cleaned a bit

hosts/giupi/default.nix

@@ -16,22 +16,51 @@ in {
     ../../common.nix
     ../../users.nix
   ];
-    
-    variables.hostname = hostname;
 
-    # Set your time zone.
+  boot = {
-    time.timeZone = "Europe/Rome";
+    kernelParams = ["ip=${lan_address}::10.0.0.1:255.255.255.0::enp5s0:off"];
 
-    networking = {
+    initrd = {
-      hostName = hostname;
+      availableKernelModules = ["igc" "r8169"];
-      useDHCP = false;
+      network = {
-      interfaces = {
+        enable = true;
-        enp5s0.ipv4.addresses = [{ address = lan_address; prefixLength = 24; }];
+        ssh = {
-        enp6s0.useDHCP = false;
+          enable = true;
-        wlp4s0.useDHCP = false;
+          port = 2222; 
+          hostKeys = [/boot/host_ecdsa_key];
+          authorizedKeys = pubkeys;
+        };
+
+        postCommands = ''
+            echo "zfs load-key -a; killall zfs" >> /root/.profile
+        '';
       };
-      defaultGateway = "10.0.0.1";
+    };
-      extraHosts = ''
+
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+
+    supportedFilesystems = ["zfs"];          
+    zfs.requestEncryptionCredentials = true; 
+  };
+
+  variables.hostname = hostname;
+
+  time.timeZone = "Europe/Rome";
+
+  networking = {
+    hostName = hostname;
+    hostId = "49350853";
+    useDHCP = false;
+    interfaces = {
+      enp5s0.ipv4.addresses = [{ address = lan_address; prefixLength = 24; }];
+      enp6s0.useDHCP = false;
+      wlp4s0.useDHCP = false;
+    };
+    defaultGateway = "10.0.0.1";
+    extraHosts = ''
         127.0.0.1	${hostname}.devs.giugl.io jf.giugl.io yt.giugl.io s3.giugl.io synclounge.giugl.io giugl.io htson.giugl.io htrad.giugl.io htnzb.giugl.io httra.giugl.io giupyter.giugl.io irc.giugl.io localhost
 
 # LAN
@@ -83,92 +112,62 @@ ${lan_address}	${hostname}.devs.giugl.io giugl.io jf.giugl.io yt.giugl.io s3.giu
         ::1     localhost ip6-localhost ip6-loopback
         ff02::1 ip6-allnodes
         ff02::2 ip6-allrouters
+    '';
+  };
+
+  environment.systemPackages = with pkgs; 
+  [
+    neovim
+    docker
+    htop
+    glances
+    git
+    home-manager
+    openiscsi
+    wireguard
+    dnscrypt-proxy2
+    restic
+  ];
+
+
+  services = {
+    zfs.autoScrub.enable = true;
+    xserver.videoDrivers = [ "nvidia" ];
+
+    dnsmasq = {
+      enable = true;
+      servers = ["127.0.0.1#5353"];
+      extraConfig = ''
+            localise-queries
       '';
     };
 
-    boot = {
+    dnscrypt-proxy2 = {
-      kernelParams = ["ip=${lan_address}::10.0.0.1:255.255.255.0::enp5s0:off"];
+      enable = true;
-
+      settings = {
-      initrd = {
+        listen_addresses = ["127.0.0.1:5353"];
-        availableKernelModules = ["igc" "r8169"];
+        ipv4_servers = true;
-        network = {
+        ipv6_servers = false;
-          enable = true;
+        dnscrypt_servers = true;
-          ssh = {
+        doh_servers = true;
-            enable = true;
+        require_nolog = true;
-            port = 2222; 
+        require_nofilter = true;
-            hostKeys = [/boot/host_ecdsa_key];
+        timeout = 350;
-            authorizedKeys = pubkeys;
+        lb_strategy = "p4";
-          };
+        lb_estimator = true;
-
+        ignore_system_dns = true;
-          postCommands = ''
+        fallback_resolvers = ["1.1.1.1:53" "9.9.9.9:53"];
-            echo "zfs load-key -a; killall zfs" >> /root/.profile
-          '';
-        };
-      };
-
-      loader = {
-        systemd-boot.enable = true;
-        efi.canTouchEfiVariables = true;
-      };
-
-      supportedFilesystems = ["zfs"];          
-      zfs.requestEncryptionCredentials = true; 
-    };
-
-    networking.hostId = "49350853";
-    environment.systemPackages = with pkgs; 
-    [
-      neovim
-      docker
-      htop
-      glances
-      git
-      home-manager
-      openiscsi
-      wireguard
-      dnscrypt-proxy2
-      restic
-    ];
-
-
-    services = {
-      zfs.autoScrub.enable = true;
-      xserver.videoDrivers = [ "nvidia" ];
-
-      dnsmasq = {
-        enable = true;
-        servers = ["127.0.0.1#5353"];
-        extraConfig = ''
-            localise-queries
-        '';
-      };
-
-      dnscrypt-proxy2 = {
-        enable = true;
-        settings = {
-          listen_addresses = ["127.0.0.1:5353"];
-          ipv4_servers = true;
-          ipv6_servers = false;
-          dnscrypt_servers = true;
-          doh_servers = true;
-          require_nolog = true;
-          require_nofilter = true;
-          timeout = 350;
-          lb_strategy = "p4";
-          lb_estimator = true;
-          ignore_system_dns = true;
-          fallback_resolvers = ["1.1.1.1:53" "9.9.9.9:53"];
-        };
-      };
-
-      openssh = {
-        enable = true;
-        passwordAuthentication = false;
       };
     };
 
-    system.stateVersion = "21.05"; # Did you read the comment?
+    openssh = {
+      enable = true;
+      passwordAuthentication = false;
+    };
+  };
 
-    users.users.giulio.openssh.authorizedKeys.keys = pubkeys;
+  system.stateVersion = "21.05"; # Did you read the comment?
-  }
+
+  users.users.giulio.openssh.authorizedKeys.keys = pubkeys;
+}