architect: Use networking options

2023-05-12 13:48:45 +02:00 · 2023-05-12 13:48:45 +02:00 · 3a4d4e9c4f
commit 3a4d4e9c4f
parent 65c76f5a6a
1 changed files with 33 additions and 26 deletions
--- a/hosts/architect/default.nix
+++ b/hosts/architect/default.nix
@ -1,11 +1,13 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:

 let
  pubkeys = [
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1we38/N+t8Ah5yrLof8QUwhrob7/VXFKIddaJeOVBLuDVnW7ljiAtdtEiL69D/DV4Ohmt5wMvkAAjfuHmim6FD9A6lzPbSU4KH9W2dcckszKbbI636kuDwem/xui6BW3wJa6P+0xW5ksygEAkzcK2PXuC2b4B9uwhuUdKahiGMKDxISG/WianqAe72cGMfNkYvion3Y1VsMLUdm48d2ABnxNpr7NI9B5iJ8dziOft9gpgfz13CCQRlReo75gk/4xI+vSNrQp7eR+wzJy2/dZg/T8jtyA9Q6jVxrxBpqQ1LNXkAKaJkGo9OabF6Wgpzp+YTAurL4nwR2NaJxwFuyoKvACQy0ai4jrS3206gC6JXZv8ktZMZrwUN+jPqCwfgh5qObFkAqKCxbp52ioDek2MQLdOvzQBX//DBhGEp5rzHGLZ3vhRIiiQiaof5sF5zWiYDW5mqezSPNxJPX/BrTP/Wbs/jpwTLBh3wytiia0S1WXQmya89bqzTPFiDWvTRA62EVKB/JaQtPQQOFAxWwg799DMycPeZ81xttZOyMtI/MZSddyqx2S8fWGwvToZQvuZ38mSIpFseLM1IkgabRIrAmat5SBNGGy9Dqa0eMEa7bwIY/4CMB1y6HMTnaoMXA6cnQfHMoB/zyTZ6oTXIeqeOyiZsK+RN0Mvahj8mXi7dw== giulio@giulio-X230"
  ];
-  hostname = "architect";
-  network = import ./network.nix;
+  domain = "devs.giugl.io";
+  # device.address device.hostname
+  generateDeviceStrings = devices: lib.concatStringsSep "\n"
+    (lib.mapAttrsToList (name: device: "${device.address} ${device.hostname}") devices);
 in
 {
  imports = [
@ -44,6 +46,25 @@ in
    ./headscale.nix
  ];

+  architect = {
+    networks.lan = {
+      interface = "enp5s0";
+      net = "10.0.0.0/24";
+      devices = {
+        vodafoneStation = { address = "192.168.1.1"; hostname = "vodafone.station"; };
+
+        architect = { address = "10.0.0.250"; hostname = "architect.${domain}"; };
+        router = { address = "10.0.0.1"; hostname = "router.${domain}"; };
+        dvr = { address = "10.0.0.3"; hostname = "dvr.${domain}"; };
+      };
+    };
+
+    firewall = {
+      openTCP = [ 22 ];
+      openTCPVPN = [ 22 ];
+    };
+  };
+
  time.timeZone = "Europe/Rome";
  users.users.giulio.openssh.authorizedKeys.keys = pubkeys;
  boot = {
@ -60,8 +81,8 @@ in
      };
    };

-    kernelParams = [
-      "ip=${network.architect-lan}::10.0.0.1:255.255.255.0::${network.wan-if}:off"
+    kernelParams = with config.architect.networks.lan; [
+      "ip=${devices.architect.address}::${devices.router.address}:255.255.255.0::${interface}:off"
      "nvme_core.default_ps_max_latency_us=5500"
      "zfs_arc_max=1073741824"
      "memmap=32M$0x4ca6f9478"
@ -82,30 +103,20 @@ in
    tmpOnTmpfsSize = "50%";
  };

-  networking = {
-    hostName = hostname;
+  networking = with config.architect.networks.lan; {
+    hostName = "architect";
    hostId = "49350853";
    useDHCP = false;
-    defaultGateway = "10.0.0.1";
+    defaultGateway = devices.router.address;
    interfaces = {
-      enp5s0.ipv4.addresses = [{
-        address = network.architect-lan;
+      ${interface}.ipv4.addresses = [{
+        address = devices.architect.address;
        prefixLength = 24;
      }];
      enp6s0.useDHCP = false;
      wlp4s0.useDHCP = false;
    };
-    extraHosts = ''
-      127.0.0.1      ${hostname}.devs.giugl.io localhost
-
-      # LAN
-      ${network.architect-lan} ${hostname}.devs.giugl.io
-
-      ${network.dvr-lan}      dvr.devs.giugl.io
-      ${network.nas-lan}      nas.devs.giugl.io
-      ${network.router-lan}   router-manduria.devs.giugl.io
-      192.168.1.1           vodafone.station
-      
+    extraHosts = (generateDeviceStrings config.architect.networks.lan.devices) + ''
      # Blacklist
      0.0.0.0                metrics.plex.tv
      0.0.0.0                analytics.plex.tv
@ -132,11 +143,6 @@ in
    driSupport = true;
  };

-  architect.firewall = {
-    openTCP = [ 22 ];
-    openTCPVPN = [ 22 ];
-  };
-
  services = {
    fwupd.enable = true;
    das_watchdog.enable = true;
@ -158,3 +164,4 @@ in
    systemPackages = with pkgs; [ cachix ];
  };
 }
+