{ config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; hardware = { graphics = { extraPackages = with pkgs; [ libvpl libvdpau-va-gl sof-firmware vpl-gpu-rt ]; }; bluetooth.settings.General.Name = "saarni"; }; networking = { hostName = "saarni"; }; systemd = { services."enable-wifi-on-boot" = { description = "Enable wifi on boot"; wantedBy = [ "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.util-linux}/bin/rfkill unblock all"; Type = "oneshot"; }; }; network = { networks = { "13-shared" = { matchConfig = { MACAddress = "5a:c1:1b:77:fc:e5"; }; linkConfig = { Multicast = true; }; networkConfig = { DHCP = true; IPv6AcceptRA = true; MulticastDNS = true; LinkLocalAddressing = "ipv6"; DNSSEC = true; UseDomains = true; }; dhcpV4Config = { RouteMetric = 20; UseDNS = true; UseMTU = true; }; ipv6AcceptRAConfig = { UseMTU = true; }; }; "10-lan" = { matchConfig = { Name = "enps0"; }; linkConfig = { Multicast = true; }; networkConfig = { DHCP = true; IPv6AcceptRA = true; MulticastDNS = true; LinkLocalAddressing = "ipv6"; DNSSEC = true; UseDomains = true; }; dhcpV4Config = { RouteMetric = 20; UseDNS = true; UseMTU = true; }; ipv6AcceptRAConfig = { UseMTU = true; }; }; "11-wlan" = { matchConfig = { MACAddress = "64:d6:9a:9e:06:60"; }; linkConfig = { Multicast = true; }; networkConfig = { DHCP = true; IPv6AcceptRA = true; MulticastDNS = true; LinkLocalAddressing = "ipv6"; DNSSEC = true; UseDomains = true; }; dhcpV4Config = { RouteMetric = 100; UseDNS = true; UseMTU = true; SendHostname = true; }; dhcpV6Config = { WithoutRA = "solicit"; }; ipv6AcceptRAConfig = { UseMTU = true; }; }; }; }; }; environment = { sessionVariables = { }; }; services = { godns = { enable = true; loadCredential = [ "login_token:${config.age.secrets.duckdns.path}" ]; settings = { domains = [ { domain_name = "www.duckdns.org"; sub_domains = [ "saarni" ]; } ]; login_token_file = "$CREDENTIALS_DIRECTORY/login_token"; ip_interface = "wlan0"; interval = 300; ip_type = "IPv6"; provider = "DuckDNS"; }; }; tlp = { enable = true; settings = { CPU_PERF_POLICY_ON_AC = "performance"; CPU_PERF_POLICY_ON_BAT = "power"; CPU_SCALING_GOVERNOR_ON_AC = "performance"; CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; START_CHARGE_THRESH_BAT0 = 40; STOP_CHARGE_TRESH_BAT0 = 20; }; }; upower = { enable = true; criticalPowerAction = "Hibernate"; }; thermald.enable = true; }; age.secrets.wg_relesoft = { file = ../../secrets/wg_relesoft_saarni.age; group = "systemd-network"; mode = "0640"; }; systemd.network.netdevs."90-wg-relesoft" = { netdevConfig = { Name = "wg-relesoft"; Kind = "wireguard"; }; wireguardConfig = { PrivateKeyFile = config.age.secrets.wg_relesoft.path; }; wireguardPeers = [ { PublicKey = "B5QK7rl8sAXPu2upKhondWSt49qMOqTG/hDjwqY3cDs="; Endpoint = "65.21.238.221:51194"; AllowedIPs = [ "10.200.200.0/24" "fdc9:281f:4d7:9ee9::/64" "2a01:4f9:6a:4e26::/64" ]; PersistentKeepalive = 25; } ]; }; systemd.network.networks."90-wg-relesoft" = { matchConfig.Name = "wg-relesoft"; address = [ "10.200.200.11/24" "fdc9:281f:4d7:9ee9::11/128" "2a01:4f9:6a:4e26::11/128" ]; networkConfig = { IPv4Forwarding = true; IPv6Forwarding = true; IPv6AcceptRA = false; }; routes = [ { Destination = "10.200.200.0/24"; } { Destination = "fdc9:281f:4d7:9ee9::/64"; } { Destination = "2a01:4f9:6a:4e26::/64"; } ]; linkConfig.MTUBytes = "1420"; }; system.stateVersion = "24.05"; }