diff --git a/hosts/siit-dc/state.nix b/hosts/siit-dc/state.nix index 4e7a44f..d7c55dd 100644 --- a/hosts/siit-dc/state.nix +++ b/hosts/siit-dc/state.nix @@ -1,7 +1,9 @@ { lib, modulesPath, ... }: { + networking.networkmanager.enable = lib.mkForce false; + networking.useDHCP = false; systemd.network.enable = true; - systemd.network.networks."10-wan" = { + systemd.network.networks."30-wan" = { matchConfig.Name = "enp1s0"; networkConfig.DHCP = "no"; address = [ @@ -20,10 +22,7 @@ boot.loader = { efi.canTouchEfiVariables = false; systemd-boot.enable = false; - grub = { - enable = true; - devices = [ "/dev/sda" ]; - }; + grub.enable = true; }; system.stateVersion = "25.05"; diff --git a/servers/siit-dc.nix b/servers/siit-dc.nix index 7ddb903..defd722 100644 --- a/servers/siit-dc.nix +++ b/servers/siit-dc.nix @@ -6,6 +6,8 @@ siit.default = { global.pool6 = "2a01:4f9:c013:bd27:46::/96"; + denylist4 = [ "157.180.86.116/32" ]; + # Explicit address mappings eamt = [ { diff --git a/shared/disko/hetzner-ext4.nix b/shared/disko/hetzner-ext4.nix index fb12228..044e9c8 100644 --- a/shared/disko/hetzner-ext4.nix +++ b/shared/disko/hetzner-ext4.nix @@ -5,22 +5,32 @@ device = "/dev/sda"; type = "disk"; content = { - type = "table"; - format = "msdos"; - partitions = [ - { - name = "nixos"; - part-type = "primary"; - bootable = true; - start = "1M"; - end = "100%"; + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; + priority = 1; + }; + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; content = { type = "filesystem"; format = "ext4"; mountpoint = "/"; }; - } - ]; + }; + }; }; }; };