Add more hosts to registry
Hostname resolution must work without uplink.
This commit is contained in:
parent
b60c3cc13b
commit
bf82f00f27
|
@ -9,12 +9,49 @@ rec {
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhurL/sxsXRglKdLfiWIcK+iqpyhGrGt/MoBODsgvig";
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhurL/sxsXRglKdLfiWIcK+iqpyhGrGt/MoBODsgvig";
|
||||||
pulsebert.publicKey =
|
pulsebert.publicKey =
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAnEWn/8CKIiCtehh6Ha3XUQqjODj0ygyo3aGAsFWgfG";
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAnEWn/8CKIiCtehh6Ha3XUQqjODj0ygyo3aGAsFWgfG";
|
||||||
server7.publicKey =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMiDm1b0NubTtcE9NuKrIpEOea5oS/yCW0Ncoaf/w3uy";
|
|
||||||
storage-ng.publicKey =
|
storage-ng.publicKey =
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMeg5ojU7U8+Lx824y+brazVJ007mEJDM7C7aUruOWGP";
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMeg5ojU7U8+Lx824y+brazVJ007mEJDM7C7aUruOWGP";
|
||||||
|
|
||||||
|
server1 = {
|
||||||
|
ip4 = "172.20.72.1";
|
||||||
|
publicKey = ''
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBD7M0j9goPMstNFj8dkNjMIgKFvbIGqpgeNKDjwTQdl5QJE+mE0k5/t8RlhN0MprZBr8px8PZw1dZlXAMLK4FQs=
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
server3 = {
|
||||||
|
ip4 = "172.22.99.13";
|
||||||
|
ip6 = "2a02:8106:208:5201::13";
|
||||||
|
publicKey = ''
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHBQq8QxGUdvQTF6QPiRYHtD73ls4zoUcOtAPLVN/7dDZk7KZLQ+c373VB5jd9FfYKB2/w8lDCHXVi1sY26e+QE=
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
server4 = {
|
||||||
|
ip4 = "172.22.99.15";
|
||||||
|
ip6 = "2a02:8106:208:5201::15";
|
||||||
|
publicKey = ''
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGUwIWqP92toOSuV16wSN46t05RUKu609pqV2aexj8+DTO/hM8QWrhv51/jQG6TGmabZNlXbEvKMt48mW69uy48=
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
server5 = {
|
||||||
|
ip4 = "172.22.99.16";
|
||||||
|
ip6 = "2a02:8106:208:5201::16";
|
||||||
|
publicKey = ''
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB1qxi7ROlXvbmmeBJvNqyJdGDZG35e38RHujtqqDJXORwhy63LdW5jlv/09fNRj4nQMvKwdY5Oew2xgTzkaDwE=
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
server6 = {
|
||||||
|
ip4 = "172.22.99.17";
|
||||||
|
ip6 = "2a02:8106:208:5201::17";
|
||||||
|
publicKey = ''
|
||||||
|
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKQCZ7f7bqRC6B72oMu7BCItZxZnWsqx9Th/2iBRvtIFggr4YNi7Pbw3cc68NVbm0u7feUUgH5LDiXVpig3b7Gw=
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
server7.publicKey =
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMiDm1b0NubTtcE9NuKrIpEOea5oS/yCW0Ncoaf/w3uy";
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
hqPublic = builtins.attrNames hosts;
|
hqGlobal = builtins.attrNames hosts;
|
||||||
hqPrivate = builtins.attrNames hosts;
|
hqLocal = builtins.attrNames hosts;
|
||||||
}
|
}
|
||||||
|
|
|
@ -98,7 +98,7 @@ in {
|
||||||
assertion = let
|
assertion = let
|
||||||
check = hostName: hostName == config.networking.hostName;
|
check = hostName: hostName == config.networking.hostName;
|
||||||
checkRegistry = list: builtins.any check list;
|
checkRegistry = list: builtins.any check list;
|
||||||
in cfg.isInHq -> checkRegistry hostRegistry.hqPrivate;
|
in cfg.isInHq -> checkRegistry hostRegistry.hqLocal;
|
||||||
message = "${config.networking.hostName} is not registered in ${
|
message = "${config.networking.hostName} is not registered in ${
|
||||||
toString ../host-registry.nix
|
toString ../host-registry.nix
|
||||||
}";
|
}";
|
||||||
|
@ -111,6 +111,8 @@ in {
|
||||||
users.motd = lib.mkIf cfg.enableMotd (builtins.readFile ./motd);
|
users.motd = lib.mkIf cfg.enableMotd (builtins.readFile ./motd);
|
||||||
|
|
||||||
networking.hosts = let
|
networking.hosts = let
|
||||||
|
getHost = hostName: builtins.getAttr hostName hostRegistry.hosts;
|
||||||
|
|
||||||
mapHostsNamesToAttrs = f: list: builtins.listToAttrs (map f list);
|
mapHostsNamesToAttrs = f: list: builtins.listToAttrs (map f list);
|
||||||
|
|
||||||
/* hqPublicHosts = mapHostsNamesToAttrs (hostName: {
|
/* hqPublicHosts = mapHostsNamesToAttrs (hostName: {
|
||||||
|
@ -119,12 +121,25 @@ in {
|
||||||
}) hostRegistry.hqPublic;
|
}) hostRegistry.hqPublic;
|
||||||
*/
|
*/
|
||||||
|
|
||||||
hqPrivateHosts = mapHostsNamesToAttrs (hostName: {
|
hqLocalHosts = with builtins;
|
||||||
name = toHqPrivateAddress hostName;
|
let
|
||||||
value = [ "${hostName}.hq" hostName ];
|
f = hostName:
|
||||||
}) hostRegistry.hqPrivate;
|
let
|
||||||
|
host = getHost hostName;
|
||||||
|
ip6 = if hasAttr "ip6" host then
|
||||||
|
host.ip6
|
||||||
|
else
|
||||||
|
toHqPrivateAddress hostName;
|
||||||
|
in [{
|
||||||
|
name = ip6;
|
||||||
|
value = [ "${hostName}.hq" hostName ];
|
||||||
|
}] ++ lib.optional (hasAttr "ip4" host) {
|
||||||
|
name = host.ip4;
|
||||||
|
value = [ "${hostName}.hq" hostName ];
|
||||||
|
};
|
||||||
|
in listToAttrs (concatLists (map f (attrNames hostRegistry.hosts)));
|
||||||
|
|
||||||
in if cfg.mapHqHosts then hqPrivateHosts else { };
|
in if cfg.mapHqHosts then hqLocalHosts else { };
|
||||||
|
|
||||||
networking.interfaces =
|
networking.interfaces =
|
||||||
/* (if cfg.hq.externalInterface == null then
|
/* (if cfg.hq.externalInterface == null then
|
||||||
|
@ -151,26 +166,28 @@ in {
|
||||||
|
|
||||||
programs.ssh.knownHosts = with builtins;
|
programs.ssh.knownHosts = with builtins;
|
||||||
let
|
let
|
||||||
hostNames = hostRegistry.hqPrivate;
|
hostNames = hostRegistry.hqLocal;
|
||||||
intersectKeys = intersectAttrs {
|
intersectKeys = intersectAttrs {
|
||||||
publicKey = null;
|
publicKey = null;
|
||||||
publicKeyFile = null;
|
publicKeyFile = null;
|
||||||
};
|
};
|
||||||
list = map (name:
|
list = map (name:
|
||||||
let sshAttrs = intersectKeys (getAttr name hostRegistry.hosts);
|
let
|
||||||
|
host = getAttr name hostRegistry.hosts;
|
||||||
|
sshAttrs = intersectKeys host;
|
||||||
in if sshAttrs == { } then
|
in if sshAttrs == { } then
|
||||||
null
|
null
|
||||||
else {
|
else {
|
||||||
inherit name;
|
inherit name;
|
||||||
value = {
|
value = let
|
||||||
|
ip6 = if hasAttr "ip6" host then
|
||||||
|
host.ip6
|
||||||
|
else
|
||||||
|
toHqPrivateAddress name;
|
||||||
|
in {
|
||||||
publicKey = null;
|
publicKey = null;
|
||||||
publicKeyFile = null;
|
publicKeyFile = null;
|
||||||
hostNames = [
|
hostNames = [ ip6 "${name}.hq.c3d2.de" "${name}.hq" name ];
|
||||||
(toHqPrivateAddress name)
|
|
||||||
"${name}.hq.c3d2.de"
|
|
||||||
"${name}.hq"
|
|
||||||
name
|
|
||||||
];
|
|
||||||
} // sshAttrs;
|
} // sshAttrs;
|
||||||
}) hostNames;
|
}) hostNames;
|
||||||
keyedHosts = filter (x: x != null) list;
|
keyedHosts = filter (x: x != null) list;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user