use prefixLength settings from zentralwerk (enlarging serv)
This commit is contained in:
parent
d8757dd71c
commit
b5c2ac927d
48
flake.lock
48
flake.lock
|
@ -89,11 +89,11 @@
|
|||
},
|
||||
"nixpkgs-master": {
|
||||
"locked": {
|
||||
"lastModified": 1631810187,
|
||||
"narHash": "sha256-GHEpi5KiRo8fT9Oma5AFWAZVbP/C/ZnENnsdK++dNEU=",
|
||||
"lastModified": 1637013565,
|
||||
"narHash": "sha256-moN0tzKsEmPnTk3JMqODi98DwaVfCReRMERYyeCRba4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a8c43f8eb7ad74d8fa784d12a789195fdd8120f6",
|
||||
"rev": "4890bee027a805e2265e68f98abd1035b9449609",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -182,11 +182,11 @@
|
|||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1631792076,
|
||||
"narHash": "sha256-dBRsZ3JB6i53nzC30SsltdwrzjIr8e0zU/y8HitKpT8=",
|
||||
"lastModified": 1636997306,
|
||||
"narHash": "sha256-lzZka8I/y/CRKeXkfyafFx6/dh5LnIBUIM7VfPHy1I4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4d7170376374e74c7aa52938004e354de1947373",
|
||||
"rev": "0a8bc59854397f48461bf043c5f61d90e170755d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -199,11 +199,11 @@
|
|||
"openwrt": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1635777325,
|
||||
"narHash": "sha256-NigEYi+patV+QHfC/KKvgyKypfzw51RsC2MaPmbJXtc=",
|
||||
"lastModified": 1636309300,
|
||||
"narHash": "sha256-upY6H8I58zslHqEWKAueJjFnx3exkUVODY8aNyd9/VM=",
|
||||
"ref": "openwrt-21.02",
|
||||
"rev": "b4c40a7efc59caada8190d545d077521c747b7cc",
|
||||
"revCount": 50790,
|
||||
"rev": "4b0f87729c2e3c0571663e6f882fe726fef99f74",
|
||||
"revCount": 50796,
|
||||
"type": "git",
|
||||
"url": "https://git.openwrt.org/openwrt/openwrt.git"
|
||||
},
|
||||
|
@ -373,15 +373,14 @@
|
|||
"inputs": {
|
||||
"nixpkgs": "nixpkgs_5",
|
||||
"nixpkgs-master": "nixpkgs-master",
|
||||
"openwrt": "openwrt",
|
||||
"zentralwerk-network-key": "zentralwerk-network-key"
|
||||
"openwrt": "openwrt"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1636251699,
|
||||
"narHash": "sha256-KUglGnWyRMSJww/KvRojdqad1TqSU59mOf6FpukOD/g=",
|
||||
"lastModified": 1637365461,
|
||||
"narHash": "sha256-2R8FsTLTEhE0OHvEqlbfH3Eq7Hgpl1cMKtCv3JcFHH8=",
|
||||
"ref": "master",
|
||||
"rev": "733f04258dd709ce4a704a1511e35b6ec16315f6",
|
||||
"revCount": 1233,
|
||||
"rev": "9900b9af5e80da0b2b85a866662f8f210b325b1a",
|
||||
"revCount": 1291,
|
||||
"type": "git",
|
||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git"
|
||||
},
|
||||
|
@ -389,23 +388,6 @@
|
|||
"type": "git",
|
||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git"
|
||||
}
|
||||
},
|
||||
"zentralwerk-network-key": {
|
||||
"locked": {
|
||||
"dir": "nix/key",
|
||||
"lastModified": 1631808463,
|
||||
"narHash": "sha256-5xMZkqqQbpXECnKEK2THT7u4+/vL7SPp3Jvoicm1Moc=",
|
||||
"ref": "master",
|
||||
"rev": "e4a5aee0e44ca058d2f12d6c6f34db6d484187fc",
|
||||
"revCount": 1172,
|
||||
"type": "git",
|
||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git?dir=nix%2fkey"
|
||||
},
|
||||
"original": {
|
||||
"dir": "nix/key",
|
||||
"type": "git",
|
||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git?dir=nix%2fkey"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
|
@ -188,7 +188,7 @@
|
|||
{ nixpkgs ? inputs.nixpkgs, extraArgs ? {}, ... }@args:
|
||||
nixpkgs.lib.nixosSystem (nixpkgs.lib.filterAttrs (n: _: n != "nixpkgs") args // {
|
||||
extraArgs = extraArgs // {
|
||||
inherit hostRegistry inputs;
|
||||
inherit hostRegistry inputs zentralwerk;
|
||||
};
|
||||
extraModules = [
|
||||
self.nixosModules.c3d2
|
||||
|
@ -229,7 +229,6 @@
|
|||
sops-nix.nixosModules.sops
|
||||
];
|
||||
extraArgs = {
|
||||
inherit zentralwerk;
|
||||
secretsFile = "${secrets}/hosts/glotzbert/secrets.yaml";
|
||||
};
|
||||
system = "x86_64-linux";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, config, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, config, pkgs, ... }:
|
||||
let
|
||||
systemctl = "${pkgs.systemd}/bin/systemctl";
|
||||
deployCommand = "${systemctl} start deploy-c3d2-dns";
|
||||
|
@ -15,7 +15,7 @@ in
|
|||
networking.useNetworkd = true;
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, nixpkgs, config, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, nixpkgs, config, pkgs, ... }:
|
||||
let
|
||||
webroot = "/var/www";
|
||||
deployCommand = "${pkgs.systemd}/bin/systemctl start deploy-c3d2-web.service";
|
||||
|
@ -10,7 +10,7 @@ in
|
|||
networking.useNetworkd = true;
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{ zentralwerk, config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -21,7 +21,7 @@
|
|||
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.16";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
{ config, pkgs, lib, modulesPath, hostRegistry, ... }:
|
||||
{ config, pkgs, lib, modulesPath, hostRegistry, zentralwerk, ... }:
|
||||
|
||||
let
|
||||
coreAddress = hostRegistry.hosts.freifunk.ip4;
|
||||
corePrefixlen = 25;
|
||||
inherit (zentralwerk.lib.config.site.net) core;
|
||||
coreAddress = core.hosts4.${config.networking.hostName};
|
||||
meshInterface = "bmx";
|
||||
meshLoopback = "bmx_prime";
|
||||
ddmeshRegisterUrl = "https://register.freifunk-dresden.de/bot.php";
|
||||
|
@ -117,7 +117,7 @@ in {
|
|||
enable = true;
|
||||
matchConfig = { Name = "core"; };
|
||||
addresses = map (Address: { addressConfig = { inherit Address; }; }) [
|
||||
"${coreAddress}/${toString corePrefixlen}"
|
||||
"${coreAddress}/${toString core.subnet4Len}"
|
||||
"2a00:8180:2c00:281:8000::1/64"
|
||||
"fd23:42:c3d2:581:8000::1/64"
|
||||
];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, config, pkgs, ... }:
|
||||
|
||||
{
|
||||
networking = {
|
||||
|
@ -6,7 +6,10 @@
|
|||
useDHCP = false;
|
||||
interfaces.eth0 = {
|
||||
useDHCP = false;
|
||||
ipv4.addresses = [{ address = "172.20.73.53"; prefixLength = 26; }];
|
||||
ipv4.addresses = [ {
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
} ];
|
||||
};
|
||||
defaultGateway = "172.20.73.1";
|
||||
nameservers = [ "172.20.73.8" "9.9.9.9" ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, modulesPath, ... }:
|
||||
{ zentralwerk, config, pkgs, lib, modulesPath, ... }:
|
||||
|
||||
let
|
||||
restartServices = [ "grafana" "influxdb" ];
|
||||
|
@ -13,7 +13,7 @@ in {
|
|||
networking.useNetworkd = true;
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.43";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
{ zentralwerk, config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
imports = [ ./hydra.nix ./cache.nix ];
|
||||
|
@ -52,7 +52,7 @@
|
|||
defaultGateway = "172.20.73.1";
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.49";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
};
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, config, pkgs, lib, ... }:
|
||||
{ zentralwerk, hostRegistry, config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
domain = "jabber.c3d2.de";
|
||||
|
@ -23,7 +23,7 @@ in
|
|||
useNetworkd = true;
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
defaultGateway = "172.20.73.1";
|
||||
firewall.allowedTCPPorts = [
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, config, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, config, pkgs, ... }:
|
||||
let
|
||||
frontendDomain = "keycloak.c3d2.de";
|
||||
in
|
||||
|
@ -11,7 +11,7 @@ in
|
|||
useDHCP = false;
|
||||
ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
{ config, pkgs, lib, modulesPath, ... }:
|
||||
{ zentralwerk, config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
networking.hostName = "kibana";
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.44";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, config, pkgs, lib, ... }:
|
||||
{ zentralwerk, hostRegistry, config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
graylogPort = 9000;
|
||||
|
@ -8,7 +8,7 @@ in
|
|||
hostName = "logging";
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts.logging.ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
defaultGateway = "172.20.73.1";
|
||||
firewall = {
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
{ zentralwerk, ... }:
|
||||
{
|
||||
networking.hostName = "mail";
|
||||
networking.useNetworkd = true;
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.58";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, lib, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, lib, pkgs, ... }:
|
||||
{
|
||||
c3d2 = {
|
||||
isInHq = true;
|
||||
|
@ -9,7 +9,7 @@
|
|||
networking.interfaces.eth0 = {
|
||||
ipv4.addresses = [{
|
||||
address = hostRegistry.hosts.matemat.ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
};
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
{ hostRegistry, config, ... }:
|
||||
{ zentralwerk, hostRegistry, config, ... }:
|
||||
{
|
||||
c3d2.isInHq = false;
|
||||
networking = {
|
||||
hostName = "mobilizon";
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
defaultGateway = "172.20.73.1";
|
||||
firewall.allowedTCPPorts = [ 80 443 ];
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
{ config, pkgs, lib, tigger, ... }:
|
||||
{ zentralwerk, config, pkgs, lib, tigger, ... }:
|
||||
|
||||
{
|
||||
networking.hostName = "mucbot";
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.27";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
networking.nameservers =
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, nixosConfigurations, config, pkgs, lib, ... }:
|
||||
{ zentralwerk, hostRegistry, nixosConfigurations, config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -11,7 +11,7 @@
|
|||
networking.interfaces.eth0 = {
|
||||
ipv4.addresses = [{
|
||||
address = "172.20.73.45";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
};
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, scrapers, ... }:
|
||||
{ zentralwerk, pkgs, config, scrapers, ... }:
|
||||
|
||||
let
|
||||
freifunkNodes = {
|
||||
|
@ -15,7 +15,7 @@ in {
|
|||
networking.hostName = "scrape";
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.32";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
# Required for deployment
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, config, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, config, pkgs, ... }:
|
||||
{
|
||||
c3d2 = {
|
||||
isInHq = false;
|
||||
|
@ -9,7 +9,7 @@
|
|||
networking.useNetworkd = true;
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
{ zentralwerk, ... }:
|
||||
{
|
||||
networking.hostName = "spaceapi";
|
||||
networking.interfaces.eth0.ipv4.addresses = [{
|
||||
address = "172.20.73.25";
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
networking.firewall.enable = false;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, pkgs, ... }:
|
||||
{ hostRegistry, zentralwerk, pkgs, ... }:
|
||||
let
|
||||
authFile = pkgs.writeText "htpasswd" "k-ot:sawCOTsl/fIUY";
|
||||
in
|
||||
|
@ -12,7 +12,7 @@ in
|
|||
matchConfig.MACAddress = "C6:40:E0:21:9B:A4";
|
||||
networkConfig.IPv6AcceptRA = false;
|
||||
addresses = [ {
|
||||
addressConfig.Address = "${hostRegistry.hosts.stream.ip4}/26";
|
||||
addressConfig.Address = "${hostRegistry.hosts.stream.ip4}/${toString zentralwerk.lib.config.site.net.serv.subnet4Len}";
|
||||
} ];
|
||||
routes = [ {
|
||||
routeConfig = {
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ zentralwerk, config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{ boot.isContainer = true;
|
||||
boot.loader.initScript.enable = true;
|
||||
networking.interfaces.eth0.ipv4.addresses = [{ address = "172.20.73.52"; prefixLength = 26; }];
|
||||
networking.interfaces.eth0.ipv4.addresses = [{ address = "172.20.73.52"; prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len; }];
|
||||
networking.interfaces.eth0.useDHCP = false;
|
||||
networking.defaultGateway = "172.20.73.1";
|
||||
networking.nameservers = [ "172.20.73.8" "9.9.9.9" ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, lib, config, hostRegistry, ... }:
|
||||
{ pkgs, lib, config, hostRegistry, zentralwerk, ... }:
|
||||
|
||||
let
|
||||
host = hostRegistry.hosts.yggdrasil;
|
||||
|
@ -20,7 +20,9 @@ in {
|
|||
|
||||
c3d2 = { isInHq = true; };
|
||||
|
||||
networking = {
|
||||
networking = let
|
||||
inherit (zentralwerk.lib.config.site.net) core;
|
||||
in {
|
||||
hostName = "yggdrasil";
|
||||
firewall.enable = false;
|
||||
nat = {
|
||||
|
@ -30,8 +32,8 @@ in {
|
|||
ip6tables -t nat -A POSTROUTING ! --src 200::/7 -o ygg -j MASQUERADE
|
||||
'';
|
||||
};
|
||||
defaultGateway = "172.20.72.6";
|
||||
defaultGateway6 = "2a00:8180:2c00:281::c3d2:3";
|
||||
defaultGateway = core.hosts4.upstream4;
|
||||
defaultGateway6 = core.hosts6.up4.upstream4;
|
||||
# systemd-networkd breaks setting default routes. so sad.
|
||||
useNetworkd = pkgs.lib.mkForce false;
|
||||
nameservers = [ "172.20.73.8" ];
|
||||
|
@ -40,7 +42,7 @@ in {
|
|||
ipv4 = {
|
||||
addresses = [{
|
||||
address = host.ip4;
|
||||
prefixLength = 25;
|
||||
prefixLength = core.subnet4Len;
|
||||
}];
|
||||
};
|
||||
ipv6 = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ hostRegistry, config, lib, pkgs, ... }:
|
||||
{ zentralwerk, hostRegistry, config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
boot.initrd.availableKernelModules = [ "usbhid" ];
|
||||
|
@ -79,7 +79,7 @@
|
|||
useDHCP = false;
|
||||
interfaces.eth0.ipv4.addresses = [{
|
||||
address = hostRegistry.hosts."${config.networking.hostName}".ip4;
|
||||
prefixLength = 26;
|
||||
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
||||
}];
|
||||
defaultGateway = "172.20.73.1";
|
||||
firewall.enable = false;
|
||||
|
|
Loading…
Reference in New Issue