home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit a5d3bb3b65e7a9308b37cbf2bc6ceba9e860d898
parent 73ec0af7abdac754e66192b175e02d7c2420051c
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Tue,  5 Oct 2021 17:35:10 +0200

systems/kerkouane: deploy using morph 🎉

And remove syncthing, it is not needed anymore !

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Msystems/hosts/kerkouane.nix | 42+++++++++++++++++++++++++++++++++++-------
1 file changed, 35 insertions(+), 7 deletions(-)

diff --git a/systems/hosts/kerkouane.nix b/systems/hosts/kerkouane.nix @@ -4,8 +4,6 @@ with lib; let hostname = "kerkouane"; - networkingConfigPath = ../../networking.nix; - hasNetworkingConfig = (builtins.pathExists networkingConfigPath); secretPath = ../../secrets/machines.nix; secretCondition = (builtins.pathExists secretPath); @@ -64,12 +62,42 @@ in ../modules (import ../../users).vincent (import ../../users).root - ] - # digitalocean specifics - ++ optionals hasNetworkingConfig [ networkingConfigPath ]; + ]; networking.hostName = hostname; + # START OF DigitalOcean specifics + # FIXME: move this into a secret ? + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + nameservers = [ + "67.207.67.2" + "67.207.67.3" + ]; + defaultGateway = "188.166.64.1"; + defaultGateway6 = ""; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce true; + interfaces = { + eth0 = { + ipv4.addresses = [ + { address = "188.166.102.243"; prefixLength = 18; } + { address = "10.18.0.5"; prefixLength = 16; } + ]; + ipv6.addresses = [ + { address = "fe80::8035:3aff:fe72:1036"; prefixLength = 64; } + ]; + }; + + }; + }; + services.udev.extraRules = '' + ATTR{address}=="82:35:3a:72:10:36", NAME="eth0" + + ''; + # END OF DigitalOcean specifics + boot.loader.grub.device = "/dev/vda"; boot.loader.grub.enable = lib.mkForce true; boot.loader.systemd-boot.enable = lib.mkForce false; @@ -85,7 +113,6 @@ in profiles = { git.enable = true; ssh.enable = true; - syncthing.enable = true; wireguard.server.enable = true; }; @@ -118,6 +145,8 @@ in repo: https://git.sr.ht/~vdemeester/ram /sec: repo: https://git.sr.ht/~vdemeester/sec + /foo + repo: https://git.sr.ht/~vdemeester/foo ''; }; nginx = { @@ -191,6 +220,5 @@ in passwordAuthentication = false; permitRootLogin = "without-password"; }; - syncthing.guiAddress = "127.0.0.1:8384"; }; }