kitten.sh
1{ user, ... }:
2
3{
4 imports = [
5 ./hardware.nix
6 ];
7
8 users.users."${user}" = {
9 isNormalUser = true;
10 extraGroups = [ "wheel" ];
11 hashedPassword = "$6$DEmCOeiSFe6ymGox$WMWddbT9PkkfDT6JS4WuJsM3mQHI0e9kg0t42UowO79dWAcSU0K//KKlcebSosoMRz5mUEw5TFvbrv1aRHqYa/";
12 };
13
14 modules = {
15 router = {
16 enable = true;
17 ipv6 = true;
18 upnp.enable = true;
19 interfaces = {
20 external = {
21 name = "extern0";
22 macAddress = "ec:75:0c:2e:93:b0";
23 adoptMacAddress = "64:20:9f:16:70:a6";
24 };
25 internal = {
26 name = "intern0";
27 macAddress = "ec:75:0c:2e:92:1c";
28 cidr = "10.0.0.1/24";
29 };
30 };
31 leases = [
32 { macAddress = "98:ed:7e:c6:57:b2"; ipAddress = "10.0.0.102"; } # eero router
33 { macAddress = "c4:f1:74:51:4c:f2"; ipAddress = "10.0.0.124"; } # eero router
34 { macAddress = "1c:1d:d3:de:4b:06"; ipAddress = "10.0.0.35"; } # irnbru
35 ];
36 nftables.blockForward = [
37 "ec:e5:12:1d:23:40" # tado
38 ];
39 };
40 automation = {
41 enable = true;
42 mqtt.enable = true;
43 zigbee = {
44 enable = true;
45 serialPort = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_fcea8ceb8612ec11ab4e23c7bd930c07-if00-port0";
46 };
47 homebridge.enable = true;
48 };
49 server = {
50 enable = true;
51 tailscale.enable = true;
52 caddy.enable = true;
53 vaultwarden.enable = true;
54 tangled.enable = true;
55 };
56 };
57
58 system.stateVersion = "24.11";
59}
60