48 lines
931 B
Nix
48 lines
931 B
Nix
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
./disko.nix
|
|
];
|
|
|
|
# Intel's special encrypted memory<->CPU feature. Hetzner's BIOS
|
|
# disables it by default.
|
|
#
|
|
# TODO(tlater): See if would be useful for anything?
|
|
boot.kernelParams = [ "nosgx" ];
|
|
|
|
networking.hostName = "hetzner-1";
|
|
services.nginx.domain = "tlater.net";
|
|
|
|
systemd.network.networks."eth0" = {
|
|
matchConfig.MACAddress = "90:1b:0e:c1:8c:62";
|
|
|
|
addresses = [
|
|
# IPv4
|
|
{
|
|
addressConfig = {
|
|
Address = "116.202.158.55/32";
|
|
Peer = "116.202.158.1/32"; # Gateway
|
|
};
|
|
}
|
|
# IPv6
|
|
{
|
|
addressConfig.Address = "2a01:4f8:10b:3c85::2/64";
|
|
}
|
|
];
|
|
|
|
networkConfig = {
|
|
Gateway = [
|
|
"116.202.158.1"
|
|
"fe80::1"
|
|
];
|
|
|
|
DNS = [
|
|
"185.12.64.1"
|
|
"185.12.64.2"
|
|
"2a01:4ff:ff00::add:1"
|
|
"2a01:4ff:ff00::add:2"
|
|
];
|
|
};
|
|
};
|
|
}
|