beastie/dev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: beastie:ff17f33531c376515ee778db1ddfa53197ec6708
Branches Tags
beastie:main
...
compare: beastie:main
Branches Tags
beastie:main

13 Commits
ff17f33531 ... main

Author SHA1 Message Date
Jérémie SALVI
3679f36e67 Add gaming skills 2025-12-21 18:32:18 +01:00
Jérémie SALVI
d10cc381df add nextcloud to desktop 2025-12-21 17:47:38 +01:00
Jérémie SALVI
cc6ebd5224 Install nextcloud-client additions 2025-12-12 22:53:03 +01:00
Jérémie SALVI
d51e8ed455 Add /dev/sda luks partition to crypttab, and install nextcloud-client 2025-12-12 22:04:23 +01:00
Jérémie SALVI
2a751ee1d4 configure remote wake on lan and ipv6 2025-12-12 07:50:43 +01:00
Jérémie SALVI
792fe03d93 Add wake online 2025-12-12 04:42:32 +01:00
Jérémie SALVI
918d42ff71 Add wake online 2025-12-12 04:42:20 +01:00
Jérémie SALVI
87993b83fe restore qemu to kemu_full 2025-12-11 15:16:47 +01:00
Jérémie SALVI
74962924b8 revert flake to a working build 2025-12-09 01:46:47 +01:00
Jérémie SALVI
520f40e1bc revert flake 2025-12-08 13:14:03 +01:00
Jérémie SALVI
1655f3096d before flake update 2025-12-08 12:04:41 +01:00
Jérémie SALVI
5fb0c51777 flake update 2025-12-02 16:30:27 +01:00
Jérémie SALVI
91e8ccbb4f flake update 2025-12-02 16:25:57 +01:00
19 changed files with 426 additions and 49 deletions
Expand all files Collapse all files

32
flake.lock generated
View File

@@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763651264, "lastModified": 1766150702,
"narHash": "sha256-8vvwZbw0s7YvBMJeyPVpWke6lg6ROgtts5N2/SMCcv4=", "narHash": "sha256-P0kM+5o+DKnB6raXgFEk3azw8Wqg5FL6wyl9jD+G5a4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "e86a89079587497174ccab6d0d142a65811a4fd9", "rev": "916506443ecd0d0b4a0f4cf9d40a3c22ce39b378",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -23,11 +23,11 @@
"mysecrets": { "mysecrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1763731770, "lastModified": 1765518969,
"narHash": "sha256-ThIVf8jtBOKV7JzShnL/gzHEm7axiLshPie8BYkMYAI=", "narHash": "sha256-hKJGo0+i7xHDMhN8kicOLT0PA8x8zRzleQs2I2XWVLg=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "07b3f415bd89a6b571f154278c1d9b6b5ca9e473", "rev": "e1c2c590e4655cf887173478765663d20a7efffd",
"revCount": 16, "revCount": 19,
"type": "git", "type": "git",
"url": "file:///home/beastie/nixos/secrets" "url": "file:///home/beastie/nixos/secrets"
}, },
@@ -38,11 +38,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1763622513, "lastModified": 1766014764,
"narHash": "sha256-1jQnuyu82FpiSxowrF/iFK6Toh9BYprfDqfs4BB+19M=", "narHash": "sha256-+73VffE5GP5fvbib6Hs1Su6LehG+9UV1Kzs90T2gBLA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c58bc7f5459328e4afac201c5c4feb7c818d604b", "rev": "2b0d2b456e4e8452cf1c16d00118d145f31160f9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -54,11 +54,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1763421233, "lastModified": 1766070988,
"narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", "narHash": "sha256-G/WVghka6c4bAzMhTwT2vjLccg/awmHkdKSd2JrycLc=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", "rev": "c6245e83d836d0433170a16eb185cefe0572f8b8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -84,11 +84,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1763607916, "lastModified": 1766289575,
"narHash": "sha256-VefBA1JWRXM929mBAFohFUtQJLUnEwZ2vmYUNkFnSjE=", "narHash": "sha256-BOKCwOQQIP4p9z8DasT5r+qjri3x7sPCOq+FTjY8Z+o=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "877bb495a6f8faf0d89fc10bd142c4b7ed2bcc0b", "rev": "9836912e37aef546029e48c8749834735a6b9dad",
"type": "github" "type": "github"
}, },
"original": { "original": {

54
hosts/home-nix/disk-config.nix
View File

@@ -37,27 +37,69 @@
subvolumes = { subvolumes = {
"@" = { "@" = {
mountpoint = "/"; mountpoint = "/";
mountOptions = [ "defaults" "ssd" "compress=zstd" "autodefrag" "noatime" "nodiscard" ]; mountOptions = [
"defaults"
"ssd"
"compress=zstd"
"autodefrag"
"noatime"
"nodiscard"
];
}; };
"@root" = { "@root" = {
mountpoint = "/root"; mountpoint = "/root";
mountOptions = [ "defaults" "ssd" "compress=zstd" "autodefrag" "noatime" "nodiscard" ]; mountOptions = [
"defaults"
"ssd"
"compress=zstd"
"autodefrag"
"noatime"
"nodiscard"
];
}; };
"@home" = { "@home" = {
mountpoint = "/home"; mountpoint = "/home";
mountOptions = [ "defaults" "ssd" "compress=zstd" "autodefrag" "noatime" "nodiscard" ]; mountOptions = [
"defaults"
"ssd"
"compress=zstd"
"autodefrag"
"noatime"
"nodiscard"
];
}; };
"@nix" = { "@nix" = {
mountpoint = "/nix"; mountpoint = "/nix";
mountOptions = [ "defaults" "ssd" "compress=zstd" "autodefrag" "noatime" "nodiscard" ]; mountOptions = [
"defaults"
"ssd"
"compress=zstd"
"autodefrag"
"noatime"
"nodiscard"
];
}; };
"@var" = { "@var" = {
mountpoint = "/var"; mountpoint = "/var";
mountOptions = [ "defaults" "ssd" "compress=zstd" "autodefrag" "noatime" "nodiscard" ]; mountOptions = [
"defaults"
"ssd"
"compress=zstd"
"autodefrag"
"noatime"
"nodiscard"
];
}; };
"@games" = { "@games" = {
mountpoint = "/games"; mountpoint = "/games";
mountOptions = [ "defaults" "ssd" "compress=zstd" "autodefrag" "noatime" "nodiscard" ]; mountOptions = [
"defaults"
"ssd"
"compress=zstd"
"autodefrag"
"noatime"
"nodiscard"
];
}; };
}; };
}; };

39
hosts/home-nix/hardware-configuration.nix
View File

@@ -1,18 +1,47 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
modulesPath,
...
}:
{ {
imports = imports = [
[ (modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
environment.etc."crypttab".text = ''
datafs UUID=5ca962a7-537f-46ce-ba50-9cc9cefd012b /etc/secrets/datafs.key luks
'';
fileSystems."/data" = {
device = "/dev/disk/by-uuid/a8ea6a7b-3733-40d8-bee8-45806aaacfe1";
fsType = "btrfs";
options = [
"defaults"
"compress=zstd"
"autodefrag"
"noatime"
"nofail"
];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

1
modules/core/packages.nix
View File

@@ -24,6 +24,7 @@
pkgs.bash pkgs.bash
pkgs.fzf pkgs.fzf
pkgs.bc pkgs.bc
pkgs.wakeonlan
]; ];
services = { services = {
locate = { locate = {

2
modules/core/users.nix
View File

@@ -18,7 +18,7 @@
"video" "video"
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKMJ3TkEmRQcX7RQijNa2km6a2xXJk6M6FERh7C9nTJ" config.sops.secrets."ssh_keys/beastie_priv".path
]; ];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };

20
modules/optionnals/ai.nix
View File

@@ -4,16 +4,16 @@
}: }:
{ {
# Activer Ollama comme service # Activer Ollama comme service
services.ollama = { # services.ollama = {
enable = true; # enable = true;
acceleration = "cuda"; # acceleration = "cuda";
environmentVariables = { # environmentVariables = {
OLLAMA_FLASH_ATTENTION = "1"; # ← Flash Attention # OLLAMA_FLASH_ATTENTION = "1"; # ← Flash Attention
OLLAMA_NUM_PARALLEL = "2"; # ← Requêtes parallèles # OLLAMA_NUM_PARALLEL = "2"; # ← Requêtes parallèles
OLLAMA_MAX_LOADED_MODELS = "1"; # ← Garder 2 modèles en VRAM # OLLAMA_MAX_LOADED_MODELS = "1"; # ← Garder 2 modèles en VRAM
OLLAMA_KEEP_ALIVE = "5m"; # OLLAMA_KEEP_ALIVE = "5m";
}; # };
}; # };
# services.open-webui = { # services.open-webui = {
# enable = true; # enable = true;
# port = 8080; # Port par défaut # port = 8080; # Port par défaut

2
modules/optionnals/desktop/config/etc/xdg/hypr/hyprland.conf
View File

@@ -21,7 +21,7 @@ $terminal = kitty
exec-once = hyprpaper exec-once = hyprpaper
exec-once = waybar exec-once = waybar
exec-once = nextcloud
############################# #############################
### ENVIRONMENT VARIABLES ### ### ENVIRONMENT VARIABLES ###

18
modules/optionnals/desktop/gaming.nix Normal file
View File

@@ -0,0 +1,18 @@
{
pkgs,
...
}:
{
hardware.graphics.enable32Bit = true;
programs.steam.enable = true;
programs.steam.gamescopeSession.enable = true;
programs.gamemode.enable = true;
environment.systemPackages = with pkgs; [
vulkan-tools
lutris
wine-staging
winetricks
mangohud
protonup-ng
];
}

12
modules/optionnals/desktop/nextcloud.nix Normal file
View File

@@ -0,0 +1,12 @@
{
pkgs,
...
}:
{
services.gnome.gnome-keyring.enable = true;
environment.systemPackages = [
pkgs.nextcloud-client
pkgs.seahorse
];
}

1
modules/optionnals/desktop/packages.nix
View File

@@ -9,6 +9,7 @@
pkgs.yt-dlp pkgs.yt-dlp
pkgs.chromium pkgs.chromium
pkgs.firefox pkgs.firefox
pkgs.thunderbird
pkgs.keepassxc pkgs.keepassxc
pkgs.nwg-look pkgs.nwg-look
pkgs.gimp pkgs.gimp

54
modules/optionnals/hosts/home-nix.nix
View File

@@ -5,20 +5,24 @@
}: }:
{ {
imports = [ imports = [
../ai.nix #../ai.nix
../autologin.nix ../autologin.nix
../k8s.nix ../k8s.nix
../libvirt.nix ../libvirt.nix
../openfortivpn.nix ../openfortivpn.nix
../options.nix
../packages.nix ../packages.nix
../sops-desktop.nix ../sops-desktop.nix
../ssh.nix ../ssh.nix
../sudo-nopasswd.nix ../sudo-nopasswd.nix
../wakeonlan.nix
### Import GUI modules ### Import GUI modules
../desktop/code.nix ../desktop/code.nix
../desktop/dunst.nix ../desktop/dunst.nix
../desktop/gaming.nix
../desktop/kitty.nix ../desktop/kitty.nix
../desktop/nextcloud.nix
../desktop/packages.nix ../desktop/packages.nix
../desktop/pipewire.nix ../desktop/pipewire.nix
../desktop/qwerty-fr.nix ../desktop/qwerty-fr.nix
@@ -31,6 +35,11 @@
../desktop/nvidia.nix ../desktop/nvidia.nix
]; ];
my.laninterface = "enp5s0";
my.ipv4address = "192.168.0.2";
my.ipv4netmask = 24;
my.ipv4gateway = "192.168.0.254";
sops = { sops = {
secrets = { secrets = {
"wireguard_home/publickey" = { }; "wireguard_home/publickey" = { };
@@ -39,25 +48,31 @@
}; };
}; };
#services.resolved.enable = false;
networking = { networking = {
interfaces.enp5s0 = { #useNetworkd = true;
#useHostResolvConf = false;
interfaces.${config.my.laninterface} = {
ipv4.addresses = [ ipv4.addresses = [
{ {
address = "192.168.0.2"; address = config.my.ipv4address;
prefixLength = 24; prefixLength = config.my.ipv4netmask;
} }
]; ];
}; };
defaultGateway = { defaultGateway = {
address = "192.168.0.254"; address = config.my.ipv4gateway;
interface = "enp5s0"; interface = config.my.laninterface;
}; };
nameservers = [ nameservers = [
#"9.9.9.9" #"9.9.9.9"
"10.0.0.1"
"2001:41d0:303:20da::1" "2001:41d0:303:20da::1"
"217.182.138.218" "217.182.138.218"
]; ];
extraHosts = '' extraHosts = ''
#172.18.229.240 test-mycarto.grandbesancon.fr
172.18.21.172 errorpages.grandbesancon.fr 172.18.21.172 errorpages.grandbesancon.fr
#172.18.23.4 dozzle.grandbesancon.fr #172.18.23.4 dozzle.grandbesancon.fr
#172.18.22.206 toto.grandbesancon.fr #172.18.22.206 toto.grandbesancon.fr
@@ -92,5 +107,30 @@
}; };
}; };
}; };
environment.systemPackages = [ pkgs.tor-browser ];
sops.secrets."home-nix/myipv6address" = { };
systemd.services.ipv6-setup = {
description = "Configure IPv6";
after = [
"network.target"
"sops-nix.service"
];
wants = [ "sops-nix.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = pkgs.writeShellScript "setup-ipv6" ''
${pkgs.iproute2}/bin/ip -6 addr add $(cat ${
config.sops.secrets."home-nix/myipv6address".path
})/64 dev ${config.my.laninterface} || true
'';
};
};
environment.systemPackages = [
pkgs.tor-browser
];
} }

49
modules/optionnals/hosts/test-kvm.nix
View File

@@ -11,6 +11,7 @@
## Server ## Server
../server/starship.nix ../server/starship.nix
../server/wireguard-ui.nix
]; ];
## Enable virtualisation guest settings ## Enable virtualisation guest settings
@@ -24,4 +25,52 @@
pkgs.spice-gtk # Outils SPICE pkgs.spice-gtk # Outils SPICE
pkgs.spice-protocol # Protocoles SPICE pkgs.spice-protocol # Protocoles SPICE
]; ];
systemd.network.links."10-eth0" = {
matchConfig.MACAddress = "52:54:00:a3:d7:56";
linkConfig.Name = "eth0";
};
systemd.network.netdevs."10-dummy0" = {
netdevConfig = {
Kind = "dummy";
Name = "dummy0";
};
};
networking = {
useNetworkd = true;
useDHCP = false;
interfaces = {
dummy0 = {
ipv4.addresses = [
{
address = "192.168.2.1";
prefixLength = 24;
}
];
};
eth0 = {
ipv4.addresses = [
{
address = "192.168.122.10";
prefixLength = 24;
}
];
};
};
defaultGateway = {
address = "192.168.122.1";
interface = "eth0";
};
nameservers = [
#"9.9.9.9"
"2001:41d0:303:20da::1"
"217.182.138.218"
];
extraHosts = ''
172.18.21.172 errorpages.grandbesancon.fr
'';
};
} }

2
modules/optionnals/hosts/work-nix.nix
View File

@@ -36,7 +36,7 @@
carto-interavtive 172.18.20.134 carto-interavtive 172.18.20.134
''; '';
}; };
users.users.${username} = { users.users.${username} = {
extraGroups = [ "networkmanager" ]; extraGroups = [ "networkmanager" ];
}; };
programs.nm-applet.enable = true; programs.nm-applet.enable = true;

4
modules/optionnals/libvirt.nix
View File

@@ -8,8 +8,8 @@
libvirtd = { libvirtd = {
enable = true; enable = true;
qemu = { qemu = {
# package = pkgs.qemu_full; package = pkgs.qemu_full;
package = pkgs.qemu; #package = pkgs.qemu;
runAsRoot = true; runAsRoot = true;
swtpm.enable = true; swtpm.enable = true;
}; };

26
modules/optionnals/options.nix Normal file
View File

@@ -0,0 +1,26 @@
{
lib,
...
}:
{
options.my.laninterface = lib.mkOption {
type = lib.types.str;
default = "enp5s0";
};
options.my.ipv4address = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
};
options.my.ipv4netmask = lib.mkOption {
type = lib.types.int;
default = 8;
};
options.my.ipv4gateway = lib.mkOption {
type = lib.types.str;
default = "127.0.0.254";
};
options.my.wolipv6address = lib.mkOption {
type = lib.types.str;
default = "fc::0";
};
}

5
modules/optionnals/server/starship.nix
View File

@@ -58,6 +58,11 @@
disabled = false; disabled = false;
}; };
fill = {
symbol = "";
style = "surface1";
};
kubernetes = { kubernetes = {
disabled = false; disabled = false;
format = "[](fg:blue bg:base)[ ($namespace)/($cluster) ](fg:base bg:blue)[](bg:blue fg:mauve)"; format = "[](fg:blue bg:base)[ ($namespace)/($cluster) ](fg:base bg:blue)[](bg:blue fg:mauve)";

97
modules/optionnals/server/wireguard-ui.nix Normal file
View File

@@ -0,0 +1,97 @@
{
pkgs,
...
}:
{
environment.systemPackages = [
pkgs.wireguard-tools
pkgs.wireguard-ui
];
users.users.wireguard-ui = {
isSystemUser = true;
group = "wireguard-ui";
home = "/var/lib/wireguard-ui";
createHome = true;
description = "WireGuard UI service user";
};
users.groups.wireguard-ui = { };
systemd = {
tmpfiles.rules = [
"d /etc/wireguard 0750 wireguard-ui wireguard-ui -"
"d /var/lib/wireguard-ui 0750 wireguard-ui wireguard-ui -"
];
services = {
wg-quick-wg0 = {
description = "WireGuard via wg-quick(8) for wg0";
after = [
"network-online.target"
"wireguard-ui.service"
];
wants = [ "network-online.target" ];
wantedBy = [
"multi-user.target"
"sshd.service"
];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${pkgs.wireguard-tools}/bin/wg-quick up wg0";
ExecStop = "${pkgs.wireguard-tools}/bin/wg-quick down wg0";
ExecReload = "${pkgs.bash}/bin/bash -c 'exec ${pkgs.wireguard-tools}/bin/wg syncconf wg0 <(exec ${pkgs.wireguard-tools}/bin/wg-quick strip wg0)'";
Environment = [ "WG_ENDPOINT_RESOLUTION_RETRIES=infinity" ];
};
};
wireguard-ui = {
description = "WireGuard UI";
documentation = [ "https://github.com/ngoduykhanh/wireguard-ui" ];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.wireguard-ui}/bin/wireguard-ui";
Restart = "on-failure";
WorkingDirectory = "/var/lib/wireguard-ui";
StateDirectory = "wireguard-ui";
User = "wireguard-ui";
Group = "wireguard-ui";
ReadWritePaths = [
"/var/lib/wireguard-ui"
"/etc/wireguard"
];
Environment = [
# "WGUI_ENDPOINT_ADDRESS=${config.custom.wireguard-ui.endpointAddress}"
# "WGUI_DNS=${config.custom.wireguard-ui.dns}"
];
AmbientCapabilities = "CAP_NET_ADMIN";
};
};
wg-quick-wg0-reload = {
description = "Reload WireGuard config";
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.systemd}/bin/systemctl reload wg-quick-wg0.service";
};
};
};
paths.wg-quick-wg0-reload = {
description = "Watch /etc/wireguard/wg0.conf for changes";
wantedBy = [ "multi-user.target" ];
pathConfig = {
PathModified = "/etc/wireguard/wg0.conf";
};
};
};
networking.firewall.allowedTCPPorts = [ 5000 ];
networking.firewall.allowedUDPPorts = [ 51820 ];
}

10
modules/optionnals/sops-desktop.nix
View File

@@ -61,6 +61,16 @@ in
mode = "0600"; mode = "0600";
path = "/home/${username}/.ssh/id_ed25519_gitea_semaphore"; path = "/home/${username}/.ssh/id_ed25519_gitea_semaphore";
}; };
"ssh_keys/wol_pub" = {
owner = "${username}";
mode = "0644";
path = "/home/${username}/.ssh/id_ed25519_wol";
};
"ssh_keys/wol_priv" = {
owner = "${username}";
mode = "0600";
path = "/home/${username}/.ssh/id_ed25519_wol.priv";
};
}; };
}; };
} }

47
modules/optionnals/wakeonlan.nix Normal file
View File

@@ -0,0 +1,47 @@
{
config,
pkgs,
hostname,
...
}:
{
systemd.services."wol${config.my.laninterface}" = {
description = "Wake-on-LAN for ${config.my.laninterface}";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${config.my.laninterface} wol g";
RandomizedDelaySec = "30s";
};
};
environment.systemPackages = [ pkgs.ethtool ];
my.wolipv6address = "2a01:e0a:9cc:99d0:8f3a:6b2c:41d7:e9f5";
boot.initrd = {
network = {
enable = true;
ssh = {
enable = true;
port = 65234;
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ2+PXfG/37rsvcVr2RAHzXmGHMr8+8iBH//1YS+zWd3"
]; # ta clé publique
hostKeys = [ "/etc/ssh/ssh_host_ed25519_key" ];
};
postCommands = ''
ip -6 addr add ${config.my.wolipv6address}/64 dev ${config.my.laninterface}
ip -6 route add default via fe80::224:d4ff:fea5:65bd dev ${config.my.laninterface}
'';
};
availableKernelModules = [ "r8169" ];
};
boot = {
kernelParams = [
"ip=${config.my.ipv4address}::255.255.255.0:${config.my.ipv4gateway}:${hostname}:${config.my.laninterface}:off"
];
};
}