hetzner: Add new server config

2024-03-02 02:27:24 +01:00 · 2024-03-02 02:27:24 +01:00 · ddda6f534b
commit ddda6f534b
parent 54e0826860
11 changed files with 373 additions and 337 deletions
--- a/configuration/hardware-specific/hetzner/default.nix
+++ b/configuration/hardware-specific/hetzner/default.nix
@ -0,0 +1,47 @@
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./disko.nix
+  ];
+
+  # Intel's special encrypted memory<->CPU feature. Hetzner's BIOS
+  # disables it by default.
+  #
+  # TODO(tlater): See if would be useful for anything?
+  boot.kernelParams = ["nosgx"];
+
+  networking.hostName = "hetzner-1";
+  services.nginx.domain = "tlater.net";
+
+  systemd.network.networks."eth0" = {
+    matchConfig.MACAddress = "90:1b:0e:c1:8c:62";
+
+    addresses = [
+      # IPv4
+      {
+        addressConfig = {
+          Address = "116.202.158.55/32";
+          Peer = "116.202.158.1/32"; # Gateway
+        };
+      }
+      # IPv6
+      {
+        addressConfig.Address = "2a01:4f8:10b:3c85::2/64";
+      }
+    ];
+
+    networkConfig = {
+      Gateway = [
+        "116.202.158.1"
+        "fe80::1"
+      ];
+
+      DNS = [
+        "185.12.64.1"
+        "185.12.64.2"
+        "2a01:4ff:ff00::add:1"
+        "2a01:4ff:ff00::add:2"
+      ];
+    };
+  };
+}