.zfs.enable = true; + profiles.router.enable = true; }; - # Disable suspend - suspend.enable = false; + # Enable smartd + services.smartd.enable = true; # TODO move to archetype + + # Enable user timmy + _users.timmy.enable = true; - system.stateVersion = "25.05"; + system.stateVersion = "25.11"; } diff --git a/hosts/poweredge/ddns-updater.nix b/hosts/poweredge/ddns-updater.nix new file mode 100644 index 0000000..2f0ce53 --- /dev/null +++ b/hosts/poweredge/ddns-updater.nix @@ -0,0 +1,14 @@ +{ config, ... }: { + # Password file for mail application password + sops.secrets.ddnsUpdater.sopsFile = ./resources/secrets/ddns-updater-config.json; + + # Enable ddns updater + services.ddns-updater = { + enable = true; + environment = { + SERVER_ENABLED="no"; + CONFIG_FILEPATH = config.sops.secrets.ddnsUpdater.path; + PERIOD = "5m"; + }; + }; +} diff --git a/hosts/poweredge/networking.nix b/hosts/poweredge/networking.nix new file mode 100644 index 0000000..31f3b40 --- /dev/null +++ b/hosts/poweredge/networking.nix @@ -0,0 +1,78 @@ +{ + networking = { + # Label lan and wan interfaces + _interfaceLabels = { + enable = true; + interfaces = { + lan0 = "00:a0:98:7a:ac:0b"; + wan0 = "00:a0:98:ff:ff:ff"; + }; + }; + # Set ip addresses + interfaces = { + lan0.ipv4.addresses = [{ + address = "192.168.1.1"; + prefixLength = 24; + }]; + wan0.useDHCP = true; + }; + defaultGateway.interface = "wan0"; + nameservers = [ "127.0.0.1" ]; + # Firewall rules + firewall = { + interfaces.wan0 = { + allowedUDPPorts = [ 51820 ]; + }; + }; + #nat.forwardPorts = [ + # { + # sourcePort = 2222; + # proto = "tcp"; + # destination = "10.1.1.1:22"; + # } + # { + # sourcePort = 22; + # proto = "tcp"; + # destination = "10.1.1.1:22"; + # } + #]; + }; + + services._router = { + dnsDhcpConfig = { + localDomain = "wg-router.pls.lan"; + dhcp = { + defaultGateway = ipAddress; + localhostIp = ipAddress; + rangeStart = "192.168.1.50"; + rangeEnd = "192.168.1.250"; + staticLeases = { + idrac-7N94GK2 = { + macAddress = "50:9a:4c:5d:c3:7c"; + staticIp = "192.168.1.3"; + }; + OpenWrt-Attic = { + macAddress = "34:98:b5:60:5e:be"; + staticIp = "192.168.1.4"; + }; + OpenWrt-Basement = { + macAddress = "8c:3b:ad:35:c7:8c"; + staticIp = "192.168.1.5"; + }; + ArcherC54 = { + macAddress = "12:eb:b6:13:f9:e2"; + staticIp = "192.168.1.6"; + }; + T495 = { + macAddress = "04:33:c2:9d:34:74"; + staticIp = "192.168.1.11"; + }; + Optiplex = { + macAddress = "e4:54:e8:bc:ba:05"; + staticIp = "192.168.1.12"; + }; + }; + }; + }; + }; +} diff --git a/hosts/poweredge/notification-mailer.nix b/hosts/poweredge/notification-mailer.nix new file mode 100644 index 0000000..25e2e2b --- /dev/null +++ b/hosts/poweredge/notification-mailer.nix @@ -0,0 +1,27 @@ +{ config, ... }: let + serverEmail = "poweredge@tjkeller.xyz"; +in { + # Mailer password secret for mail application password + sops.secrets.mailerPassword.sopsFile = ./resources/secrets/mailer.yaml; + + # Enable mta for system event notifications + services.mail._mailer = { + sender = { + host = "mail.tjkeller.xyz"; + user = serverEmail; + from = serverEmail; + passwordFile = config.sops.secrets.mailerPassword.path; + }; + recipient = serverEmail; + } + + # Enable zed mailer module + services.zfs._zedMailer.enable = true; + + # Enable smartd notifications + services.smartd.notifications.mail = { + enable = true; + sender = serverEmail; + recipient = serverEmail; + }; +} |