dunkirk.sh / dots
Kieran's opinionated (and probably slightly dumb) nix config
fork atom

chore: fix network issues on prattle

dunkirk.sh 392fdcd9 77100273

verified
options
unified split
Changed files
+11 -3
machines
prattle
default.nix
+11 -3
machines/prattle/default.nix 
···

       
111

       
111

       
 

       
  networking = {


     

       
112

       
112

       
 

       
    hostName = "prattle";


     

       
113

       
113

       
 

       
    useDHCP = false;


     

       
114

       

       
-

       
    interfaces.eth0 = {


     

       
115

       

       
-

       
      useDHCP = true;


     

       
116

       

       
-

       
    };


     

       
117

       
114

       
 

       
    defaultGateway = "10.0.0.1";


     

       
118

       
115

       
 

       
    nameservers = [


     

       
119

       
116

       
 

       
      "1.1.1.1"


     
···

       
121

       
118

       
 

       
      "2606:4700:4700::1111"


     

       
122

       
119

       
 

       
      "2606:4700:4700::1001"


     

       
123

       
120

       
 

       
    ];


     

       

       
121

       
+

       
    interfaces.eth0 = {


     

       

       
122

       
+

       
      ipv4.addresses = [


     

       

       
123

       
+

       
        {


     

       

       
124

       
+

       
          address = "10.0.0.70";


     

       

       
125

       
+

       
          prefixLength = 24;


     

       

       
126

       
+

       
        }


     

       

       
127

       
+

       
      ];


     

       

       
128

       
+

       
      useDHCP = false;


     

       

       
129

       
+

       
    };


     

       
124

       
130

       
 

       
  };


     

       
125

       
131

       
 

       



     

       
126

       
132

       
 

       
  programs.zsh.enable = true;


     
···

       
146

       
152

       
 

       



     

       
147

       
153

       
 

       
  services.openssh = {


     

       
148

       
154

       
 

       
    enable = true;


     

       

       
155

       
+

       
    openFirewall = true;


     

       
149

       
156

       
 

       
    settings = {


     

       
150

       
157

       
 

       
      PermitRootLogin = "no";


     

       
151

       
158

       
 

       
      PasswordAuthentication = false;


     
···

       
154

       
161

       
 

       



     

       
155

       
162

       
 

       
  networking.firewall = {


     

       
156

       
163

       
 

       
    enable = true;


     

       

       
164

       
+

       
    allowedTCPPorts = [ 22 ];


     

       
157

       
165

       
 

       
    logRefusedConnections = false;


     

       
158

       
166

       
 

       
    rejectPackets = true;


     

       
159

       
167

       
 

       
  };