blob: 1d470e2acde10149d930ddc5619b4f66a1484ed6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
{ modulesPath, pkgs, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
./disk-config.nix
./hardware-configuration.nix
];
boot.loader.grub.enable = true;
# enable flakes
nix = {
package = pkgs.nixFlakes;
extraOptions = ''
experimental-features = nix-command flakes
'';
settings = {
keep-outputs = true;
keep-derivations = true;
};
};
services.openssh = {
enable = true;
passwordAuthentication = false;
# ports = [5522];
};
services.do-agent.enable = true;
networking = {
firewall.enable = false;
hostName = "yn-ind"; # use Digital Ocean metadata server
networkmanager.enable = true;
useDHCP = false;
interfaces.eth0.ipv4.addresses = [
{address = "93.127.194.223"; prefixLength = 32;}
];
interfaces.eth0.ipv6.addresses = [
{address = "2a02:4780:12:413b::1"; prefixLength = 64;}
];
defaultGateway = {
address = "169.254.0.1";
interface = "eth0";
};
defaultGateway6 = {
address = "fe80:1";
interface = "eth0";
};
interfaces.ens18.ipv4.addresses = [
{address = "93.127.194.223"; prefixLength = 32;}
];
interfaces.ens18.ipv6.addresses = [
{address = "2a02:4780:12:413b::1"; prefixLength = 64;}
];
# defaultGateway = {
# address = "169.254.0.1";
# interface = "ens18";
# };
# defaultGateway6 = {
# address = "fe80:1";
# interface = "ens18";
# };
nameservers = [
"217.21.86.10"
"8.8.4.4"
"1.1.1.1"
];
};
users.users.root.openssh.authorizedKeys.keys =
[ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+qXhCHNrSZmy4HEXaFn6xAp1w2GzQBMOfVdbR3E81Q cloudboxes" ];
# networking.firewall = {
# enable = true;
# allowedTCPPorts = [ 993 465 40308 80 443 53 51820 5522 ];
# allowedUDPPorts = [ 993 465 40308 80 443 53 50000 50001 50002 50003 50004 50005 50006 50007 50008 50009 50010 51820 5522 ];
# };
}
|
