From acd7cc802b2a3cfd19c97df53c22cccb4a99b8a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= <tm@tlater.net>
Date: Sun, 23 Apr 2023 15:46:38 +0100
Subject: [PATCH] networking: Set up static IP address

---
 configuration/default.nix                     |  6 ++-
 .../hardware-specific/linode/default.nix      | 38 +++++++++++++++++++
 configuration/hardware-specific/vm.nix        |  5 +++
 3 files changed, 47 insertions(+), 2 deletions(-)

diff --git a/configuration/default.nix b/configuration/default.nix
index 2a4ce63..f69ec09 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -15,9 +15,11 @@
     (import ../modules)
 
     ./services/conduit.nix
+    ./services/foundryvtt.nix
     ./services/gitea.nix
     ./services/nextcloud.nix
     ./services/webserver.nix
+    ./services/wireguard.nix
     ./services/starbound.nix
     ./services/postgres.nix
     ./sops.nix
@@ -51,10 +53,8 @@
 
   networking = {
     hostName = "tlaternet";
-
     usePredictableInterfaceNames = false;
     useDHCP = false;
-    interfaces.eth0.useDHCP = true;
 
     firewall = {
       allowedTCPPorts = [
@@ -95,6 +95,8 @@
     };
   };
 
+  systemd.network.enable = true;
+
   time.timeZone = "Europe/London";
 
   users.users.tlater = {
diff --git a/configuration/hardware-specific/linode/default.nix b/configuration/hardware-specific/linode/default.nix
index 3cd3570..b05fade 100644
--- a/configuration/hardware-specific/linode/default.nix
+++ b/configuration/hardware-specific/linode/default.nix
@@ -19,4 +19,42 @@
       '';
     };
   };
+
+  systemd.network.networks."10-eth0" = {
+    matchConfig.Name = "eth0";
+
+    networkConfig = {
+      DHCP = "no";
+
+      Address = "178.79.137.55/24";
+      Gateway = "178.79.137.1";
+
+      Domains = "ip.linodeusercontent.com";
+      DNS = [
+        "178.79.182.5"
+        "176.58.107.5"
+        "176.58.116.5"
+        "176.58.121.5"
+        "151.236.220.5"
+        "212.71.252.5"
+        "212.71.253.5"
+        "109.74.192.20"
+        "109.74.193.20"
+        "109.74.194.20"
+        "2a01:7e00::9"
+        "2a01:7e00::3"
+        "2a01:7e00::c"
+        "2a01:7e00::5"
+        "2a01:7e00::6"
+        "2a01:7e00::8"
+        "2a01:7e00::b"
+        "2a01:7e00::4"
+        "2a01:7e00::7"
+        "2a01:7e00::2"
+      ];
+
+      IPv6PrivacyExtensions = "no";
+      IPv6AcceptRA = "yes";
+    };
+  };
 }
diff --git a/configuration/hardware-specific/vm.nix b/configuration/hardware-specific/vm.nix
index aed39e4..8c93f30 100644
--- a/configuration/hardware-specific/vm.nix
+++ b/configuration/hardware-specific/vm.nix
@@ -11,6 +11,11 @@
   # Use the staging secrets
   sops.defaultSopsFile = lib.mkOverride 99 ../../keys/staging.yaml;
 
+  systemd.network.networks."10-eth0" = {
+    matchConfig.Name = "eth0";
+    networkConfig.DHCP = "yes";
+  };
+
   # # Set up VM settings to match real VPS
   # virtualisation.memorySize = 3941;
   # virtualisation.cores = 2;