1 files changed, 63 insertions, 1 deletions

diff --git a/nix/hosts/nixos/wildcat/configuration.nix b/nix/machines/vm-hetzner.nix
index b74f522..03c7135 100644
--- a/nix/hosts/nixos/wildcat/configuration.nix
+++ b/nix/machines/vm-hetzner.nix
@@ -1,4 +1,66 @@
-{ lib, pkgs, ... }: {
+{ pkgs, lib, ... }: {
+  imports = [ ./hardware/vm-hetzner.nix ./vm-shared.nix ];
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+
+  networking.hostName = "fcuny";
+  networking.domain = "net";
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"
+  ];
+
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers =
+      [ "2a01:4ff:ff00::add:2" "2a01:4ff:ff00::add:1" "185.12.64.1" ];
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [{
+          address = "5.78.87.68";
+          prefixLength = 32;
+        }];
+        ipv6.addresses = [
+          {
+            address = "2a01:4ff:1f0:d1a3::1";
+            prefixLength = 64;
+          }
+          {
+            address = "fe80::9400:3ff:fe98:d6dc";
+            prefixLength = 64;
+          }
+        ];
+        ipv4.routes = [{
+          address = "172.31.1.1";
+          prefixLength = 32;
+        }];
+        ipv6.routes = [{
+          address = "fe80::1";
+          prefixLength = 128;
+        }];
+      };
+
+    };
+    firewall.allowedTCPPorts = [
+      22 # ssh
+      80 # nginx
+      443 # nginx
+    ];
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="96:00:03:98:d6:dc", NAME="eth0"
+
+  '';
+
   security.acme = {
     defaults.email = "acme@fcuny.net";
     acceptTerms = true;