ctucx.git: nixfiles

ctucx' nixfiles

commit fe1236d80594d57c09701d5d0b4da3e6e57aef3e
parent 738639a4a70cc27616a6ba766c02d6ff1f8facf0
Author: Leah (ctucx) <git@ctu.cx>
Date: Thu, 28 Dec 2023 16:19:28 +0100

machines: cleanup

5 files changed, 12 insertions(+), 36 deletions(-)
M
machines/briefkasten/configuration.nix
|
18
++++++++----------
M
machines/trabbi/configuration.nix
|
8
++------
M
machines/trabbi/hardware-configuration.nix
|
7
-------
M
machines/wanderduene/configuration.nix
|
8
++------
M
machines/wanderduene/hardware-configuration.nix
|
7
-------
diff --git a/machines/briefkasten/configuration.nix b/machines/briefkasten/configuration.nix
@@ -25,14 +25,8 @@
     ./websites
   ];
 
-  networking.usePBBUplink = true;
-  networking.primaryIP    = "2a0f:4ac0:acab::45";
-  networking.primaryIP4   = "195.39.246.45";
-  networking.secondaryIP4 = "10.0.0.45";
-
   dns.zones."ctu.cx".subdomains."${config.networking.hostName}.home"  = lib.mkIf config.networking.usePBBUplink (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
   dns.zones."ctu.cx".subdomains."${config.networking.hostName}".CNAME = lib.mkIf config.networking.usePBBUplink [ "${config.networking.hostName}.home" ];
-  dns.zones."ctu.cx".subdomains."legacy.home".CNAME                   = lib.mkIf config.networking.usePBBUplink [ "${config.networking.hostName}.home" ];
   dns.zones."ctu.cx".subdomains."home".CNAME                          = lib.mkIf config.networking.usePBBUplink [ "${config.networking.hostName}.home" ];
 
   age.secrets = {

@@ -103,10 +97,15 @@
   '';
 
   networking = {
-    domain      = "home.ctu.cx";
+    usePBBUplink = true;
+
+    primaryIP    = "2a0f:4ac0:acab::45";
+    primaryIP4   = "195.39.246.45";
+    secondaryIP4 = "10.0.0.45";
+
+    domain       = "home.ctu.cx";
 
-    useDHCP     = false;
-    nameservers = [ "195.39.246.41" "2a0f:4ac0:acab::1" ];
+    nameservers  = [ "195.39.246.41" "2a0f:4ac0:acab::1" ];
 
     defaultGateway  = "195.39.246.41";
     defaultGateway6 = lib.mkIf config.networking.usePBBUplink{

@@ -153,7 +152,6 @@
       };
     };
 
-    firewall.enable = true;
     firewall.allowedTCPPorts = [ 5201 ];
     firewall.allowedUDPPorts = [ 5201 51820 ];
     firewall.extraCommands = ''

diff --git a/machines/trabbi/configuration.nix b/machines/trabbi/configuration.nix
@@ -31,9 +31,6 @@
     ./travelynx2fedi.nix
   ];
 
-  networking.primaryIP    = "2a0a:4cc0:1:2d7::1";
-  networking.primaryIP4   = "89.58.62.171";
-
   dns.zones."ctu.cx".subdomains."${config.networking.hostName}" = (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
 
   age.secrets.restic-server-briefkasten.file = ../../secrets/restic-server/briefkasten.age;

@@ -67,8 +64,8 @@
   };
 
   networking = {
-    useDHCP     = false;
-    nameservers = [ "8.8.8.8" ];
+    primaryIP    = "2a0a:4cc0:1:2d7::1";
+    primaryIP4   = "89.58.62.171";
 
     defaultGateway  = "89.58.60.1";
     defaultGateway6 = {

@@ -88,7 +85,6 @@
     };
 
     nftables.enable = true;
-    firewall.enable = true;
   };
 
   services.email-notify.enable = true;

diff --git a/machines/trabbi/hardware-configuration.nix b/machines/trabbi/hardware-configuration.nix
@@ -27,12 +27,5 @@
 
   swapDevices = [ ];
 
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
-
   hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

diff --git a/machines/wanderduene/configuration.nix b/machines/wanderduene/configuration.nix
@@ -21,9 +21,6 @@
     ./reverse-proxy-briefkasten.nix
   ] else [ ]);
 
-  networking.primaryIP    = "2a03:4000:66:f61::1";
-  networking.primaryIP4   = "89.58.41.187";
-
   dns.zones."ctu.cx".subdomains."${config.networking.hostName}" = (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
 
   age.secrets.wireguard-privkey.file = ../../secrets/wanderduene/wireguard-privkey.age;

@@ -55,8 +52,8 @@
   };
 
   networking = {
-    useDHCP     = false;
-    nameservers = [ "8.8.8.8" ];
+    primaryIP    = "2a03:4000:66:f61::1";
+    primaryIP4   = "89.58.41.187";
 
     defaultGateway  = "89.58.40.1";
     defaultGateway6 = {

@@ -129,7 +126,6 @@
 
     };
 
-    firewall.enable = true;
     firewall.allowedTCPPorts = [ 5201 2201 2202 2203 ];
     firewall.allowedUDPPorts = [ 5201 51820 51821 51822 ];
     firewall.extraCommands = ''

diff --git a/machines/wanderduene/hardware-configuration.nix b/machines/wanderduene/hardware-configuration.nix
@@ -27,12 +27,5 @@
 
   swapDevices = [ ];
 
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
-
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 } 
\ No newline at end of file