{ config, lib, pkgs, ... }: { options = { networking.hyp-01.ipv4.address = lib.mkOption { type = lib.types.str; default = "88.99.145.10"; }; networking.hyp-01.ipv4.cidr = lib.mkOption { type = lib.types.str; default = "26"; }; networking.hyp-01.ipv4.gateway = lib.mkOption { type = lib.types.str; default = "88.99.145.1"; }; networking.hyp-01.ipv6.address = lib.mkOption { type = lib.types.str; default = "2a01:4f8:10a:2962::1"; }; networking.hyp-01.ipv6.cidr = lib.mkOption { type = lib.types.str; default = "64"; }; networking.hyp-01.ipv6.gateway = lib.mkOption { type = lib.types.str; default = "fe80::1"; }; }; config = { networking = { dhcpcd.enable = false; nameservers = [ "9.9.9.9" ]; }; systemd.network.networks."10-uplink".networkConfig.Address = config.networking.hyp-01.ipv6.address; boot.kernelParams = [ "ip=dhcp" ]; boot.initrd = { availableKernelModules = [ "e1000e" ]; systemd = let askPass = pkgs.writeShellScriptBin "zfs-askpass" '' systemd-tty-ask-password-agent --watch ''; in { enable = true; storePaths = [ "${askPass}/bin/zfs-askpass" ]; users.root.shell = "${askPass}/bin/zfs-askpass"; }; network = { enable = true; ssh = { enable = true; port = 2222; authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026" ]; hostKeys = [ # FIXME: this has to be manually uploaded during installation... # scp /tmp/initrd-ssh-key root@95.217.199.121:/mnt/var/lib/initrd-ssh-key # nixos-enter # realpath /run/current-system # exit # nixos-install --no-root-passwd --no-channel-copy --root /mnt --system /nix/store/1j1cf7l6f2b3hfd2dxmkmrvg5kblhgkl-nixos-system-eve-23.11.20231014.da24e6f "/etc/secrets/initrd/ssh_host_ed25519_key" ]; }; }; }; }; }