From ec2166ec2dc1d101c1bfb1a29d0f9fc09e965a2e Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Mon, 11 Sep 2023 21:00:02 +0200 Subject: [PATCH] fix vpn1 config --- modules/_common/nixpkgs.nix | 7 +- modules/desktop/default.nix | 4 + modules/hardware/hetzner-vpn1.nix | 151 +++++++++++++++++------------- 3 files changed, 89 insertions(+), 73 deletions(-) diff --git a/modules/_common/nixpkgs.nix b/modules/_common/nixpkgs.nix index dc7c9e9..be3e744 100644 --- a/modules/_common/nixpkgs.nix +++ b/modules/_common/nixpkgs.nix @@ -1,11 +1,6 @@ {...}: { config = { - nixpkgs.config = { - allowUnfree = true; - permittedInsecurePackages = [ - "electron-12.2.3" - ]; - }; + nixpkgs.config.allowUnfree = true; system = { stateVersion = "22.11"; diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index f9553c6..9584650 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -105,5 +105,9 @@ in { ncdu ]; }; + + nixpkgs.config.permittedInsecurePackages = [ + "electron-12.2.3" + ]; }; } diff --git a/modules/hardware/hetzner-vpn1.nix b/modules/hardware/hetzner-vpn1.nix index 7b62a41..8ac8edc 100644 --- a/modules/hardware/hetzner-vpn1.nix +++ b/modules/hardware/hetzner-vpn1.nix @@ -7,74 +7,91 @@ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.cleanTmpDir = true; - zramSwap.enable = true; - networking.domain = ""; - - boot.loader.grub = { - efiSupport = true; - efiInstallAsRemovable = true; - device = "nodev"; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/77CF-345D"; - fsType = "vfat"; - }; - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"]; - boot.initrd.kernelModules = ["nvme"]; - fileSystems."/" = { - device = "/dev/sda1"; - fsType = "ext4"; - }; - - # This file was populated at runtime with the networking - # details gathered from the active system. - networking = { - nameservers = [ - "8.8.8.8" - ]; - defaultGateway = "172.31.1.1"; - defaultGateway6 = { - address = "fe80::1"; - interface = "eth0"; - }; - dhcpcd.enable = false; - usePredictableInterfaceNames = lib.mkForce false; - interfaces = { - eth0 = { - ipv4.addresses = [ - { - address = "157.90.146.125"; - prefixLength = 32; - } - ]; - ipv6.addresses = [ - { - address = "2a01:4f8:c012:7137::1"; - prefixLength = 64; - } - { - address = "fe80::9400:2ff:fe87:7fc9"; - prefixLength = 64; - } - ]; - ipv4.routes = [ - { - address = "172.31.1.1"; - prefixLength = 32; - } - ]; - ipv6.routes = [ - { - address = "fe80::1"; - prefixLength = 128; - } - ]; + config = { + boot = { + tmp.cleanOnBoot = true; + loader = { + systemd-boot.enable = lib.mkForce false; + efi.canTouchEfiVariables = lib.mkForce false; + grub = { + enable = true; + efiSupport = true; + efiInstallAsRemovable = true; + device = "nodev"; + }; + }; + initrd = { + availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"]; + kernelModules = ["nvme"]; }; }; - }; - services.udev.extraRules = '' - ATTR{address}=="96:00:02:87:7f:c9", NAME="eth0" - ''; + zramSwap.enable = true; + networking.domain = ""; + + fileSystems = { + "/boot" = { + device = "/dev/disk/by-uuid/77CF-345D"; + fsType = "vfat"; + }; + "/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; + }; + + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + nameservers = ["8.8.8.8"]; + defaultGateway = "172.31.1.1"; + defaultGateway6 = { + address = "fe80::1"; + interface = "eth0"; + }; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce false; + interfaces = { + eth0 = { + ipv4 = { + addresses = [ + { + address = "157.90.146.125"; + prefixLength = 32; + } + ]; + routes = [ + { + address = "172.31.1.1"; + prefixLength = 32; + } + ]; + }; + ipv6 = { + addresses = [ + { + address = "2a01:4f8:c012:7137::1"; + prefixLength = 64; + } + { + address = "fe80::9400:2ff:fe87:7fc9"; + prefixLength = 64; + } + ]; + routes = [ + { + address = "fe80::1"; + prefixLength = 128; + } + ]; + }; + }; + }; + }; + + services.udev.extraRules = '' + ATTR{address}=="96:00:02:87:7f:c9", NAME="eth0" + + ''; + }; }