From 4fdf88ac182e18a2985bd9666d9a34964fa3ca82 Mon Sep 17 00:00:00 2001 From: Astro Date: Wed, 2 Jun 2021 21:37:18 +0200 Subject: [PATCH] IPv6 renumbering --- host-registry.nix | 24 ++++++++++----------- hosts/containers/dn42/default.nix | 2 +- hosts/containers/freifunk/default.nix | 4 ++-- hosts/containers/matemat/default.nix | 3 +-- hosts/containers/registry/configuration.nix | 2 +- hosts/containers/yggdrasil/default.nix | 5 +---- hosts/pulsebert/default.nix | 3 +-- hosts/storage-ng/configuration.nix | 2 +- hq.nixops | 18 ++++++++-------- 9 files changed, 29 insertions(+), 34 deletions(-) diff --git a/host-registry.nix b/host-registry.nix index baa7d3d2..0646ac82 100644 --- a/host-registry.nix +++ b/host-registry.nix @@ -40,28 +40,28 @@ rec { server3 = { ip4 = "172.22.99.13"; - ip6 = "2a02:8106:208:5201::13"; + ip6 = "2a00:8180:2c00:223::13"; publicKey = '' ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHBQq8QxGUdvQTF6QPiRYHtD73ls4zoUcOtAPLVN/7dDZk7KZLQ+c373VB5jd9FfYKB2/w8lDCHXVi1sY26e+QE= ''; }; server4 = { ip4 = "172.22.99.14"; - ip6 = "2a02:8106:208:5201::14"; + ip6 = "2a00:8180:2c00:223::14"; publicKey = '' ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGUwIWqP92toOSuV16wSN46t05RUKu609pqV2aexj8+DTO/hM8QWrhv51/jQG6TGmabZNlXbEvKMt48mW69uy48= ''; }; server5 = { ip4 = "172.22.99.15"; - ip6 = "2a02:8106:208:5201::15"; + ip6 = "2a00:8180:2c00:223::15"; publicKey = '' ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB1qxi7ROlXvbmmeBJvNqyJdGDZG35e38RHujtqqDJXORwhy63LdW5jlv/09fNRj4nQMvKwdY5Oew2xgTzkaDwE= ''; }; server6 = { ip4 = "172.22.99.16"; - ip6 = "2a02:8106:208:5201::16"; + ip6 = "2a00:8180:2c00:223::16"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHhcvlbZ4TjAb6eQkYB2/Z3o/PHQVyAS6iEdGX+CEbGD"; }; @@ -69,26 +69,26 @@ rec { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbjG4uY8A0IJHRKjiQwt9JbuLDNVaTcwNJN8J4z6mgX"; yggdrasil = { ip4 = "172.20.72.62"; - ip6 = "2a02:8106:208:5281:9000::1"; + ip6 = "2a00:8180:2c00:281:9000::1"; ygg = "201:4561:bb58:4dac:5f6a:7b23:44f:a5ef"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDmEymILp4IACjCbtMXx6eKPuTZHKyPUfAev05Gn7hi"; }; freifunk = { ip4 = "172.20.72.40"; - ip6 = "2a02:8106:208:5281:8000::1"; + ip6 = "2a00:8180:2c00:281:8000::1"; publiKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFbxHGfBMBjjior1FNRub56O62K++HVnqUH67BeKD7d"; }; matemat = { ip4 = "172.22.99.133"; - ip6 = "2a02:8106:208:5201:f82b:1bff:fedc:8572"; + ip6 = "2a00:8180:2c00:223:f82b:1bff:fedc:8572"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBa07c4NnU1TGX1SMNea9e1d4nMtc0OS4gJLmTA3g/fe"; }; scrape = { ip4 = "172.20.73.32"; - ip6 = "2a02:8106:208:5282:e073:50ff:fef5:eb6e"; + ip6 = "2a00:8180:2c00:282:e073:50ff:fef5:eb6e"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGxPgg6nswoij1fBzDPDu6h4+d458XL2+dBxAx9KVOh"; }; @@ -98,22 +98,22 @@ rec { }; grafana = { - ip6 = "2a02:8106:208:5282:4042:fbff:fe4b:2de8"; + ip6 = "2a00:8180:2c00:282:4042:fbff:fe4b:2de8"; }; hydra = { ip4 = "172.20.73.49"; - ip6 = "2a02:8106:208:5282:e03c:d7ff:fe8e:fe16"; + ip6 = "2a00:8180:2c00:282:e03c:d7ff:fe8e:fe16"; }; mucbot = { ip4 = "172.20.73.27"; - ip6 = "2a02:8106:208:5282:28db:dff:fe6b:e89a"; + ip6 = "2a00:8180:2c00:282:28db:dff:fe6b:e89a"; }; kibana = { ip4 = "172.20.73.44"; - ip6 = "2a02:8106:208:5282:460:7cff:fe28:76b2"; + ip6 = "2a00:8180:2c00:282:460:7cff:fe28:76b2"; }; }; diff --git a/hosts/containers/dn42/default.nix b/hosts/containers/dn42/default.nix index 4a201ee9..91870a4e 100644 --- a/hosts/containers/dn42/default.nix +++ b/hosts/containers/dn42/default.nix @@ -155,7 +155,7 @@ in { protocol static { ipv6; - route 2000::/3 via 2a02:8106:208:5201::c3d2:4; + route 2000::/3 via 2a00:8180:2c00:281::c3d2:3; route fd00::/8 unreachable; } diff --git a/hosts/containers/freifunk/default.nix b/hosts/containers/freifunk/default.nix index cf7ebde8..1a468b0f 100644 --- a/hosts/containers/freifunk/default.nix +++ b/hosts/containers/freifunk/default.nix @@ -118,12 +118,12 @@ in { matchConfig = { Name = "core"; }; addresses = map (Address: { addressConfig = { inherit Address; }; }) [ "${coreAddress}/${toString corePrefixlen}" - "2a02:8106:208:5281:8000::1/64" + "2a00:8180:2c00:281:8000::1/64" "fd23:42:c3d2:581:8000::1/64" ]; # routes = map (Gateway: { routeConfig = { inherit Gateway; }; }) [ # # upstream1 - # "2a02:8106:208:5281::b:0" + # "2a00:8180:2c00:281::b:0" # # anon1 # "172.20.72.7" # ]; diff --git a/hosts/containers/matemat/default.nix b/hosts/containers/matemat/default.nix index eb2e38cf..2440a1e9 100644 --- a/hosts/containers/matemat/default.nix +++ b/hosts/containers/matemat/default.nix @@ -25,8 +25,7 @@ satisfy any; auth_basic secured; auth_basic_user_file ${pkgs.matemat-auth}; - allow 2a02:8106:208:5200::/56; - allow 2a02:8106:211:e900::/56; + allow 2a00:8180:2c00:200::/56; allow 172.22.99.0/24; allow 172.20.72.0/21; deny all; diff --git a/hosts/containers/registry/configuration.nix b/hosts/containers/registry/configuration.nix index 14d5bbf8..13eca507 100644 --- a/hosts/containers/registry/configuration.nix +++ b/hosts/containers/registry/configuration.nix @@ -19,7 +19,7 @@ prefixLength = 24; }]; interfaces.eth0.ipv6.addresses = [{ - address = "2a02:8106:208:5201::34"; + address = "2a00:8180:2c00:223::34"; prefixLength = 64; }]; diff --git a/hosts/containers/yggdrasil/default.nix b/hosts/containers/yggdrasil/default.nix index 570e76e5..3b1a9060 100644 --- a/hosts/containers/yggdrasil/default.nix +++ b/hosts/containers/yggdrasil/default.nix @@ -31,7 +31,7 @@ in { ''; }; defaultGateway = "172.20.72.6"; - defaultGateway6 = "2a02:8106:208:5281::b:0"; + defaultGateway6 = "2a00:8180:2c00:281::c3d2:3"; # systemd-networkd breaks setting default routes. so sad. useNetworkd = pkgs.lib.mkForce false; nameservers = [ "172.20.73.8" ]; @@ -123,9 +123,6 @@ in { protocol ospf v2 ZW4 { area 0 { - networks { - 172.20.72.0/21; - }; interface "core" { authentication cryptographic; password "${pkgs.zentralwerk-ospf-message-digest-key}"; diff --git a/hosts/pulsebert/default.nix b/hosts/pulsebert/default.nix index fae8be79..ae87c33a 100644 --- a/hosts/pulsebert/default.nix +++ b/hosts/pulsebert/default.nix @@ -96,9 +96,8 @@ in { "::1/128" "fd23:42:c3d2:500::/56" "172.22.99.0/24" - "2a02:8106:208:5200::/56" "172.20.72.0/21" - "2a02:8106:211:e900::/56" + "2a00:8180:2c00:200::/56" ]; zeroconf.publish.enable = true; package = pkgs.pulseaudioFull; diff --git a/hosts/storage-ng/configuration.nix b/hosts/storage-ng/configuration.nix index aa0bfbd9..1ad42042 100644 --- a/hosts/storage-ng/configuration.nix +++ b/hosts/storage-ng/configuration.nix @@ -37,7 +37,7 @@ in { prefixLength = 24; }]; ipv6.addresses = [{ - address = "2a02:8106:208:5201::20"; + address = "2a00:8180:2c00:223::20"; prefixLength = 64; }]; }; diff --git a/hq.nixops b/hq.nixops index f4e3be05..6b899864 100644 --- a/hq.nixops +++ b/hq.nixops @@ -8,7 +8,7 @@ hosts/containers/dhcp/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5201:3801:15ff:fe95:8988"; + targetHost = "2a00:8180:2c00:223:3801:15ff:fe95:8988"; storeKeysOnMachine = true; }; }; @@ -20,7 +20,7 @@ hosts/containers/mucbot/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5282:28db:dff:fe6b:e89a"; + targetHost = "2a00:8180:2c00:282:28db:dff:fe6b:e89a"; storeKeysOnMachine = true; }; }; @@ -43,7 +43,7 @@ hosts/containers/elastic/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5282:e0d5:d8ff:fe54:586c"; + targetHost = "2a00:8180:2c00:282:e0d5:d8ff:fe54:586c"; storeKeysOnMachine = true; }; }; @@ -54,7 +54,7 @@ hosts/containers/logging/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5282:6811:edff:fe40:89c6"; + targetHost = "2a00:8180:2c00:282:6811:edff:fe40:89c6"; storeKeysOnMachine = true; }; }; @@ -65,7 +65,7 @@ hosts/storage-ng/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5201::20"; + targetHost = "2a00:8180:2c00:223::20"; storeKeysOnMachine = true; }; }; @@ -76,7 +76,7 @@ hosts/containers/mongo/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5282:5038:2aff:feba:7d3b"; + targetHost = "2a00:8180:2c00:282:5038:2aff:feba:7d3b"; storeKeysOnMachine = true; }; }; @@ -87,7 +87,7 @@ hosts/containers/registry/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5201::34"; + targetHost = "2a00:8180:2c00:223::34"; storeKeysOnMachine = true; }; }; @@ -98,7 +98,7 @@ hosts/containers/prometheus/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5282:8c46:d6ff:fe43:6afd"; + targetHost = "2a00:8180:2c00:282:8c46:d6ff:fe43:6afd"; storeKeysOnMachine = true; }; }; @@ -110,7 +110,7 @@ hosts/containers/spaceapi/configuration.nix ]; deployment = { - targetHost = "2a02:8106:208:5282:1457:adff:fe93:62e9"; + targetHost = "2a00:8180:2c00:282:1457:adff:fe93:62e9"; storeKeysOnMachine = true; }; };