diff options
| author | Tim Keller <tjk@tjkeller.xyz> | 2026-01-03 17:56:09 -0600 |
|---|---|---|
| committer | Tim Keller <tjk@tjkeller.xyz> | 2026-01-03 17:56:09 -0600 |
| commit | b37e4df94d75bcba3f8341637d868d4a66c8f4ce (patch) | |
| tree | 48bfa89ae038a0f30c094714d6d2aab4b8b69bc2 | |
| parent | 6168406629257f364d8402e21808cf9cd224dc95 (diff) | |
| download | nixos-b37e4df94d75bcba3f8341637d868d4a66c8f4ce.tar.xz nixos-b37e4df94d75bcba3f8341637d868d4a66c8f4ce.zip | |
start nixos configs for servers
| -rw-r--r-- | hosts/flex-wg-router/configuration.nix | 57 | ||||
| -rw-r--r-- | hosts/poweredge/configuration.nix | 14 | ||||
| -rw-r--r-- | poweredge-pro outline | 3 |
3 files changed, 58 insertions, 16 deletions
diff --git a/hosts/flex-wg-router/configuration.nix b/hosts/flex-wg-router/configuration.nix index b09c3f0..6fea096 100644 --- a/hosts/flex-wg-router/configuration.nix +++ b/hosts/flex-wg-router/configuration.nix @@ -1,17 +1,60 @@ -{ config, lib, pkgs, ... }: { +{ config, lib, pkgs, ... }: let + ipAddress = "10.1.1.1"; +in { # Setup bootloader boot._loader.enable = true; + # Enable common options _archetypes = { # Use headless profile - profiles.headless.enable = true; - # Install software - collections = { - development = { - docker.enable = true; + profiles.headless = { + enable = true; + home.users.timmy.enable = true; + }; + profiles.router = { + enable = true; + home.users.timmy.enable = true; + }; + }; + + networking = { + _interfaceLabels = { + lan0 = "98:b7:85:22:9b:43"; # internal + wan0 = "54:ee:75:8c:4b:2d"; # external + }; + #useDHCP = false; # TODO Enable when accessible via wireguard + interfaces = { + lan0.ipv4.addresses = [{ + address = ipAddress; + prefixLength = 24; + }]; + wan0.ipv4.addresses = [{ + address = "46.110.173.165"; # Public static ip 4 + prefixLength = 31; + }]; + }; + }; + + services._router = { + dnsDhcpConfig = { + localDomain = "wg-router.pls.lan"; + dhcp = { + defaultGateway = ipAddress; + localhostIp = ipAddress; + rangeStart = "10.1.1.100"; + rangeEnd = "10.1.1.250"; + staticLeases = { + poweredge-pro-idrac = { + macAddress = "00:11:22:33:44:55"; + staticIp = "10.1.1.10"; + }; + }; }; }; - } + }; + + # Enable user timmy + _users.timmy.enable = true; system.stateVersion = "25.05"; } diff --git a/hosts/poweredge/configuration.nix b/hosts/poweredge/configuration.nix index 08e392d..f031a3b 100644 --- a/hosts/poweredge/configuration.nix +++ b/hosts/poweredge/configuration.nix @@ -1,15 +1,11 @@ { config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; - # ZFS bootloader - bootloader.loader = "grub"; - bootloader.mode = "efi"; - boot.loader.grub = { - zfsSupport = true; - efiInstallAsRemovable = true; - mirroredBoots = [ - { devices = [ "nodev" ]; path = "/boot"; } - ]; + # Grub bootloader with zfs support + boot._loader = { + enable = true; + type = "grub"; + grub.zfsSupport = true; }; # Disable suspend diff --git a/poweredge-pro outline b/poweredge-pro outline index 11616d9..bdb7fb8 100644 --- a/poweredge-pro outline +++ b/poweredge-pro outline @@ -1,5 +1,7 @@ poweredge-pro +https://wiki.nixos.org/wiki/ZFS + SERVICES: - nfs/smb file shares - cronjobs / systemd units @@ -12,6 +14,7 @@ SERVICES: - virtual router opnsense - unbound + dnsmasq - local hostname resolving e.g. ping poweredge-pro + - overrides and blocklists (manual black/whitelist) - router profile - web services - admin streamline (docker for now) |