forked from c3d2/nix-config
IPv6 renumbering
This commit is contained in:
parent
1369154dbb
commit
4fdf88ac18
|
@ -40,28 +40,28 @@ rec {
|
|||
|
||||
server3 = {
|
||||
ip4 = "172.22.99.13";
|
||||
ip6 = "2a02:8106:208:5201::13";
|
||||
ip6 = "2a00:8180:2c00:223::13";
|
||||
publicKey = ''
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHBQq8QxGUdvQTF6QPiRYHtD73ls4zoUcOtAPLVN/7dDZk7KZLQ+c373VB5jd9FfYKB2/w8lDCHXVi1sY26e+QE=
|
||||
'';
|
||||
};
|
||||
server4 = {
|
||||
ip4 = "172.22.99.14";
|
||||
ip6 = "2a02:8106:208:5201::14";
|
||||
ip6 = "2a00:8180:2c00:223::14";
|
||||
publicKey = ''
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGUwIWqP92toOSuV16wSN46t05RUKu609pqV2aexj8+DTO/hM8QWrhv51/jQG6TGmabZNlXbEvKMt48mW69uy48=
|
||||
'';
|
||||
};
|
||||
server5 = {
|
||||
ip4 = "172.22.99.15";
|
||||
ip6 = "2a02:8106:208:5201::15";
|
||||
ip6 = "2a00:8180:2c00:223::15";
|
||||
publicKey = ''
|
||||
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBB1qxi7ROlXvbmmeBJvNqyJdGDZG35e38RHujtqqDJXORwhy63LdW5jlv/09fNRj4nQMvKwdY5Oew2xgTzkaDwE=
|
||||
'';
|
||||
};
|
||||
server6 = {
|
||||
ip4 = "172.22.99.16";
|
||||
ip6 = "2a02:8106:208:5201::16";
|
||||
ip6 = "2a00:8180:2c00:223::16";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHhcvlbZ4TjAb6eQkYB2/Z3o/PHQVyAS6iEdGX+CEbGD";
|
||||
};
|
||||
|
@ -69,26 +69,26 @@ rec {
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbjG4uY8A0IJHRKjiQwt9JbuLDNVaTcwNJN8J4z6mgX";
|
||||
yggdrasil = {
|
||||
ip4 = "172.20.72.62";
|
||||
ip6 = "2a02:8106:208:5281:9000::1";
|
||||
ip6 = "2a00:8180:2c00:281:9000::1";
|
||||
ygg = "201:4561:bb58:4dac:5f6a:7b23:44f:a5ef";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDmEymILp4IACjCbtMXx6eKPuTZHKyPUfAev05Gn7hi";
|
||||
};
|
||||
freifunk = {
|
||||
ip4 = "172.20.72.40";
|
||||
ip6 = "2a02:8106:208:5281:8000::1";
|
||||
ip6 = "2a00:8180:2c00:281:8000::1";
|
||||
publiKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMFbxHGfBMBjjior1FNRub56O62K++HVnqUH67BeKD7d";
|
||||
};
|
||||
matemat = {
|
||||
ip4 = "172.22.99.133";
|
||||
ip6 = "2a02:8106:208:5201:f82b:1bff:fedc:8572";
|
||||
ip6 = "2a00:8180:2c00:223:f82b:1bff:fedc:8572";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBa07c4NnU1TGX1SMNea9e1d4nMtc0OS4gJLmTA3g/fe";
|
||||
};
|
||||
scrape = {
|
||||
ip4 = "172.20.73.32";
|
||||
ip6 = "2a02:8106:208:5282:e073:50ff:fef5:eb6e";
|
||||
ip6 = "2a00:8180:2c00:282:e073:50ff:fef5:eb6e";
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEGxPgg6nswoij1fBzDPDu6h4+d458XL2+dBxAx9KVOh";
|
||||
};
|
||||
|
@ -98,22 +98,22 @@ rec {
|
|||
};
|
||||
|
||||
grafana = {
|
||||
ip6 = "2a02:8106:208:5282:4042:fbff:fe4b:2de8";
|
||||
ip6 = "2a00:8180:2c00:282:4042:fbff:fe4b:2de8";
|
||||
};
|
||||
|
||||
hydra = {
|
||||
ip4 = "172.20.73.49";
|
||||
ip6 = "2a02:8106:208:5282:e03c:d7ff:fe8e:fe16";
|
||||
ip6 = "2a00:8180:2c00:282:e03c:d7ff:fe8e:fe16";
|
||||
};
|
||||
|
||||
mucbot = {
|
||||
ip4 = "172.20.73.27";
|
||||
ip6 = "2a02:8106:208:5282:28db:dff:fe6b:e89a";
|
||||
ip6 = "2a00:8180:2c00:282:28db:dff:fe6b:e89a";
|
||||
};
|
||||
|
||||
kibana = {
|
||||
ip4 = "172.20.73.44";
|
||||
ip6 = "2a02:8106:208:5282:460:7cff:fe28:76b2";
|
||||
ip6 = "2a00:8180:2c00:282:460:7cff:fe28:76b2";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -155,7 +155,7 @@ in {
|
|||
|
||||
protocol static {
|
||||
ipv6;
|
||||
route 2000::/3 via 2a02:8106:208:5201::c3d2:4;
|
||||
route 2000::/3 via 2a00:8180:2c00:281::c3d2:3;
|
||||
route fd00::/8 unreachable;
|
||||
}
|
||||
|
||||
|
|
|
@ -118,12 +118,12 @@ in {
|
|||
matchConfig = { Name = "core"; };
|
||||
addresses = map (Address: { addressConfig = { inherit Address; }; }) [
|
||||
"${coreAddress}/${toString corePrefixlen}"
|
||||
"2a02:8106:208:5281:8000::1/64"
|
||||
"2a00:8180:2c00:281:8000::1/64"
|
||||
"fd23:42:c3d2:581:8000::1/64"
|
||||
];
|
||||
# routes = map (Gateway: { routeConfig = { inherit Gateway; }; }) [
|
||||
# # upstream1
|
||||
# "2a02:8106:208:5281::b:0"
|
||||
# "2a00:8180:2c00:281::b:0"
|
||||
# # anon1
|
||||
# "172.20.72.7"
|
||||
# ];
|
||||
|
|
|
@ -25,8 +25,7 @@
|
|||
satisfy any;
|
||||
auth_basic secured;
|
||||
auth_basic_user_file ${pkgs.matemat-auth};
|
||||
allow 2a02:8106:208:5200::/56;
|
||||
allow 2a02:8106:211:e900::/56;
|
||||
allow 2a00:8180:2c00:200::/56;
|
||||
allow 172.22.99.0/24;
|
||||
allow 172.20.72.0/21;
|
||||
deny all;
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
prefixLength = 24;
|
||||
}];
|
||||
interfaces.eth0.ipv6.addresses = [{
|
||||
address = "2a02:8106:208:5201::34";
|
||||
address = "2a00:8180:2c00:223::34";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@ in {
|
|||
'';
|
||||
};
|
||||
defaultGateway = "172.20.72.6";
|
||||
defaultGateway6 = "2a02:8106:208:5281::b:0";
|
||||
defaultGateway6 = "2a00:8180:2c00:281::c3d2:3";
|
||||
# systemd-networkd breaks setting default routes. so sad.
|
||||
useNetworkd = pkgs.lib.mkForce false;
|
||||
nameservers = [ "172.20.73.8" ];
|
||||
|
@ -123,9 +123,6 @@ in {
|
|||
|
||||
protocol ospf v2 ZW4 {
|
||||
area 0 {
|
||||
networks {
|
||||
172.20.72.0/21;
|
||||
};
|
||||
interface "core" {
|
||||
authentication cryptographic;
|
||||
password "${pkgs.zentralwerk-ospf-message-digest-key}";
|
||||
|
|
|
@ -96,9 +96,8 @@ in {
|
|||
"::1/128"
|
||||
"fd23:42:c3d2:500::/56"
|
||||
"172.22.99.0/24"
|
||||
"2a02:8106:208:5200::/56"
|
||||
"172.20.72.0/21"
|
||||
"2a02:8106:211:e900::/56"
|
||||
"2a00:8180:2c00:200::/56"
|
||||
];
|
||||
zeroconf.publish.enable = true;
|
||||
package = pkgs.pulseaudioFull;
|
||||
|
|
|
@ -37,7 +37,7 @@ in {
|
|||
prefixLength = 24;
|
||||
}];
|
||||
ipv6.addresses = [{
|
||||
address = "2a02:8106:208:5201::20";
|
||||
address = "2a00:8180:2c00:223::20";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
};
|
||||
|
|
18
hq.nixops
18
hq.nixops
|
@ -8,7 +8,7 @@
|
|||
hosts/containers/dhcp/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5201:3801:15ff:fe95:8988";
|
||||
targetHost = "2a00:8180:2c00:223:3801:15ff:fe95:8988";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -20,7 +20,7 @@
|
|||
hosts/containers/mucbot/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5282:28db:dff:fe6b:e89a";
|
||||
targetHost = "2a00:8180:2c00:282:28db:dff:fe6b:e89a";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -43,7 +43,7 @@
|
|||
hosts/containers/elastic/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5282:e0d5:d8ff:fe54:586c";
|
||||
targetHost = "2a00:8180:2c00:282:e0d5:d8ff:fe54:586c";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -54,7 +54,7 @@
|
|||
hosts/containers/logging/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5282:6811:edff:fe40:89c6";
|
||||
targetHost = "2a00:8180:2c00:282:6811:edff:fe40:89c6";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -65,7 +65,7 @@
|
|||
hosts/storage-ng/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5201::20";
|
||||
targetHost = "2a00:8180:2c00:223::20";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -76,7 +76,7 @@
|
|||
hosts/containers/mongo/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5282:5038:2aff:feba:7d3b";
|
||||
targetHost = "2a00:8180:2c00:282:5038:2aff:feba:7d3b";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -87,7 +87,7 @@
|
|||
hosts/containers/registry/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5201::34";
|
||||
targetHost = "2a00:8180:2c00:223::34";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -98,7 +98,7 @@
|
|||
hosts/containers/prometheus/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5282:8c46:d6ff:fe43:6afd";
|
||||
targetHost = "2a00:8180:2c00:282:8c46:d6ff:fe43:6afd";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
@ -110,7 +110,7 @@
|
|||
hosts/containers/spaceapi/configuration.nix
|
||||
];
|
||||
deployment = {
|
||||
targetHost = "2a02:8106:208:5282:1457:adff:fe93:62e9";
|
||||
targetHost = "2a00:8180:2c00:282:1457:adff:fe93:62e9";
|
||||
storeKeysOnMachine = true;
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue