refactor(flake): move nixos configs into flake

2025-03-31 04:41:56 +08:00 · 2025-03-31 04:41:56 +08:00 · 9f8c3bb923
commit 9f8c3bb923
parent fc259dff4a
67 changed files with 45 additions and 56 deletions
--- a/modules/networking.nix
+++ b/modules/networking.nix
@ -0,0 +1,40 @@
+{
+  hostname,
+  lib,
+  config,
+  ...
+}:
+{
+  networking = {
+    hostName = hostname;
+    useDHCP = lib.mkDefault true;
+    networkmanager.enable = true;
+    networkmanager.wifi.backend = "iwd";
+
+    # Configures a simple stateful firewall.
+    # By default, it doesn't allow any incoming connections.
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [
+        22 # SSH
+      ];
+      allowedUDPPorts = [ ];
+    };
+
+    interfaces.enp12s0.wakeOnLan.policy = [
+      "phy"
+      "unicast"
+      "multicast"
+      "broadcast"
+      "arp"
+      "magic"
+      "secureon"
+    ];
+    interfaces.enp12s0.wakeOnLan.enable = true;
+  };
+  services.openssh.enable = true;
+  services.tailscale = {
+    enable = true;
+    authKeyFile = config.sops.secrets.ts_auth_key.path;
+  };
+}