init wob-vpn-gw host
This commit is contained in:
parent
7396107bf4
commit
62af42fc97
11
flake.nix
11
flake.nix
|
@ -123,6 +123,17 @@
|
|||
./hosts/fodwatch.forkos.org
|
||||
];
|
||||
};
|
||||
|
||||
wob-vpn-gw = {
|
||||
imports = [
|
||||
inputs.agenix.nixosModules.default
|
||||
inputs.hydra.nixosModules.hydra
|
||||
|
||||
./services
|
||||
./common
|
||||
./hosts/wob-vpn-gw.forkos.org
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
112
hosts/wob-vpn-gw.forkos.org/default.nix
Normal file
112
hosts/wob-vpn-gw.forkos.org/default.nix
Normal file
|
@ -0,0 +1,112 @@
|
|||
{ lib, ... }:
|
||||
|
||||
{
|
||||
###### Hardware ######
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "sd_mod" "sdhci_pci" ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/58688a5c-e3ce-4868-804b-4e34d1370f36";
|
||||
fsType = "f2fs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/38caa628-3b6d-4fb4-8767-beee09a196a6";
|
||||
fsType = "ext2";
|
||||
};
|
||||
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
# Enable serial output
|
||||
boot.loader.grub.extraConfig = ''
|
||||
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
|
||||
terminal_input serial
|
||||
terminal_output serial
|
||||
'';
|
||||
boot.kernelParams = [
|
||||
"console=ttyS0,115200"
|
||||
"console=tty1"
|
||||
];
|
||||
|
||||
###### Config #######
|
||||
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
networking.useNetworkd = true;
|
||||
|
||||
systemd.network = {
|
||||
netdevs = {
|
||||
"40-uplink" = {
|
||||
netdevConfig = {
|
||||
Kind = "bond";
|
||||
Name = "uplink";
|
||||
};
|
||||
bondConfig = {
|
||||
Mode = "802.3ad";
|
||||
TransmitHashPolicy = "layer3+4";
|
||||
};
|
||||
};
|
||||
"40-oob" = {
|
||||
netdevConfig = {
|
||||
Kind = "bond";
|
||||
Name = "oob";
|
||||
};
|
||||
bondConfig = {
|
||||
Mode = "802.3ad";
|
||||
TransmitHashPolicy = "layer3+4";
|
||||
};
|
||||
};
|
||||
};
|
||||
networks = {
|
||||
"40-enp1s0" = {
|
||||
name = "enp1s0";
|
||||
bond = [ "uplink" ];
|
||||
};
|
||||
"40-enp2s0" = {
|
||||
name = "enp2s0";
|
||||
bond = [ "uplink" ];
|
||||
};
|
||||
"40-enp3s0" = {
|
||||
name = "enp3s0";
|
||||
bond = [ "oob" ];
|
||||
};
|
||||
"40-enp4s0" = {
|
||||
name = "enp4s0";
|
||||
bond = [ "oob" ];
|
||||
};
|
||||
} // lib.listToAttrs (map (x: lib.nameValuePair "40-bmc${toString x}" {
|
||||
name = "bmc${toString x}";
|
||||
address = [ "192.168.1.${toString (x*4 + 1)}/30" ];
|
||||
#address = [ "192.168.${toString x}.1/24" ];
|
||||
networkConfig.DHCPServer = true;
|
||||
}) (lib.genList lib.id 12));
|
||||
};
|
||||
|
||||
networking.vlans = lib.listToAttrs (map (x: lib.nameValuePair "bmc${toString x}" {
|
||||
interface = "oob";
|
||||
id = 101 + x;
|
||||
}) (lib.genList lib.id 12));
|
||||
|
||||
networking.interfaces = {
|
||||
uplink = {
|
||||
ipv6.addresses = [
|
||||
{
|
||||
address = "2a01:584:11::2";
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
networking.defaultGateway6 = { interface = "uplink"; address = "2a01:584:11::1"; };
|
||||
|
||||
deployment.targetHost = "2a01:584:11::2";
|
||||
|
||||
bagel.sysadmin.enable = true;
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
Loading…
Reference in a new issue