{ lib, config, pkgs, ... }: with lib; let admin = "niten@fudo.org"; local-domain = "sea.fudo.org"; gateway = "10.0.0.1"; nameservers = ["10.0.0.1"]; in { config = mkIf (config.fudo.common.site == "seattle") { time.timeZone = "America/Los_Angeles"; services.printing = { enable = true; }; services.cron = { mailto = admin; }; krb5.libdefaults.default_realm = "FUDO.ORG"; networking = { domain = local-domain; search = [local-domain "fudo.org"]; firewall.enable = false; nameservers = nameservers; # Don't set the gateway if we ARE the gateway. # This is the most generic way I can think of to do that. local-network is really # about running all the local servers (DNS, DHCP, and providing gateway). defaultGateway = optionalString (config.fudo.local-network.enable != true) gateway; enableIPv6 = true; # Necessary to make sure than Kerberos and Avahi both work (the former # needs the full reverse-lookup name of the server, the latter wants # `hostname` to return just the host itself. hosts = { "127.0.0.1" = [ "${config.networking.hostName}.${local-domain}" config.networking.hostName]; }; }; users.extraUsers = { guest = { isNormalUser = true; uid = 1000; description = "Guest User"; extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"]; }; ken = { isNormalUser = true; uid = 10035; createHome = true; description = "Ken Selby"; extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"]; group = "users"; home = "/home/selby/ken"; hashedPassword = "$6$EwK9fpbH8$gYVzYY1IYw2/G0wCeUxXrZZqvjWCkCZbBqCOhxowbMuYtC5G0vp.AoYhVKWOJcHJM2c7TdPmAdnhLIe2KYStf."; }; xiaoxuan = { isNormalUser = true; uid = 10065; createHome = true; description = "Xiaoxuan Jin"; extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"]; group = "users"; home = "/home/xiaoxuan"; hashedPassword = "$6$C8lYHrK7KvdKm/RE$cHZ2hg5gEOEjTV8Zoayik8sz5h.Vh0.ClCgOlQn8l/2Qx/qdxqZ7xCsAZ1GZ.IEyESfhJeJbjLpykXDwPpfVF0"; }; kevin = { isNormalUser = true; createHome = true; home = "/home/kevin"; hashedPassword = ""; }; }; fileSystems."/mnt/documents" = { device = "whitedwarf.${local-domain}:/volume1/Documents"; fsType = "nfs4"; }; fileSystems."/mnt/downloads" = { device = "whitedwarf.${local-domain}:/volume1/Downloads"; fsType = "nfs4"; }; fileSystems."/mnt/music" = { device = "doraemon.${local-domain}:/volume1/Music"; fsType = "nfs4"; }; fileSystems."/mnt/video" = { device = "doraemon.${local-domain}:/volume1/Video"; fsType = "nfs4"; }; # fileSystems."/mnt/security" = { # device = "panopticon.${local-domain}:/srv/kerberos/data"; # fsType = "nfs4"; # }; fileSystems."/mnt/cargo_video" = { device = "cargo.${local-domain}:/volume1/video"; fsType = "nfs4"; }; fileSystems."/mnt/photo" = { device = "cargo.${local-domain}:/volume1/pictures"; fsType = "nfs4"; }; fudo.common.domain = "sea.fudo.org"; fudo.local-network = { domain = "${local-domain}"; aliases = { kadmin = "slab"; kdc = "slab"; photo = "doraemon"; music = "doraemon"; panopticon = "hyperion"; ipfs = "nostromo"; hole = "nostromo"; pihole = "nostromo"; dns-hole = "nostromo"; mon-1 = "srv-1"; }; network = "10.0.0.0/16"; dhcp-dynamic-network = "10.0.1.0/24"; enable-reverse-mappings = true; srv-records = { tcp = { domain = [{ port = 53; host = "nostromo.sea.fudo.org"; }]; kerberos = [{ port = 88; host = "france.fudo.org"; }]; kerberos-adm = [{ port = 88; host = "france.fudo.org"; }]; ssh = [{ port = 22; host = "nostromo.sea.fudo.org"; }]; ldap = [{ port = 389; host = "france.fudo.org"; }]; }; udp = { domain = [{ port = 53; host = "nostromo.sea.fudo.org"; }]; kerberos = [{ port = 88; host = "france.fudo.org"; }]; kerboros-master = [{ port = 88; host = "france.fudo.org"; }]; kpasswd = [{ port = 464; host = "france.fudo.org"; }]; }; }; hosts = { nostromo = { ip-address = "10.0.0.1"; mac-address = "46:54:76:06:f1:10"; }; lm = { ip-address = "10.0.0.2"; mac-address = "00:23:7d:e6:d9:ea"; }; lambda = { ip-address = "10.0.0.3"; mac-address = "02:50:f6:52:9f:9d"; }; switch-master = { ip-address = "10.0.0.5"; mac-address = "00:14:1C:B6:BB:40"; }; google-wifi = { ip-address = "10.0.0.7"; mac-address = "7C:D9:5C:9F:6F:E9"; }; # lm = { # ip-address = "10.0.0.21"; # mac-address = "52:54:00:D8:34:92"; # }; cam-entrance = { ip-address = "10.0.0.31"; mac-address = "9c:8e:cd:0e:99:7b"; }; cam-driveway = { ip-address = "10.0.0.32"; mac-address = "9c:8e:cd:0d:3b:09"; }; cam-deck = { ip-address = "10.0.0.33"; mac-address = "9c:8e:cd:0e:98:c8"; }; cargo = { ip-address = "10.0.0.50"; mac-address = "00:11:32:75:d8:b7"; }; whitedwarf = { ip-address = "10.0.0.51"; mac-address = "00:11:32:12:14:1d"; }; doraemon = { ip-address = "10.0.0.52"; mac-address = "00:11:32:0a:06:c5"; }; android = { ip-address = "10.0.0.81"; mac-address = "00:16:3e:43:39:fc"; }; retro-wired = { ip-address = "10.0.0.82"; mac-address = "dc:a6:32:6b:57:43"; }; retro = { ip-address = "10.0.0.83"; mac-address = "dc:a6:32:6b:57:45"; }; monolith = { ip-address = "10.0.0.100"; mac-address = "6c:62:6d:c8:b0:d8"; }; taipan = { ip-address = "10.0.0.107"; mac-address = "52:54:00:34:c4:78"; }; spark = { ip-address = "10.0.0.108"; mac-address = "78:24:af:04:f7:dd"; }; hyperion = { ip-address = "10.0.0.109"; mac-address = "52:54:00:33:46:de"; }; zbox = { ip-address = "10.0.0.110"; mac-address = "02:dd:80:52:83:9b"; }; ubiquiti-wifi = { ip-address = "10.0.0.126"; mac-address = "04:18:d6:20:48:fb"; }; generator-wireless = { ip-address = "10.0.0.130"; mac-address = "B8:27:EB:A6:32:26"; }; brother-wireless = { ip-address = "10.0.0.160"; mac-address = "c0:38:96:64:49:65"; }; nest = { ip-address = "10.0.0.176"; mac-address = "18:b4:30:16:7c:5a"; }; xixi-phone = { ip-address = "10.0.0.193"; mac-address = "48:43:7c:75:89:42"; }; ipad = { ip-address = "10.0.0.202"; mac-address = "9c:35:eb:48:6e:71"; }; cam-front = { ip-address = "10.0.0.203"; mac-address = "c4:d6:55:3e:b4:c3"; }; family-tv = { ip-address = "10.0.0.205"; mac-address = "84:a4:66:3a:b1:f8"; }; babycam = { ip-address = "10.0.0.206"; mac-address = "08:ea:40:59:5f:9e"; }; workphone = { ip-address = "10.0.0.211"; mac-address = "a8:8e:24:5c:12:67"; }; chromecast-2 = { ip-address = "10.0.0.215"; mac-address = "a4:77:33:59:a2:ba"; }; front-light = { ip-address = "10.0.0.221"; mac-address = "94:10:3e:48:94:ed"; }; # Ceph network srv-1 = { ip-address = "10.0.10.1"; mac-address = "02:65:d7:00:7d:1b"; }; node-1 = { ip-address = "10.0.10.101"; mac-address = "00:1e:06:36:81:cf"; }; node-2 = { ip-address = "10.0.10.102"; mac-address = "00:1e:06:36:ec:3e"; }; node-3 = { ip-address = "10.0.10.103"; mac-address = "00:1e:06:36:ec:4b"; }; node-4 = { ip-address = "10.0.10.104"; mac-address = "00:1e:06:36:dd:8c"; }; }; }; }; }