s0mev1rtn0de-nix -> kyra + {hazel, lynn, ivy, mel}: rename + modularity

Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
2026-02-08 22:16:49 +03:00 · 2026-02-08 22:16:49 +03:00 · 91d145fc9b
commit 91d145fc9b
parent c1445349f0
50 changed files with 377 additions and 278 deletions
--- a/kyra/networking/defaultGateway.nix
+++ b/kyra/networking/defaultGateway.nix
@ -0,0 +1,17 @@
+{
+  lib,
+  config,
+  ...
+}: {
+  networking = {
+    defaultGateway = lib.mkIf (config.networking.hostName == "mel") {
+      address = "45.11.229.1";
+      interface = "ens3";
+    };
+
+    defaultGateway6 = lib.mkIf (config.networking.hostName == "mel") {
+      address = "2a0e:97c0:3e3:2Oa::1";
+      interface = "ens3";
+    };
+  };
+}
--- a/kyra/networking/dns.nix
+++ b/kyra/networking/dns.nix
@ -0,0 +1,29 @@
+_: {
+  networking = {
+    nameservers = [
+      # cf dns
+      "1.1.1.1"
+      "1.0.0.1"
+      "2606:4700:4700::1111"
+      "2606:4700:4700::1001"
+
+      # google dns
+      "8.8.8.8"
+      "8.8.4.4"
+      "2001:4860:4860::8888"
+      "2001:4860:4860::8844"
+
+      # q9 dns
+      "9.9.9.9"
+      "149.112.112.112"
+      "2620:fe::fe"
+      "2620:fe::9"
+
+      # open dns
+      "208.67.222.222"
+      "208.67.220.220"
+      "2620:119:35::35"
+      "2620:119:53::53"
+    ];
+  };
+}
--- a/kyra/networking/firewall.nix
+++ b/kyra/networking/firewall.nix
@ -0,0 +1,11 @@
+_: {
+  networking = {
+    firewall = {
+      enable = true;
+      allowPing = true;
+      checkReversePath = false;
+    };
+
+    useNetworkd = true;
+  };
+}
--- a/kyra/networking/firewall/ens3.nix
+++ b/kyra/networking/firewall/ens3.nix
@ -0,0 +1,57 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  networking = {
+    firewall = {
+      interfaces = {
+        ens3 = {
+          allowedUDPPorts =
+            [
+              53580
+              53590
+            ]
+            ++ lib.optionals (config.networking.hostName == "hazel") [
+              443
+
+              25565
+
+              24
+              25
+              110
+              143
+              465
+              587
+              993
+              995
+              4190
+              53570
+            ];
+
+          allowedTCPPorts =
+            [
+              53580
+              53590
+            ]
+            ++ lib.optionals (config.networking.hostName == "hazel") [
+              443
+
+              25565
+
+              24
+              25
+              110
+              143
+              465
+              587
+              993
+              995
+              4190
+              53570
+            ];
+        };
+      };
+    };
+  };
+}
--- a/kyra/networking/hostname.nix
+++ b/kyra/networking/hostname.nix
@ -0,0 +1,5 @@
+_: {
+  networking = {
+    hostName = "kyra";
+  };
+}
--- a/kyra/networking/interfaces/ens3.nix
+++ b/kyra/networking/interfaces/ens3.nix
@ -0,0 +1,36 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  networking = {
+    interfaces = {
+      ens3 = {
+        ipv4 = {
+          addresses = lib.optionals (config.networking.hostName == "mel") [
+            {
+              address = "45.11.229.254";
+              prefixLength = 24;
+            }
+          ];
+        };
+
+        ipv6 = {
+          addresses =
+            lib.optionals (config.networking.hostName == "hazel") [
+              {
+                address = "2a03:6f01:1:2::cb1e";
+                prefixLength = 64;
+              }
+            ]
+            ++ lib.optionals (config.networking.hostName == "mel") [
+              {
+                address = "2a0e:97c0:3e3:2Oa::1";
+                prefixLength = 64;
+              }
+            ];
+        };
+      };
+    };
+  };
+}
--- a/kyra/networking/wireguard.nix
+++ b/kyra/networking/wireguard.nix
@ -0,0 +1,7 @@
+_: {
+  networking = {
+    wireguard = {
+      enable = true;
+    };
+  };
+}