update: dfw0

jz8132543 · Jun 14, 2024 · 22fdcf2 · 22fdcf2
1 parent 4242959
commit 22fdcf2
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 3 deletions.
diff --git a/nixos/hosts/dfw0/hardware-configuration.nix b/nixos/hosts/dfw0/hardware-configuration.nix
@@ -11,4 +11,18 @@
   boot.kernelModules = ["kvm-intel"];
   # utils.disk = "/dev/vdb";
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  networking = {
+    # useDHCP = false;
+    # useNetworkd = true;
+    interfaces.ens17 = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "154.40.40.139";
+          prefixLength = 25;
+        }
+      ];
+    };
+    defaultGateway = "154.40.40.254";
+  };
 }
diff --git a/nixos/modules/base/environment/isNAT/default.nix b/nixos/modules/base/environment/isNAT/default.nix
@@ -59,6 +59,9 @@ with lib; {
         firewall.allowedUDPPorts = with config.environment; [altHTTPS];
       }
       else {};
-    services.traefik.staticConfigOptions.entryPoints.https.address = lib.mkForce ":${toString config.environment.altHTTPS}";
+    services.traefik.staticConfigOptions.entryPoints.https =
+      if config.environment.isNAT
+      then {address = lib.mkForce ":${toString config.environment.altHTTPS}";}
+      else {};
   };
 }
diff --git a/nixos/modules/services/traefik.nix b/nixos/modules/services/traefik.nix
@@ -10,7 +10,6 @@
   config.services.traefik = {
     enable = true;
     staticConfigOptions = {
-      experimental.http3 = true;
       entryPoints = {
         http = {
           address = ":80";
@@ -29,7 +28,7 @@
           http.tls =
             if config.environment.isNAT
             then true
-            else {certResolver = "zerossl";};
+            else {certresolver = "zerossl";};
           http3 = {};
         };
       };