diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2024-02-03 16:25:15 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2024-02-03 16:26:20 +0530 |
| commit | 9ec2a403905b34d872f332cc7fb0aec305faa5f2 (patch) | |
| tree | b13c827486cceaaad5c9f630ba492df711c0e4d6 | |
| parent | 45f07b6392cfba92912e7488749523b91c764f4f (diff) | |
hosts/lia: init
| -rw-r--r-- | flake.nix | 2 | ||||
| -rw-r--r-- | hosts/lia/configuration.nix | 11 | ||||
| -rw-r--r-- | hosts/lia/hardware-configuration.nix | 29 | ||||
| -rw-r--r-- | hosts/lia/modules/network/default.nix | 19 | ||||
| -rw-r--r-- | hosts/lia/modules/network/router.nix | 47 | ||||
| -rw-r--r-- | hosts/lia/modules/users.nix | 5 |
6 files changed, 112 insertions, 1 deletions
@@ -26,6 +26,6 @@ ); in { - nixosConfigurations = makeX86 [ "cez" "kay" "fscusat" "dspace" ]; + nixosConfigurations = makeX86 [ "cez" "kay" "lia" "fscusat" "dspace" ]; }; } diff --git a/hosts/lia/configuration.nix b/hosts/lia/configuration.nix new file mode 100644 index 0000000..1b5a926 --- /dev/null +++ b/hosts/lia/configuration.nix @@ -0,0 +1,11 @@ +{ ... }: + +{ + imports = [ + ./hardware-configuration.nix + ../../common.nix + ./modules/network + ./modules/users.nix + ]; +} + diff --git a/hosts/lia/hardware-configuration.nix b/hosts/lia/hardware-configuration.nix new file mode 100644 index 0000000..6f4c6a4 --- /dev/null +++ b/hosts/lia/hardware-configuration.nix @@ -0,0 +1,29 @@ +{ modulesPath, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot = { + loader.grub = { + enable = true; + device = "/dev/sda"; + }; + + kernelModules = [ "kvm-intel" ]; + initrd.availableKernelModules = [ + "uhci_hcd" + "ehci_pci" + "ata_piix" + "hpsa" + "usb_storage" + "usbhid" + "sd_mod" + "sr_mod" + ]; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/99fc38a8-9003-4ae2-98f4-e08afd9b4114"; + fsType = "ext4"; + }; +} diff --git a/hosts/lia/modules/network/default.nix b/hosts/lia/modules/network/default.nix new file mode 100644 index 0000000..927b2b5 --- /dev/null +++ b/hosts/lia/modules/network/default.nix @@ -0,0 +1,19 @@ +{ ... }: let + wan = "enp4s0f2"; +in +{ + imports = [ + ./router.nix + ]; + + networking = { + interfaces.${wan}.ipv4.addresses = [{ + address = "172.16.148.20"; + prefixLength = 22; + }]; + defaultGateway = { + address = "172.16.148.1"; + interface = wan; + }; + }; +} diff --git a/hosts/lia/modules/network/router.nix b/hosts/lia/modules/network/router.nix new file mode 100644 index 0000000..a6aef80 --- /dev/null +++ b/hosts/lia/modules/network/router.nix @@ -0,0 +1,47 @@ +{ ... }: let + wanInterface = "enp4s0f2"; + lanInterfaces = [ "enp4s0f1" "enp4s0f3" ]; + + prefix = 24; + subnet = "192.168.1.0"; + host = "192.168.1.1"; + + leaseRangeStart = "192.168.1.100"; + leaseRangeEnd = "192.168.1.254"; + nameServer = [ "10.0.0.2" "10.0.0.3" ]; +in +{ + networking = { + bridges."lan".interfaces = lanInterfaces; + + nat = { + enable = true; + externalInterface = wanInterface; + internalInterfaces = [ "lan" ]; + }; + + interfaces.lan = { + ipv4.addresses = [{ + address = host; + prefixLength = prefix; + }]; + }; + + firewall = { + allowedUDPPorts = [ 53 67 ]; + allowedTCPPorts = [ 53 ]; + extraCommands = + "iptables -t nat -I POSTROUTING 1 -s ${subnet}/${toString prefix} -o ${wanInterface} -j MASQUERADE"; + }; + }; + + services.dnsmasq = { + enable = true; + + settings = { + server = nameServer; + dhcp-range = [ "${leaseRangeStart},${leaseRangeEnd}" ]; + interface = [ "lan" ]; + }; + }; +} diff --git a/hosts/lia/modules/users.nix b/hosts/lia/modules/users.nix new file mode 100644 index 0000000..0161e0b --- /dev/null +++ b/hosts/lia/modules/users.nix @@ -0,0 +1,5 @@ +{ ... }: { + users.users."rohit" = { + isNormalUser = true; + }; +} |