46 lines
917 B
Nix
46 lines
917 B
Nix
|
{
|
||
|
imports = [
|
||
|
./hardware-configuration.nix
|
||
|
./disko.nix
|
||
|
];
|
||
|
|
||
|
# Intel's special encrypted memory<->CPU feature. Hetzner's BIOS
|
||
|
# disables it by default.
|
||
|
#
|
||
|
# TODO(tlater): See if would be useful for anything?
|
||
|
boot.kernelParams = [ "nosgx" ];
|
||
|
|
||
|
networking.hostName = "hetzner-1";
|
||
|
services.nginx.domain = "tlater.net";
|
||
|
|
||
|
systemd.network.networks."eth0" = {
|
||
|
matchConfig.MACAddress = "90:1b:0e:c1:8c:62";
|
||
|
|
||
|
addresses = [
|
||
|
# IPv4
|
||
|
{
|
||
|
addressConfig = {
|
||
|
Address = "116.202.158.55/32";
|
||
|
Peer = "116.202.158.1/32"; # Gateway
|
||
|
};
|
||
|
}
|
||
|
# IPv6
|
||
|
{ addressConfig.Address = "2a01:4f8:10b:3c85::2/64"; }
|
||
|
];
|
||
|
|
||
|
networkConfig = {
|
||
|
Gateway = [
|
||
|
"116.202.158.1"
|
||
|
"fe80::1"
|
||
|
];
|
||
|
|
||
|
DNS = [
|
||
|
"185.12.64.1"
|
||
|
"185.12.64.2"
|
||
|
"2a01:4ff:ff00::add:1"
|
||
|
"2a01:4ff:ff00::add:2"
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
}
|