2025-03-08 20:29:42 -05:00
|
|
|
{ inputs, pkgs, lib, ... }: {
|
2025-03-03 19:09:08 -05:00
|
|
|
imports = [
|
|
|
|
|
inputs.raspberry-pi-nix.nixosModules.raspberry-pi
|
|
|
|
|
inputs.raspberry-pi-nix.nixosModules.sd-image
|
|
|
|
|
./hardware-configuration.nix
|
2025-03-03 19:48:52 -05:00
|
|
|
../base.nix
|
2025-03-07 21:13:38 -05:00
|
|
|
../../docker
|
2025-03-03 19:09:08 -05:00
|
|
|
];
|
|
|
|
|
|
2025-03-08 22:11:17 -05:00
|
|
|
boot.kernel.sysctl = {
|
|
|
|
|
"net.ipv4.ip_forward" = true;
|
|
|
|
|
};
|
|
|
|
|
|
2025-03-03 21:40:24 -05:00
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyZFWvrboUTM/dKzz5kQHEKjNqI410VJUGiVckhjOve rae@ioides"
|
|
|
|
|
];
|
|
|
|
|
|
2025-03-03 23:55:20 -05:00
|
|
|
programs.git.enable = true;
|
|
|
|
|
virtualisation.docker.enable = true;
|
2025-03-07 21:13:38 -05:00
|
|
|
r5e.containers = {
|
|
|
|
|
pihole = {
|
2025-03-08 22:11:17 -05:00
|
|
|
enable = true;
|
2025-03-09 14:53:56 -04:00
|
|
|
dhcp.enable = false;
|
2025-03-08 20:29:42 -05:00
|
|
|
listenPortHTTP = 8080;
|
2025-03-07 22:21:40 -05:00
|
|
|
listenPortHTTPS = 8443;
|
2025-03-08 22:11:17 -05:00
|
|
|
openFirewall = true;
|
2025-03-07 22:21:40 -05:00
|
|
|
};
|
2025-03-03 21:40:24 -05:00
|
|
|
};
|
|
|
|
|
|
2025-03-07 23:38:29 -05:00
|
|
|
services = {
|
2025-03-08 22:37:24 -05:00
|
|
|
hostapd = {
|
2025-03-08 20:29:42 -05:00
|
|
|
enable = true;
|
2025-03-08 22:37:24 -05:00
|
|
|
radios.wlan0 = {
|
|
|
|
|
band = "2g";
|
|
|
|
|
channel = 7;
|
|
|
|
|
countryCode = "US";
|
|
|
|
|
networks.wlan0 = {
|
|
|
|
|
authentication = {
|
|
|
|
|
mode = "wpa2-sha256";
|
|
|
|
|
wpaPassword = "techcat8";
|
|
|
|
|
};
|
|
|
|
|
logLevel = 1;
|
|
|
|
|
ssid = "near";
|
|
|
|
|
};
|
|
|
|
|
settings = {
|
|
|
|
|
ht_capab = lib.mkForce "[HT40][SHORT-GI-20]";
|
|
|
|
|
};
|
2025-03-08 20:29:42 -05:00
|
|
|
};
|
2025-03-07 23:38:29 -05:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2025-03-03 21:40:24 -05:00
|
|
|
networking = {
|
2025-03-08 20:29:42 -05:00
|
|
|
# bridges.br0 = {
|
|
|
|
|
# interfaces = [ "end0" "wlan0" ];
|
|
|
|
|
# };
|
2025-03-08 22:11:17 -05:00
|
|
|
firewall = {
|
|
|
|
|
allowedTCPPorts = [ 22 ];
|
|
|
|
|
extraCommands = ''
|
|
|
|
|
iptables -t nat -A POSTROUTING -o end0 -j MASQUERADE
|
|
|
|
|
'';
|
|
|
|
|
};
|
2025-03-07 23:38:29 -05:00
|
|
|
hostName = "near";
|
2025-03-08 20:29:42 -05:00
|
|
|
interfaces = {
|
|
|
|
|
# br0 = {
|
|
|
|
|
# ipv4.addresses = [
|
|
|
|
|
# {
|
|
|
|
|
# address = "10.0.0.2";
|
|
|
|
|
# prefixLength = 24;
|
|
|
|
|
# }
|
|
|
|
|
# ];
|
|
|
|
|
# };
|
|
|
|
|
end0.useDHCP = true;
|
|
|
|
|
wlan0.useDHCP = true;
|
|
|
|
|
};
|
|
|
|
|
networkmanager.unmanaged = [ "interface-name:wlan*" ];
|
|
|
|
|
useDHCP = false;
|
2025-03-07 23:38:29 -05:00
|
|
|
wireless.enable = true;
|
2025-03-03 21:40:24 -05:00
|
|
|
};
|
2025-03-03 19:09:08 -05:00
|
|
|
|
2025-03-08 20:29:42 -05:00
|
|
|
environment.etc."wpa_supplicant.conf".text = "";
|
2025-03-05 17:01:57 -05:00
|
|
|
|
2025-03-03 21:40:24 -05:00
|
|
|
time.timeZone = "America/New_York";
|
2025-03-03 19:09:08 -05:00
|
|
|
|
2025-03-03 21:40:24 -05:00
|
|
|
system.stateVersion = "24.11";
|
2025-03-03 19:09:08 -05:00
|
|
|
}
|
