{ config, pkgs, lib, ... }: { imports = [ ./hardware-configuration.nix ./nginx.nix ./tinc.nix ./mail-server.nix ]; networking.hostName = "sputnik"; networking.useDHCP = true; boot.kernelParams = [ "net.ifnames=0" ]; boot.loader.grub = { enable = true; version = 2; device = "/dev/sda"; }; # nix-shell -p speedtest_cli --run speedtest configuration.fireqos = { enable = true; interface = "eth0"; input = 55000; output = 4000; balance = false; }; services.custom.ssh.sshd.rootKeyFiles = [ (toString ) ]; # make sure ssh is only available trough the tinc networking.firewall.extraCommands = '' iptables -t nat -A PREROUTING ! -i tinc.private -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 0 ''; }