tomate: configure ifsr-apb network
This commit is contained in:
parent
83db5399d7
commit
5b95918c29
|
@ -8,6 +8,7 @@
|
|||
imports =
|
||||
[
|
||||
# Include the results of the hardware scan.
|
||||
./network.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
|
@ -15,8 +16,6 @@
|
|||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
networking.hostName = "tomate"; # Define your hostname.
|
||||
networking.nftables.enable = true;
|
||||
|
||||
nix = {
|
||||
settings = {
|
||||
|
@ -29,8 +28,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
|
40
hosts/tomate/network.nix
Normal file
40
hosts/tomate/network.nix
Normal file
|
@ -0,0 +1,40 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
sops.secrets.ifsr-apb-auth = { };
|
||||
networking = {
|
||||
domain = "ifsr.de";
|
||||
hostName = "tomate";
|
||||
useNetworkd = true;
|
||||
nftables.enable = true;
|
||||
# Radius authentification
|
||||
supplicant."enp3s0" = {
|
||||
driver = "wired";
|
||||
configFile.path = config.sops.secrets.ifsr-apb-auth.path;
|
||||
};
|
||||
};
|
||||
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
fallbackDns = [ "9.9.9.9" ];
|
||||
};
|
||||
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
|
||||
networks."10-wired-default" = {
|
||||
matchConfig.Name = "enp3s0";
|
||||
|
||||
address = [ "141.30.86.196/26" ];
|
||||
routes = [
|
||||
{
|
||||
routeConfig.Gateway = "141.30.86.193";
|
||||
}
|
||||
];
|
||||
networkConfig = {
|
||||
DNS = "141.30.1.1";
|
||||
LLDP = true;
|
||||
EmitLLDP = "nearest-bridge";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -4,6 +4,7 @@ print:
|
|||
smtp-password: ENC[AES256_GCM,data:XoaLiEpqAdKapeS9YoBfh2w7HFuTCV9rHIciH+qUbhHcdsgVpnPMsSlC,iv:WxfP5d2K9soJPoRPuS6O6PbNvo4TBQjPGiV0e+a501Q=,tag:ZsTdR+b/oYFAYz/MN73PFg==,type:str]
|
||||
sssd:
|
||||
env: ENC[AES256_GCM,data:9IbU7uaElmemQHVUvsM88hcyNl3WFehgQeLZPtUxt2Sd0IECm8qNkQhWJ4kuvoBnQsdsUrFm/0QuW7AfDFOeE7FxMxg0,iv:dyzsYHlqClWbfzsoJ36iYjaXWpidB1ZqHXI7RP7js2Y=,tag:97FMOeVwAEy8Ka79uZKC8Q==,type:str]
|
||||
ifsr-apb-auth: ENC[AES256_GCM,data:hxJOvRbgjB//YU3wy04P7yrQbV0Ggoi18wQxwy4hHgbXizTHbmlfiZ/MstITrZQ6qEPVBEW41/iGU3DO2Cg2ofpWvFU5Gr8FM1AC9DKq8SppLGqzel1mEejPfrh4RbQUMe0zZlc/YfhCah5sM0oPnBQNg8bPpveEO+5/bRq5S24jkkv7w6/AAS8tGvjALVf/g95jsCrQO2MYg9jCCEkdhORU0bowGD8cjTr6wnPkNhwzn5tiKoPn6eH6TFBkqNC+Q/5E+os10i9F1c3z/sv8Snrcl7V5higqrQekhEvGRDmax/4lE8Yb3AoxC/2M4/+9x+OPi0JUkkhC6rghETXpmYkuaD7E8+eEtLeSbiJPlPijq2HTtbtsHcSoMUdoGO8644TVe/jDxaEe54p9OWEFjRRpONijQKsfH3wENlUXmqDQDLfMSpoANxIHMh+RmRzktGIvTgvs6rlKXsWp7/gggFVxdM/5QPbE3pUvGr+JPWz4,iv:6c1HxYGrItPwKzAnQ0zUvO3TSejVZ/aWF9zs99ufzl4=,tag:fELOskceJWKmkm74MCsfoA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
@ -19,8 +20,8 @@ sops:
|
|||
TXVrMHZCNU5zOG5hVnNkdEoxcTZqWXMKA9eG1zM6HeLAAOpIo8Z5+5KD4Z5P3rdc
|
||||
kE8sUXHD3d8SMmSKcTYe6gGVzFuw0xxnMb/AmjAQosvDFTQsWy1sTw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-01-29T13:36:12Z"
|
||||
mac: ENC[AES256_GCM,data:CnoH4KmYy72E0L+X7SHYXrFH6z0KhRhfYXmIO8HnPlkYnwKXDeAYezv4kL3ItZG+8pnmbFdoyHxxVMT6rWtV//x16YPMI0zhwIEBs67ZxM+gzeei4fniktolydKmlXUgbtWw3/y3OtxzAn9Dne2LPz7CwN/imGOTgrWFYGWRhtU=,iv:gcurHYWPSijYRlt9FoutrGInWDOfSkjrNqwU6jxiHDk=,tag:qWhpQ9vLuuihOzJeOGYEog==,type:str]
|
||||
lastmodified: "2024-04-16T08:58:21Z"
|
||||
mac: ENC[AES256_GCM,data:2aOOVZK7kshJFBWphvW/BqRUXht4p80Q15nGJNA1EbjT05f3tYdrr8QuM5Xd1vJO07rgmokWv4XwbzodRIwqidEXD5xuJ1v+kHC/jJnO3yrBKY7kVMHkia2Wq00bcN/iwdW6G6AP5D4HQbmFNo+rLHyjIVwPvtu9jutKpz12NH0=,iv:YCBX2gSEmiUa6HrHi0VEcRGWDJrXGajD8ZbOZcppFnM=,tag:FK2E4hukl8oL5aZNTCQESA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-02-29T15:23:28Z"
|
||||
enc: |-
|
||||
|
|
Loading…
Reference in a new issue