nix
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixos-config/fudo/sites/russell.nix

167 lines
4.1 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
admin = "admin@fudo.org";
local-domain = "rus.selby.ca";
gateway = "10.0.0.1";
nameservers = [ "10.0.0.1" ];
hostname = config.networking.hostName;
in {
config = mkIf (config.fudo.common.site == "russell") {
time.timeZone = "America/Winnipeg";
services.cron = {
mailto = admin;
};
networking = {
domain = "rus.selby.ca";
search = [local-domain "fudo.org" "selby.ca"];
nameservers = nameservers;
# Don't set the gateway if we ARE the gateway.
# This is the most generic way I can think of to do that. local-network is really
# about running all the local servers (DNS, DHCP, and providing gateway).
defaultGateway = optionalString (config.fudo.local-network.enable != true) gateway;
enableIPv6 = true;
# Necessary to make sure than Kerberos and Avahi both work (the former
# needs the full reverse-lookup name of the server, the latter wants
# `hostname` to return just the host itself.
hosts = {
"127.0.0.1" = [
"${config.networking.hostName}.${local-domain}"
config.networking.hostName
];
};
};
krb5.libdefaults.default_realm = "FUDO.ORG";
users.extraUsers = {
guest = {
isNormalUser = true;
uid = 1000;
description = "Guest User";
extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"];
};
ken = {
isNormalUser = true;
uid = 10035;
createHome = true;
description = "Ken Selby";
extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"];
group = "users";
home = "/home/selby/ken";
hashedPassword = "$6$EwK9fpbH8$gYVzYY1IYw2/G0wCeUxXrZZqvjWCkCZbBqCOhxowbMuYtC5G0vp.AoYhVKWOJcHJM2c7TdPmAdnhLIe2KYStf.";
};
xiaoxuan = {
isNormalUser = true;
uid = 10065;
createHome = true;
description = "Xiaoxuan Jin";
extraGroups = ["audio" "video" "disk" "floppy" "lp" "cdrom" "tape" "input"];
group = "users";
home = "/home/xiaoxuan";
hashedPassword = "$6$C8lYHrK7KvdKm/RE$cHZ2hg5gEOEjTV8Zoayik8sz5h.Vh0.ClCgOlQn8l/2Qx/qdxqZ7xCsAZ1GZ.IEyESfhJeJbjLpykXDwPpfVF0";
};
};
fudo.common.domain = "sea.fudo.org";
fudo.local-network = {
domain = "${local-domain}";
network = "10.0.0.0/16";
dhcp-dynamic-network = "10.0.1.0/24";
enable-reverse-mappings = true;
srv-records = {
tcp = {
domain = [{
port = 53;
host = "clunk.${local-domain}";
}];
kerberos = [{
port = 88;
host = "france.fudo.org";
}];
kerberos-adm = [{
port = 88;
host = "france.fudo.org";
}];
ssh = [{
port = 22;
host = "clunk.${local-domain}";
}];
};
udp = {
domain = [{
port = 53;
host = "clunk.${local-domain}";
}];
kerberos = [{
port = 88;
host = "france.fudo.org";
}];
kerboros-master = [{
port = 88;
host = "france.fudo.org";
}];
kpasswd = [{
port = 464;
host = "france.fudo.org";
}];
};
};
aliases = {
dns-hole = "clunk";
};
hosts = {
clunk = {
ip-address = "10.0.0.1";
mac-address = "02:44:d1:eb:c3:6b";
};
dns-proxy = {
ip-address = "10.0.0.2";
# This is just an alias for clunk's primary interface
};
google-wifi = {
ip-address = "10.0.0.11";
mac-address = "70:3a:cb:c0:3b:09";
};
pselby-work = {
ip-address = "10.0.0.151";
mac-address = "00:50:b6:aa:bd:b3";
};
downstairs-desktop = {
ip-address = "10.0.0.100";
mac-address = "90:b1:1c:8e:29:cf";
};
upstairs-desktop = {
ip-address = "10.0.0.101";
mac-address = "80:e8:2c:22:65:c2";
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink