Rename Russian VPN server "zibeline" into "truite"

I think when all our VPN server names start with a "T", it looks
pretty nice! If you didn't notice: The "T" stands for "Tunnel"! :)

Signed-off-by: Mel <mel@rnrd.eu>

4 files changed, 122 insertions, 0 deletions

diff --git a/machines/truite/default.nix b/machines/truite/default.nix
new file mode 100644
index 0000000..9670da2
--- /dev/null
+++ b/machines/truite/default.nix
@@ -0,0 +1,51 @@
+{ me, machines, ... }:
+
+{
+  imports = [
+    ../../modules/common.nix
+
+    ./hardware.nix
+    ./devices.nix
+  ];
+
+  foundation = {
+    www = {
+      enable = true;
+
+      public = true;
+      tailnet = false;
+    };
+
+    monitoring = {
+      client.enable = true;
+      services = [
+        "base"
+        "tailnet"
+      ];
+    };
+
+    wireguard.server = {
+      enable = true;
+      externalInterface = "eth0";
+
+      peers = {
+        mel = {
+          key = "vnZoHXapCLLUhZ8A8R5W0iJ8LpWVLve29z41kkoT0BU=";
+          ip = 2;
+        };
+
+        andrei = {
+          key = "qqU4uYImLfUohIwl4KBshPtTINFcs0JVALjbmwpfxRg=";
+          ip = 3;
+        };
+
+        sergo = {
+          key = "qbZGMNIDZFCJC6SHtlyNIlIdGWHELceXClJCcagrj2Y=";
+          ip = 4;
+        };
+      };
+    };
+  };
+
+  system.stateVersion = "25.05";
+}
diff --git a/machines/truite/devices.nix b/machines/truite/devices.nix
new file mode 100644
index 0000000..dce5ff2
--- /dev/null
+++ b/machines/truite/devices.nix
@@ -0,0 +1,39 @@
+{ config, lib, pkgs, ... }:
+
+{
+  boot = {
+    loader.grub = {
+      enable = true;
+      device = "/dev/sda";
+    };
+
+    kernelModules = [ "wireguard" ];
+
+    swraid.enable = true;
+  };
+
+  zramSwap = {
+    enable = true;
+    algorithm = "zstd";
+    swapDevices = 1;
+    memoryPercent = 100;
+  };
+
+  networking = {
+    nameservers = [
+      "9.9.9.9"
+      "149.112.112.112"
+    ];
+
+    useDHCP = false;
+  };
+
+  systemd.network.enable = true;
+  systemd.network.networks."10-wan" = {
+    name = "eth0";
+    DHCP = "no";
+    address = [ "194.169.163.56/24" ];
+    gateway = [ "194.169.163.1" ];
+  };
+}
+
diff --git a/machines/truite/hardware.nix b/machines/truite/hardware.nix
new file mode 100644
index 0000000..b60a848
--- /dev/null
+++ b/machines/truite/hardware.nix
@@ -0,0 +1,23 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/a029352d-e2e9-432d-ae2a-43921652ea8b";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  virtualisation.hypervGuest.enable = true;
+}
diff --git a/machines/truite/home.nix b/machines/truite/home.nix
new file mode 100644
index 0000000..8f27ed2
--- /dev/null
+++ b/machines/truite/home.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+
+{
+  imports = [
+    ../../modules/home/common.nix
+  ];
+
+  home.stateVersion = "25.05";
+}