c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

IPv6 renumbering

This commit is contained in:
Astro 2021-06-02 21:37:18 +02:00
parent 1369154dbb
commit 4fdf88ac18
9 changed files with 29 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
host-registry.nix
View File

@ -40,28 +40,28 @@ rec {
server3 = { server3 = {
ip4 = "172.22.99.13"; ip4 = "172.22.99.13";
ip6 = "2a02:8106:208:5201::13"; ip6 = "2a00:8180:2c00:223::13";
publicKey = '' publicKey = ''
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHBQq8QxGUdvQTF6QPiRYHtD73ls4zoUcOtAPLVN/7dDZk7KZLQ+c373VB5jd9FfYKB2/w8lDCHXVi1sY26e+QE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHBQq8QxGUdvQTF6QPiRYHtD73ls4zoUcOtAPLVN/7dDZk7KZLQ+c373VB5jd9FfYKB2/w8lDCHXVi1sY26e+QE=
''; '';
}; };
server4 = { server4 = {
ip4 = "172.22.99.14"; ip4 = "172.22.99.14";
ip6 = "2a02:8106:208:5201::14"; ip6 = "2a00:8180:2c00:223::14";
publicKey = '' publicKey = ''
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGUwIWqP92toOSuV16wSN46t05RUKu609pqV2aexj8+DTO/hM8QWrhv51/jQG6TGmabZNlXbEvKMt48mW69uy48= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGUwIWqP92toOSuV16wSN46t05RUKu609pqV2aexj8+DTO/hM8QWrhv51/jQG6TGmabZNlXbEvKMt48mW69uy48=
''; '';
}; };
server5 = { server5 = {
ip4 = "172.22.99.15"; ip4 = "172.22.99.15";
ip6 = "2a02:8106:208:5201::15"; ip6 = "2a00:8180:2c00:223::15";
publicKey = '' publicKey = ''
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB1qxi7ROlXvbmmeBJvNqyJdGDZG35e38RHujtqqDJXORwhy63LdW5jlv/09fNRj4nQMvKwdY5Oew2xgTzkaDwE= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB1qxi7ROlXvbmmeBJvNqyJdGDZG35e38RHujtqqDJXORwhy63LdW5jlv/09fNRj4nQMvKwdY5Oew2xgTzkaDwE=
''; '';
}; };
server6 = { server6 = {
ip4 = "172.22.99.16"; ip4 = "172.22.99.16";
ip6 = "2a02:8106:208:5201::16"; ip6 = "2a00:8180:2c00:223::16";
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHhcvlbZ4TjAb6eQkYB2/Z3o/PHQVyAS6iEdGX+CEbGD"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHhcvlbZ4TjAb6eQkYB2/Z3o/PHQVyAS6iEdGX+CEbGD";
}; };
@ -69,26 +69,26 @@ rec {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbjG4uY8A0IJHRKjiQwt9JbuLDNVaTcwNJN8J4z6mgX"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbjG4uY8A0IJHRKjiQwt9JbuLDNVaTcwNJN8J4z6mgX";
yggdrasil = { yggdrasil = {
ip4 = "172.20.72.62"; ip4 = "172.20.72.62";
ip6 = "2a02:8106:208:5281:9000::1"; ip6 = "2a00:8180:2c00:281:9000::1";
ygg = "201:4561:bb58:4dac:5f6a:7b23:44f:a5ef"; ygg = "201:4561:bb58:4dac:5f6a:7b23:44f:a5ef";
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDmEymILp4IACjCbtMXx6eKPuTZHKyPUfAev05Gn7hi"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDmEymILp4IACjCbtMXx6eKPuTZHKyPUfAev05Gn7hi";
}; };
freifunk = { freifunk = {
ip4 = "172.20.72.40"; ip4 = "172.20.72.40";
ip6 = "2a02:8106:208:5281:8000::1"; ip6 = "2a00:8180:2c00:281:8000::1";
publiKey = publiKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFbxHGfBMBjjior1FNRub56O62K++HVnqUH67BeKD7d"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFbxHGfBMBjjior1FNRub56O62K++HVnqUH67BeKD7d";
}; };
matemat = { matemat = {
ip4 = "172.22.99.133"; ip4 = "172.22.99.133";
ip6 = "2a02:8106:208:5201:f82b:1bff:fedc:8572"; ip6 = "2a00:8180:2c00:223:f82b:1bff:fedc:8572";
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBa07c4NnU1TGX1SMNea9e1d4nMtc0OS4gJLmTA3g/fe"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBa07c4NnU1TGX1SMNea9e1d4nMtc0OS4gJLmTA3g/fe";
}; };
scrape = { scrape = {
ip4 = "172.20.73.32"; ip4 = "172.20.73.32";
ip6 = "2a02:8106:208:5282:e073:50ff:fef5:eb6e"; ip6 = "2a00:8180:2c00:282:e073:50ff:fef5:eb6e";
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGxPgg6nswoij1fBzDPDu6h4+d458XL2+dBxAx9KVOh"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGxPgg6nswoij1fBzDPDu6h4+d458XL2+dBxAx9KVOh";
}; };
@ -98,22 +98,22 @@ rec {
}; };
grafana = { grafana = {
ip6 = "2a02:8106:208:5282:4042:fbff:fe4b:2de8"; ip6 = "2a00:8180:2c00:282:4042:fbff:fe4b:2de8";
}; };
hydra = { hydra = {
ip4 = "172.20.73.49"; ip4 = "172.20.73.49";
ip6 = "2a02:8106:208:5282:e03c:d7ff:fe8e:fe16"; ip6 = "2a00:8180:2c00:282:e03c:d7ff:fe8e:fe16";
}; };
mucbot = { mucbot = {
ip4 = "172.20.73.27"; ip4 = "172.20.73.27";
ip6 = "2a02:8106:208:5282:28db:dff:fe6b:e89a"; ip6 = "2a00:8180:2c00:282:28db:dff:fe6b:e89a";
}; };
kibana = { kibana = {
ip4 = "172.20.73.44"; ip4 = "172.20.73.44";
ip6 = "2a02:8106:208:5282:460:7cff:fe28:76b2"; ip6 = "2a00:8180:2c00:282:460:7cff:fe28:76b2";
}; };
}; };

2
hosts/containers/dn42/default.nix
View File

@ -155,7 +155,7 @@ in {
protocol static { protocol static {
ipv6; ipv6;
route 2000::/3 via 2a02:8106:208:5201::c3d2:4; route 2000::/3 via 2a00:8180:2c00:281::c3d2:3;
route fd00::/8 unreachable; route fd00::/8 unreachable;
} }

4
hosts/containers/freifunk/default.nix
View File

@ -118,12 +118,12 @@ in {
matchConfig = { Name = "core"; }; matchConfig = { Name = "core"; };
addresses = map (Address: { addressConfig = { inherit Address; }; }) [ addresses = map (Address: { addressConfig = { inherit Address; }; }) [
"${coreAddress}/${toString corePrefixlen}" "${coreAddress}/${toString corePrefixlen}"
"2a02:8106:208:5281:8000::1/64" "2a00:8180:2c00:281:8000::1/64"
"fd23:42:c3d2:581:8000::1/64" "fd23:42:c3d2:581:8000::1/64"
]; ];
# routes = map (Gateway: { routeConfig = { inherit Gateway; }; }) [ # routes = map (Gateway: { routeConfig = { inherit Gateway; }; }) [
# # upstream1 # # upstream1
# "2a02:8106:208:5281::b:0" # "2a00:8180:2c00:281::b:0"
# # anon1 # # anon1
# "172.20.72.7" # "172.20.72.7"
# ]; # ];

3
hosts/containers/matemat/default.nix
View File

@ -25,8 +25,7 @@
satisfy any; satisfy any;
auth_basic secured; auth_basic secured;
auth_basic_user_file ${pkgs.matemat-auth}; auth_basic_user_file ${pkgs.matemat-auth};
allow 2a02:8106:208:5200::/56; allow 2a00:8180:2c00:200::/56;
allow 2a02:8106:211:e900::/56;
allow 172.22.99.0/24; allow 172.22.99.0/24;
allow 172.20.72.0/21; allow 172.20.72.0/21;
deny all; deny all;

2
hosts/containers/registry/configuration.nix
View File

@ -19,7 +19,7 @@
prefixLength = 24; prefixLength = 24;
}]; }];
interfaces.eth0.ipv6.addresses = [{ interfaces.eth0.ipv6.addresses = [{
address = "2a02:8106:208:5201::34"; address = "2a00:8180:2c00:223::34";
prefixLength = 64; prefixLength = 64;
}]; }];

5
hosts/containers/yggdrasil/default.nix
View File

@ -31,7 +31,7 @@ in {
''; '';
}; };
defaultGateway = "172.20.72.6"; defaultGateway = "172.20.72.6";
defaultGateway6 = "2a02:8106:208:5281::b:0"; defaultGateway6 = "2a00:8180:2c00:281::c3d2:3";
# systemd-networkd breaks setting default routes. so sad. # systemd-networkd breaks setting default routes. so sad.
useNetworkd = pkgs.lib.mkForce false; useNetworkd = pkgs.lib.mkForce false;
nameservers = [ "172.20.73.8" ]; nameservers = [ "172.20.73.8" ];
@ -123,9 +123,6 @@ in {
protocol ospf v2 ZW4 { protocol ospf v2 ZW4 {
area 0 { area 0 {
networks {
172.20.72.0/21;
};
interface "core" { interface "core" {
authentication cryptographic; authentication cryptographic;
password "${pkgs.zentralwerk-ospf-message-digest-key}"; password "${pkgs.zentralwerk-ospf-message-digest-key}";

3
hosts/pulsebert/default.nix
View File

@ -96,9 +96,8 @@ in {
"::1/128" "::1/128"
"fd23:42:c3d2:500::/56" "fd23:42:c3d2:500::/56"
"172.22.99.0/24" "172.22.99.0/24"
"2a02:8106:208:5200::/56"
"172.20.72.0/21" "172.20.72.0/21"
"2a02:8106:211:e900::/56" "2a00:8180:2c00:200::/56"
]; ];
zeroconf.publish.enable = true; zeroconf.publish.enable = true;
package = pkgs.pulseaudioFull; package = pkgs.pulseaudioFull;

2
hosts/storage-ng/configuration.nix
View File

@ -37,7 +37,7 @@ in {
prefixLength = 24; prefixLength = 24;
}]; }];
ipv6.addresses = [{ ipv6.addresses = [{
address = "2a02:8106:208:5201::20"; address = "2a00:8180:2c00:223::20";
prefixLength = 64; prefixLength = 64;
}]; }];
}; };

18
hq.nixops
View File

@ -8,7 +8,7 @@
hosts/containers/dhcp/configuration.nix hosts/containers/dhcp/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5201:3801:15ff:fe95:8988"; targetHost = "2a00:8180:2c00:223:3801:15ff:fe95:8988";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -20,7 +20,7 @@
hosts/containers/mucbot/configuration.nix hosts/containers/mucbot/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5282:28db:dff:fe6b:e89a"; targetHost = "2a00:8180:2c00:282:28db:dff:fe6b:e89a";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -43,7 +43,7 @@
hosts/containers/elastic/configuration.nix hosts/containers/elastic/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5282:e0d5:d8ff:fe54:586c"; targetHost = "2a00:8180:2c00:282:e0d5:d8ff:fe54:586c";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -54,7 +54,7 @@
hosts/containers/logging/configuration.nix hosts/containers/logging/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5282:6811:edff:fe40:89c6"; targetHost = "2a00:8180:2c00:282:6811:edff:fe40:89c6";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -65,7 +65,7 @@
hosts/storage-ng/configuration.nix hosts/storage-ng/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5201::20"; targetHost = "2a00:8180:2c00:223::20";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -76,7 +76,7 @@
hosts/containers/mongo/configuration.nix hosts/containers/mongo/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5282:5038:2aff:feba:7d3b"; targetHost = "2a00:8180:2c00:282:5038:2aff:feba:7d3b";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -87,7 +87,7 @@
hosts/containers/registry/configuration.nix hosts/containers/registry/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5201::34"; targetHost = "2a00:8180:2c00:223::34";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -98,7 +98,7 @@
hosts/containers/prometheus/configuration.nix hosts/containers/prometheus/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5282:8c46:d6ff:fe43:6afd"; targetHost = "2a00:8180:2c00:282:8c46:d6ff:fe43:6afd";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };
@ -110,7 +110,7 @@
hosts/containers/spaceapi/configuration.nix hosts/containers/spaceapi/configuration.nix
]; ];
deployment = { deployment = {
targetHost = "2a02:8106:208:5282:1457:adff:fe93:62e9"; targetHost = "2a00:8180:2c00:282:1457:adff:fe93:62e9";
storeKeysOnMachine = true; storeKeysOnMachine = true;
}; };
}; };