diff --git a/hosts/staging/configuration.nix b/hosts/staging/configuration.nix index 33972f3..4592d88 100644 --- a/hosts/staging/configuration.nix +++ b/hosts/staging/configuration.nix @@ -58,7 +58,6 @@ sops.defaultSopsFile = self + /secrets/data-hoarder-staging/secrets.yaml; - ddvbDeployment.domain = "staging.dvb.solutions"; networking.wg-quick.interfaces.wg-dvb = { address = [ "10.13.37.5/32" ]; privateKeyFile = config.sops.secrets.wg-seckey.path; @@ -73,6 +72,7 @@ ]; }; + deployment-dvb.domain = "staging.dvb.solutions"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/hosts/traffic-stop-box/configuration.nix b/hosts/traffic-stop-box/configuration.nix index 2e0abfe..3c4d860 100644 --- a/hosts/traffic-stop-box/configuration.nix +++ b/hosts/traffic-stop-box/configuration.nix @@ -3,7 +3,7 @@ { boot.tmpOnTmpfs = true; - networking.hostName = "traffic-stop-box-${toString config.ddvbDeployment.systemNumber}"; # Define your hostname. + networking.hostName = "traffic-stop-box-${toString config.deployment-dvb.systemNumber}"; # Define your hostname. # Set your time zone. time.timeZone = "Europe/Berlin"; diff --git a/hosts/traffic-stop-box/radio-config.nix b/hosts/traffic-stop-box/radio-config.nix index eb5117a..bdc7395 100644 --- a/hosts/traffic-stop-box/radio-config.nix +++ b/hosts/traffic-stop-box/radio-config.nix @@ -1,7 +1,7 @@ { config, lib, self, ... }: let - file = "${self}/configs/config_${toString config.ddvbDeployment.systemNumber}.json"; + file = "${self}/configs/config_${toString config.deployment-dvb.systemNumber}.json"; receiver_configs = [ { frequency = 170795000; offset = 19550; device = "hackrf=0"; RF = 14; IF = 8; BB = 42; } # dresden - barkhausen { frequency = 170795000; offset = 19400; device = "hackrf=0"; RF = 14; IF = 8; BB = 42; } # dresden - zentralwerk @@ -13,7 +13,7 @@ let { frequency = 150827500; offset = 19550; device = ""; RF = 14; IF = 32; BB = 42; } # drehturm aachen ]; - receiver_config = lib.elemAt receiver_configs config.ddvbDeployment.systemNumber; + receiver_config = lib.elemAt receiver_configs config.deployment-dvb.systemNumber; in { dump-dvb.gnuradio = { diff --git a/hosts/traffic-stop-box/secrets.nix b/hosts/traffic-stop-box/secrets.nix index 41f1565..68b9fcb 100644 --- a/hosts/traffic-stop-box/secrets.nix +++ b/hosts/traffic-stop-box/secrets.nix @@ -1,6 +1,6 @@ { config, self, ... }: { - sops.defaultSopsFile = self + /secrets/traffic-stop-box-${toString config.ddvbDeployment.systemNumber}/secrets.yaml; + sops.defaultSopsFile = self + /secrets/traffic-stop-box-${toString config.deployment-dvb.systemNumber}/secrets.yaml; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.secrets.wg-seckey = { }; diff --git a/hosts/traffic-stop-box/wireguard-client.nix b/hosts/traffic-stop-box/wireguard-client.nix index 44dd306..c71fe29 100644 --- a/hosts/traffic-stop-box/wireguard-client.nix +++ b/hosts/traffic-stop-box/wireguard-client.nix @@ -2,7 +2,7 @@ { networking.wg-quick.interfaces.wg-dvb = { - address = [ "10.13.37.${toString (config.ddvbDeployment.systemNumber + 100)}/32" ]; + address = [ "10.13.37.${toString (config.deployment-dvb.systemNumber + 100)}/32" ]; privateKeyFile = config.sops.secrets.wg-seckey.path; postUp = '' ${pkgs.iputils}/bin/ping -c 10 10.13.37.1 || true diff --git a/modules/data-hoarder/click.nix b/modules/data-hoarder/click.nix index dc1dc4e..17342a2 100644 --- a/modules/data-hoarder/click.nix +++ b/modules/data-hoarder/click.nix @@ -1,7 +1,7 @@ { pkgs, config, ... }: { services.nginx = { enable = true; - virtualHosts."click.${config.ddvbDeployment.domain}" = { + virtualHosts."click.${config.deployment-dvb.domain}" = { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/data-hoarder/clicky-bunty.nix b/modules/data-hoarder/clicky-bunty.nix index e682c59..8249679 100644 --- a/modules/data-hoarder/clicky-bunty.nix +++ b/modules/data-hoarder/clicky-bunty.nix @@ -21,7 +21,7 @@ enable = true; recommendedProxySettings = true; virtualHosts = { - "management-backend.${config.ddvbDeployment.domain}" = { + "management-backend.${config.deployment-dvb.domain}" = { forceSSL = true; enableACME = true; locations = { diff --git a/modules/data-hoarder/data-accumulator.nix b/modules/data-hoarder/data-accumulator.nix index bcda51d..47224e0 100644 --- a/modules/data-hoarder/data-accumulator.nix +++ b/modules/data-hoarder/data-accumulator.nix @@ -32,7 +32,7 @@ enable = true; recommendedProxySettings = true; virtualHosts = { - "dump.${config.ddvbDeployment.domain}" = { + "dump.${config.deployment-dvb.domain}" = { forceSSL = true; enableACME = true; locations = { diff --git a/modules/data-hoarder/documentation.nix b/modules/data-hoarder/documentation.nix index 0b7fbc1..c730312 100644 --- a/modules/data-hoarder/documentation.nix +++ b/modules/data-hoarder/documentation.nix @@ -8,7 +8,7 @@ in enable = true; recommendedProxySettings = true; virtualHosts = { - "docs.${config.ddvbDeployment.domain}" = { + "docs.${config.deployment-dvb.domain}" = { enableACME = true; forceSSL = true; locations = { diff --git a/modules/data-hoarder/dvb-api.nix b/modules/data-hoarder/dvb-api.nix index f5f20c1..1d05a7d 100644 --- a/modules/data-hoarder/dvb-api.nix +++ b/modules/data-hoarder/dvb-api.nix @@ -20,7 +20,7 @@ in enable = true; recommendedProxySettings = true; virtualHosts = { - "api.${config.ddvbDeployment.domain}" = { + "api.${config.deployment-dvb.domain}" = { forceSSL = true; enableACME = true; locations = { diff --git a/modules/data-hoarder/file_sharing.nix b/modules/data-hoarder/file_sharing.nix index af5c187..9794bce 100644 --- a/modules/data-hoarder/file_sharing.nix +++ b/modules/data-hoarder/file_sharing.nix @@ -4,7 +4,7 @@ enable = true; recommendedProxySettings = true; virtualHosts = { - "files.${config.ddvbDeployment.domain}" = { + "files.${config.deployment-dvb.domain}" = { enableACME = true; forceSSL = true; root = "/var/lib/pub-files/"; diff --git a/modules/data-hoarder/grafana.nix b/modules/data-hoarder/grafana.nix index 658dec4..9e7a5a3 100644 --- a/modules/data-hoarder/grafana.nix +++ b/modules/data-hoarder/grafana.nix @@ -54,7 +54,7 @@ params = { module = [ "http_2xx" ]; }; static_configs = [{ targets = [ - "api.${config.ddvbDeployment.domain}" + "api.${config.deployment-dvb.domain}" ]; }]; relabel_configs = [ @@ -82,7 +82,7 @@ # visualizer grafana = { enable = true; - domain = "monitoring.${config.ddvbDeployment.domain}"; + domain = "monitoring.${config.deployment-dvb.domain}"; port = 2342; addr = "127.0.0.1"; }; diff --git a/modules/data-hoarder/map.nix b/modules/data-hoarder/map.nix index c79c136..e2f5de5 100644 --- a/modules/data-hoarder/map.nix +++ b/modules/data-hoarder/map.nix @@ -4,7 +4,7 @@ enable = true; recommendedProxySettings = true; virtualHosts = { - "map.${config.ddvbDeployment.domain}" = { + "map.${config.deployment-dvb.domain}" = { forceSSL = true; enableACME = true; extraConfig = '' @@ -13,7 +13,7 @@ locations = { "/" = { - root = if (config.ddvbDeployment.domain == "dvb.solutions") then "${pkgs.windshield}/bin/" else "${pkgs.windshield-staging}/bin/"; + root = if (config.deployment-dvb.domain == "dvb.solutions") then "${pkgs.windshield}/bin/" else "${pkgs.windshield-staging}/bin/"; index = "index.html"; }; "~ \.(json)" = { diff --git a/modules/data-hoarder/socket.nix b/modules/data-hoarder/socket.nix index 4460616..9505a8f 100644 --- a/modules/data-hoarder/socket.nix +++ b/modules/data-hoarder/socket.nix @@ -19,7 +19,7 @@ in enable = true; recommendedProxySettings = true; virtualHosts = { - "socket.${config.ddvbDeployment.domain}" = { + "socket.${config.deployment-dvb.domain}" = { forceSSL = true; enableACME = true; locations = { diff --git a/modules/data-hoarder/website.nix b/modules/data-hoarder/website.nix index ae71ffb..bc83189 100644 --- a/modules/data-hoarder/website.nix +++ b/modules/data-hoarder/website.nix @@ -2,7 +2,7 @@ services.nginx = { enable = true; virtualHosts = { - "${config.ddvbDeployment.domain}" = { + "${config.deployment-dvb.domain}" = { enableACME = true; forceSSL = true; locations = { diff --git a/modules/dump-dvb/base.nix b/modules/dump-dvb/base.nix index 595a033..af14f6b 100644 --- a/modules/dump-dvb/base.nix +++ b/modules/dump-dvb/base.nix @@ -27,7 +27,7 @@ in autoOptimiseStore = true; }; - #networking.useNetworkd = true; + networking.useNetworkd = true; console = { font = "Lat2-Terminus16"; @@ -65,6 +65,7 @@ in ]; networking.firewall.enable = lib.mkDefault true; + networking.firewall.allowedTCPPorts = [ 22 ]; users.users.root = { openssh.authorizedKeys.keyFiles = [ diff --git a/modules/dump-dvb/default.nix b/modules/dump-dvb/default.nix index 3d140a6..90fb0a7 100644 --- a/modules/dump-dvb/default.nix +++ b/modules/dump-dvb/default.nix @@ -1,5 +1,8 @@ { imports = [ ./general-options.nix + ./net.nix + ./base.nix + ./wg.nix ]; } diff --git a/modules/dump-dvb/general-options.nix b/modules/dump-dvb/general-options.nix index 8ac32db..6128969 100644 --- a/modules/dump-dvb/general-options.nix +++ b/modules/dump-dvb/general-options.nix @@ -1,13 +1,13 @@ { lib, ... }: with lib; { options = { - ddvbDeployment.systemNumber = mkOption { + deployment-dvb.systemNumber = mkOption { type = types.int; default = 0; description = "number of the system"; }; - ddvbDeployment.domain = mkOption { + deployment-dvb.domain = mkOption { type = types.str; default = "dvb.solutions"; description = "domain the server is running on"; diff --git a/pkgs/deployment.nix b/pkgs/deployment.nix index f0b466f..2e9f2d8 100644 --- a/pkgs/deployment.nix +++ b/pkgs/deployment.nix @@ -2,7 +2,7 @@ let installScript = (system: - let ip = "10.13.37.${toString (system.config.ddvbDeployment.systemNumber + 100)}"; + let ip = "10.13.37.${toString (system.config.deployment-dvb.systemNumber + 100)}"; in (pkgs.writeScriptBin "deploy" '' #!${pkgs.runtimeShell}