From 650231500e8b3e26cd7c7f149b49944fb51a3ab3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kjetil=20=C3=98rbekk?= <kj@orbekk.com>
Date: Wed, 6 Dec 2017 19:23:40 -0500
Subject: dragon config

---
 machines/dragon.nix | 36 +++++++++++++++++++++++++-----------
 1 file changed, 25 insertions(+), 11 deletions(-)

(limited to 'machines/dragon.nix')

diff --git a/machines/dragon.nix b/machines/dragon.nix
index 492441c..bab7b97 100644
--- a/machines/dragon.nix
+++ b/machines/dragon.nix
@@ -1,6 +1,7 @@
 { config, lib, pkgs, ... }:
 {
   imports = [
+    ../config/borg-backup.nix
     ../config/common.nix
     ../config/users.nix
     ../config/weechat.nix
@@ -26,20 +27,28 @@
     packages = [ pkgs.lxc ];
   };
 
-  boot.kernelParams = [ "console=tty0" ''console="ttyS0,115200n8"'' ];
-  boot.loader.grub.extraConfig = ''
-    GRUB_TERMINAL="serial"
-    GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
-  '';
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-  boot.loader.grub.devices = ["/dev/sda" "/dev/sdb"];
+
+  boot = {
+    kernelParams = [ "console=tty0" ''console="ttyS0,115200n8"'' ];
+    kernel.sysctl = {
+      "net.ipv4.conf.all.forwarding" = true;
+      "net.ipv6.conf.all.forwarding" = true;
+    };
+    
+    loader.grub.extraConfig = ''
+      GRUB_TERMINAL="serial"
+      GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
+    '';
+    loader.grub.enable = true;
+    loader.grub.version = 2;
+    loader.grub.devices = ["/dev/sda" "/dev/sdb"];
+  };
   
   networking = {
     hostName = lib.mkForce "dragon";
 
     firewall.allowPing = true;
-    # firewall.checkReversePath = "loose";
+    firewall.checkReversePath = "loose";
 
     bridges = {
       br0 = {
@@ -56,8 +65,8 @@
       sleep 10
       echo setting up routes
       ip -6 addr add 2001:470:8e2e:20::d/64 dev br0 || true
-      ip -6 route change default via fe80::822a:a8ff:fe4d:f5d6 dev br0 metric 0 src 2001:470:8e2e:20::d || true
-      ip route change default via 10.0.20.1 dev br0 metric 0 || true
+      ip -6 route replace default via fe80::822a:a8ff:fe4d:f5d6 dev br0 metric 0 src 2001:470:8e2e:20::d || true
+      ip route replace default via 10.0.20.1 dev br0 metric 0 || true
     '';
   };
 
@@ -74,6 +83,11 @@
       fsType = "btrfs";
       options = [ "subvol=storage" ];
     };
+    "/staging" = {
+      device = "/dev/sda3";
+      fsType = "btrfs";
+      options = [ "subvol=staging" ];
+    };
   };
 
   system.stateVersion = lib.mkForce "17.09";
-- 
cgit v1.2.3