{ config, lib, pkgs, ... }: with lib; let admin = "admin@fudo.org"; local-domain = "rus.selby.ca"; gateway = "10.0.0.1"; nameservers = [ "10.0.0.1" ]; hostname = config.networking.hostName; in { config = mkIf (config.fudo.common.site == "russell") { time.timeZone = "America/Winnipeg"; services.cron = { mailto = admin; }; networking = { domain = "rus.selby.ca"; search = [local-domain "fudo.org" "selby.ca"]; nameservers = nameservers; # Don't set the gateway if we ARE the gateway. # This is the most generic way I can think of to do that. local-network is really # about running all the local servers (DNS, DHCP, and providing gateway). defaultGateway = optionalString (config.fudo.local-network.enable != true) gateway; enableIPv6 = true; # Necessary to make sure than Kerberos and Avahi both work (the former # needs the full reverse-lookup name of the server, the latter wants # `hostname` to return just the host itself. hosts = { "127.0.0.1" = [ "${config.networking.hostName}.${local-domain}" config.networking.hostName ]; }; }; krb5.libdefaults.default_realm = "FUDO.ORG"; users.extraUsers = { guest = { isNormalUser = true; uid = 1000; description = "Guest User"; extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"]; }; ken = { isNormalUser = true; uid = 10035; createHome = true; description = "Ken Selby"; extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"]; group = "users"; home = "/home/selby/ken"; hashedPassword = "$6$EwK9fpbH8$gYVzYY1IYw2/G0wCeUxXrZZqvjWCkCZbBqCOhxowbMuYtC5G0vp.AoYhVKWOJcHJM2c7TdPmAdnhLIe2KYStf."; }; xiaoxuan = { isNormalUser = true; uid = 10065; createHome = true; description = "Xiaoxuan Jin"; extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"]; group = "users"; home = "/home/xiaoxuan"; hashedPassword = "$6$C8lYHrK7KvdKm/RE$cHZ2hg5gEOEjTV8Zoayik8sz5h.Vh0.ClCgOlQn8l/2Qx/qdxqZ7xCsAZ1GZ.IEyESfhJeJbjLpykXDwPpfVF0"; }; }; fudo.common.domain = "sea.fudo.org"; fudo.local-network = { domain = "${local-domain}"; network = "10.0.0.0/16"; dhcp-dynamic-network = "10.0.1.0/24"; enable-reverse-mappings = true; srv-records = { tcp = { domain = [{ port = 53; host = "clunk.${local-domain}"; }]; kerberos = [{ port = 88; host = "france.fudo.org"; }]; kerberos-adm = [{ port = 88; host = "france.fudo.org"; }]; ssh = [{ port = 22; host = "clunk.${local-domain}"; }]; }; udp = { domain = [{ port = 53; host = "clunk.${local-domain}"; }]; kerberos = [{ port = 88; host = "france.fudo.org"; }]; kerboros-master = [{ port = 88; host = "france.fudo.org"; }]; kpasswd = [{ port = 464; host = "france.fudo.org"; }]; }; }; aliases = { dns-hole = "clunk"; }; hosts = { clunk = { ip-address = "10.0.0.1"; mac-address = "02:44:d1:eb:c3:6b"; }; dns-proxy = { ip-address = "10.0.0.2"; # This is just an alias for clunk's primary interface }; google-wifi = { ip-address = "10.0.0.11"; mac-address = "70:3a:cb:c0:3b:09"; }; pselby-work = { ip-address = "10.0.0.151"; mac-address = "00:50:b6:aa:bd:b3"; }; downstairs-desktop = { ip-address = "10.0.0.100"; mac-address = "90:b1:1c:8e:29:cf"; }; upstairs-desktop = { ip-address = "10.0.0.101"; mac-address = "00:21:70:70:25:7d"; }; }; }; }; }