define sketchy-router

2025-02-18 22:44:53 +01:00 · 2025-02-18 22:44:53 +01:00 · 95a89d01a5
commit 95a89d01a5
parent 9542266235
2 changed files with 37 additions and 0 deletions
--- a/systems/default.nix
+++ b/systems/default.nix
@ -40,6 +40,9 @@ in
  # prod hosts
  "auth-dns.noc.eh22.intern" = mkSystem "x86_64-linux" "auth-dns.noc.eh22.intern";

+  # staging temp infra
+  "sketchy-router.noc.eh22.intern" = mkSystem "x86_64-linux" "sketchy-router.noc.eh22.intern";
+
  # misc hosts
  "test.eh22.intern" = mkSystem "x86_64-linux" "test.eh22.intern";
  "installer" = mkSystem "x86_64-linux" "installer";
--- a/systems/sketchy-router.noc.eh22.intern.nix
+++ b/systems/sketchy-router.noc.eh22.intern.nix
@ -0,0 +1,34 @@
+{
+  pkgs,
+  ...
+}:
+{
+  imports = [ ];
+
+  boot.kernel.sysctl = {
+    "net.ipv4.ip_forward" = "1";
+    "net.ipv6.conf.all.forwarding" = "1";
+  };
+
+  networking.useDHCP = false;
+  networking.nftables.enable = true;
+  systemd.network = {
+    enable = true;
+    networks = {
+      "10-ethUpstream" = {
+        matchConfig.MACAddress = "BC:24:11:D2:69:8D";
+        address = [ "10.31.245.2/24" ];
+        gateway = [ "10.31.245.1" ];
+      };
+      "10-ethMgmt" = {
+        matchConfig.MACAddress = "BC:24:11:A3:38:4E";
+        address = [ "10.20.24.1/24" ];
+      };
+    };
+  };
+
+  # DO NOT CHANGE
+  # this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
+  home-manager.users.noc.home.stateVersion = "24.11";
+  system.stateVersion = "24.11";
+}