diff --git a/ops/nixos/bvm-radius/default.nix b/ops/nixos/bvm-radius/default.nix index e53cc1a8ff..d1770a803a 100644 --- a/ops/nixos/bvm-radius/default.nix +++ b/ops/nixos/bvm-radius/default.nix @@ -14,6 +14,7 @@ in { networking = { hostName = "bvm-radius"; hostId = "dcc75f10"; + tempAddresses = "disabled"; interfaces.enp1s0 = { ipv4.addresses = [{ address = "10.100.0.207"; prefixLength = 23; }]; @@ -46,6 +47,19 @@ in { }; my.ip.tailscale = "100.120.98.116"; + security.acme = { + acceptTerms = true; + email = "letsencrypt@lukegb.com"; + certs."as205479.net" = { + dnsProvider = "gcloud"; + credentialsFile = secrets.gcpDNSCredentials; + dnsPropagationCheck = false; + #postRun = '' + # systemctl restart freeradius + #''; + }; + }; + environment.systemPackages = with pkgs; [ freeradius depot.pkgs.eapol-test