167 lines
4.1 KiB
Nix
167 lines
4.1 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
let
|
|
admin = "admin@fudo.org";
|
|
|
|
local-domain = "rus.selby.ca";
|
|
|
|
gateway = "10.0.0.1";
|
|
|
|
nameservers = [ "10.0.0.1" ];
|
|
|
|
hostname = config.networking.hostName;
|
|
|
|
in {
|
|
config = mkIf (config.fudo.common.site == "russell") {
|
|
time.timeZone = "America/Winnipeg";
|
|
|
|
services.cron = {
|
|
mailto = admin;
|
|
};
|
|
|
|
networking = {
|
|
domain = "rus.selby.ca";
|
|
search = [local-domain "fudo.org" "selby.ca"];
|
|
nameservers = nameservers;
|
|
|
|
# Don't set the gateway if we ARE the gateway.
|
|
# This is the most generic way I can think of to do that. local-network is really
|
|
# about running all the local servers (DNS, DHCP, and providing gateway).
|
|
defaultGateway = optionalString (config.fudo.local-network.enable != true) gateway;
|
|
|
|
enableIPv6 = true;
|
|
|
|
|
|
# Necessary to make sure than Kerberos and Avahi both work (the former
|
|
# needs the full reverse-lookup name of the server, the latter wants
|
|
# `hostname` to return just the host itself.
|
|
hosts = {
|
|
"127.0.0.1" = [
|
|
"${config.networking.hostName}.${local-domain}"
|
|
config.networking.hostName
|
|
];
|
|
};
|
|
};
|
|
|
|
krb5.libdefaults.default_realm = "FUDO.ORG";
|
|
|
|
users.extraUsers = {
|
|
guest = {
|
|
isNormalUser = true;
|
|
uid = 1000;
|
|
description = "Guest User";
|
|
extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"];
|
|
};
|
|
ken = {
|
|
isNormalUser = true;
|
|
uid = 10035;
|
|
createHome = true;
|
|
description = "Ken Selby";
|
|
extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"];
|
|
group = "users";
|
|
home = "/home/selby/ken";
|
|
hashedPassword = "$6$EwK9fpbH8$gYVzYY1IYw2/G0wCeUxXrZZqvjWCkCZbBqCOhxowbMuYtC5G0vp.AoYhVKWOJcHJM2c7TdPmAdnhLIe2KYStf.";
|
|
};
|
|
xiaoxuan = {
|
|
isNormalUser = true;
|
|
uid = 10065;
|
|
createHome = true;
|
|
description = "Xiaoxuan Jin";
|
|
extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"];
|
|
group = "users";
|
|
home = "/home/xiaoxuan";
|
|
hashedPassword = "$6$C8lYHrK7KvdKm/RE$cHZ2hg5gEOEjTV8Zoayik8sz5h.Vh0.ClCgOlQn8l/2Qx/qdxqZ7xCsAZ1GZ.IEyESfhJeJbjLpykXDwPpfVF0";
|
|
};
|
|
};
|
|
|
|
fudo.common.domain = "sea.fudo.org";
|
|
|
|
fudo.local-network = {
|
|
domain = "${local-domain}";
|
|
|
|
network = "10.0.0.0/16";
|
|
|
|
dhcp-dynamic-network = "10.0.1.0/24";
|
|
|
|
enable-reverse-mappings = true;
|
|
|
|
srv-records = {
|
|
tcp = {
|
|
domain = [{
|
|
port = 53;
|
|
host = "clunk.${local-domain}";
|
|
}];
|
|
kerberos = [{
|
|
port = 88;
|
|
host = "france.fudo.org";
|
|
}];
|
|
kerberos-adm = [{
|
|
port = 88;
|
|
host = "france.fudo.org";
|
|
}];
|
|
ssh = [{
|
|
port = 22;
|
|
host = "clunk.${local-domain}";
|
|
}];
|
|
};
|
|
|
|
udp = {
|
|
domain = [{
|
|
port = 53;
|
|
host = "clunk.${local-domain}";
|
|
}];
|
|
kerberos = [{
|
|
port = 88;
|
|
host = "france.fudo.org";
|
|
}];
|
|
kerboros-master = [{
|
|
port = 88;
|
|
host = "france.fudo.org";
|
|
}];
|
|
kpasswd = [{
|
|
port = 464;
|
|
host = "france.fudo.org";
|
|
}];
|
|
};
|
|
};
|
|
|
|
aliases = {
|
|
dns-hole = "clunk";
|
|
};
|
|
|
|
hosts = {
|
|
clunk = {
|
|
ip-address = "10.0.0.1";
|
|
mac-address = "02:44:d1:eb:c3:6b";
|
|
};
|
|
|
|
dns-proxy = {
|
|
ip-address = "10.0.0.2";
|
|
# This is just an alias for clunk's primary interface
|
|
};
|
|
|
|
google-wifi = {
|
|
ip-address = "10.0.0.11";
|
|
mac-address = "70:3a:cb:c0:3b:09";
|
|
};
|
|
|
|
pselby-work = {
|
|
ip-address = "10.0.0.151";
|
|
mac-address = "00:50:b6:aa:bd:b3";
|
|
};
|
|
|
|
downstairs-desktop = {
|
|
ip-address = "10.0.0.100";
|
|
mac-address = "90:b1:1c:8e:29:cf";
|
|
};
|
|
|
|
upstairs-desktop = {
|
|
ip-address = "10.0.0.101";
|
|
mac-address = "80:e8:2c:22:65:c2";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|