# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0

{ depot, lib, pkgs, rebuilder, config, ... }:
let
  inherit (depot.ops) secrets;
  machineSecrets = secrets.machineSpecific.frantech-nyc01;
in {
  imports = [
    ../../../third_party/nixpkgs/nixos/modules/profiles/qemu-guest.nix
    ../lib/low-space.nix
    ../lib/coredns/default.nix
    ../lib/bgp.nix
    ../lib/minotarproxy.nix
  ];

  boot.initrd.availableKernelModules = [
    "ata_piix"
    "uhci_hcd"
    "virtio_pci"
    "virtio_scsi"
    "sr_mod"
    "virtio_blk"
  ];
  boot.kernelModules = [ "kvm-amd" ];

  # Use GRUB.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/vda";

  powerManagement.cpuFreqGovernor = lib.mkDefault "performance";

  fileSystems = {
    "/" = {
      device = "/dev/vda1";
      fsType = "ext4";
    };
  };

  nix.maxJobs = lib.mkDefault 1;

  # Networking!
  networking = {
    hostName = "frantech-nyc01";
    domain = "as205479.net";
    hostId = "251837df";

    nameservers = [
      "2001:4860:4860::8888"
      "2001:4860:4860::8844"
      "8.8.8.8"
      "8.8.4.4"
    ];
    useDHCP = false;
    defaultGateway = {
      address = "199.195.254.1";
      interface = "ens3";
    };
    defaultGateway6 = {
      address = "2605:6400:10::1";
      interface = "ens3";
    };
    interfaces.ens3 = {
      ipv4.addresses = [{ address = "199.195.254.60"; prefixLength = 24; }];
      ipv6.addresses = [{ address = "2605:6400:10:c77::1"; prefixLength = 48; }];
    };
  };
  my.ip.tailscale = "100.99.236.25";

  services.lukegbgp = let local = {
    asn = 205479;
  }; in {
    enable = true;
    config = {
      local = {
        routerID = "199.195.254.60";
      };
      export = {
        #v4 = ["92.118.29.0/24"];
      };
      peering = {
        frantech = {
          local = local // {
            v4 = "199.195.254.60";
            v6 = "2605:6400:10:c77::1";
          };
          remote = {
            asn = 53667;
            export_community = 4000;
            routers = [{
              v4 = "169.254.169.179";
              v6 = "2605:6400:ffff::2";
              multihop = 2;
              password = machineSecrets.bgpPassword;
            }];
          };
        };
      };
    };
  };

  system.stateVersion = "21.05";
}