Fork: 0
Skyworks / skyworks-Nix-infra
Transfer to URL with SHA Find file
Newer
Older
skyworks-Nix-infra / hosts / xlab-gateway / default.nix
@physicsdolphin physicsdolphin 11 days ago 1 KB agenix?
Raw Blame History 
# xlab-gateway - Lab Gateway / Router
# TODO: Migrate from Debian 12 to NixOS
# Current services: Kea DHCP4/6, DDNS, radvd, WireGuard, NAT, policy routing
{ config, pkgs, lib, inputs ... }:

{
  imports = [
    inputs.agenix.nixosModules.default
    ./hardware-configuration.nix
    ./networking.nix
    ./dhcp.nix
  ];

  age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];

  networking.hostName = "xlab-gateway";

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
    kernel.sysctl = {
      "net.ipv4.ip_forward" = 1;
      "net.ipv6.conf.all.forwarding" = 1;
    };
  };

  # Gateway doesn't need to block boot waiting for all interfaces
  systemd.network.wait-online.enable = false;

  users.users.ldx = {
    extraGroups = [ "networkmanager" ];
    hashedPassword = "$y$j9T$R0XBoDSGk700h7UdglfaJ1$mjRwpJir/Tno1.fCbjet0cp/JPb1DW.JILvmE5.NJuD";
  };
  
  users.users."ye-lw21" = {
    extraGroups = [ "networkmanager" ];
    hashedPassword = "$y$j9T$jiLKGLB/gJKEYYn2zaoUw/$9mfwEUo5z2sH9OXwioLnbAVpCMOg2lUpA3ph9Vqx228";
  };

  environment.systemPackages = with pkgs; [
    wireguard-tools
    iperf3
    ethtool
    tcpdump
    nftables
    iproute2
    glances
    smartmontools
  ];

  services.smartd = {
    enable = true;
    autodetect = true;
  };

  system.stateVersion = "25.11";
}