Add comet

linux/comet/network.nix

@@ -0,0 +1,27 @@
+{ config, ... }:
+
+let hn = config.networking.hostName; in {
+  networking = {
+    domain = config.constants.domain;
+    firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
+    hostId = "3ddd2ad2";
+    nftables.enable = true;
+  };
+
+  services = {
+    openssh = {
+      enable = true;
+      hostKeys = [{
+        comment = "host@${hn}";
+        path = "/etc/ssh/host";
+        rounds = 100;
+        type = "ed25519";
+      }];
+      settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+      };
+    };
+    resolved.enable = true;
+  };
+}