forked from zentralwerk/network
nixos-module/container/mgmt-gw: init
This commit is contained in:
parent
afad6f46b8
commit
953e43fa4a
|
@ -59,7 +59,21 @@ in
|
||||||
config.site.hosts = lib.mkMerge (
|
config.site.hosts = lib.mkMerge (
|
||||||
[
|
[
|
||||||
(builtins.foldl' (result: hostName: result // {
|
(builtins.foldl' (result: hostName: result // {
|
||||||
"${hostName}".role = "server";
|
"${hostName}" = {
|
||||||
|
role = "server";
|
||||||
|
interfaces = builtins.mapAttrs (net: _: {
|
||||||
|
type = "phys";
|
||||||
|
} // lib.optionalAttrs (net == "core") {
|
||||||
|
gw4 = "mgmt-gw";
|
||||||
|
gw6 = "mgmt-gw";
|
||||||
|
}) (
|
||||||
|
lib.filterAttrs (_: hosts: hosts ? ${hostName}) (
|
||||||
|
pillar.hosts-inet // (
|
||||||
|
builtins.foldl' (result: hosts: result // hosts) {} (builtins.attrValues pillar.hosts-inet6)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
};
|
||||||
}) {} mainServers)
|
}) {} mainServers)
|
||||||
|
|
||||||
(builtins.mapAttrs (_: switch: {
|
(builtins.mapAttrs (_: switch: {
|
||||||
|
|
10
nix/nixos-module/container/mgmt-gw.nix
Normal file
10
nix/nixos-module/container/mgmt-gw.nix
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
networking.nat = {
|
||||||
|
enable = true;
|
||||||
|
externalInterface = "core";
|
||||||
|
};
|
||||||
|
|
||||||
|
# TODO: firewall
|
||||||
|
}
|
|
@ -31,5 +31,8 @@ in {
|
||||||
builtins.match "upstream.*" hostName != null
|
builtins.match "upstream.*" hostName != null
|
||||||
) [
|
) [
|
||||||
./container/upstream.nix
|
./container/upstream.nix
|
||||||
|
]
|
||||||
|
++ optionals (hostName == "mgmt-gw") [
|
||||||
|
./container/mgmt-gw.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user