(refactor): preparing new hosts

2025-08-09 07:00:21 +02:00 · 2024-08-16 16:42:55 +02:00 · 2024-08-16 16:42:55 +02:00 · f20bcf41e9
commit f20bcf41e9
parent 35684609f3
15 changed files with 177 additions and 398 deletions
--- a/hosts/sisyphe/server-configuration.nix
+++ b/hosts/sisyphe/server-configuration.nix
@ -0,0 +1,70 @@
+# TODO: move file to configuration.nix
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  ip = "192.168.1.177";
+  gateway = "192.168.1.1";
+  username = "homelab";
+in
+{
+  # setting up networking!!
+  networking = {
+    interfaces = {
+      ens18.ipv4.addresses = [
+        {
+          address = ip;
+          prefixLength = 24;
+        }
+      ];
+    };
+
+    defaultGateway = gateway;
+    nameservers = [
+      "1.1.1.1"
+      "1.0.0.1"
+      "2606:4700:4700::1111"
+      "2606:4700:4700::1001"
+    ];
+
+    nftables.enable = true;
+    # firewall rules
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [
+        22 # ssh
+        8008 # matrix-synapse
+        8448 # matrix-synapse
+        3030
+        3333
+        2344
+        4000
+        5050 # calibre-web
+        9091 # transmission
+      ];
+      allowedUDPPorts = [ ];
+    };
+  };
+
+  users.groups.multimedia = {
+    members = [
+      "slskd"
+      "radarr"
+      "readarr"
+      "sonarr"
+      "transmission"
+      "jellyfin"
+      "bazarr"
+      "calibre-web"
+      username
+    ];
+  };
+
+  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+  sops.age.keyFile = "/var/lib/sops-nix/key.txt";
+  sops.age.generateKey = true;
+  sops.defaultSopsFile = ../../secrets/secrets.yaml;
+}