Commit Graph

322 Commits

Author SHA1 Message Date
Astro 266fed1c13 nixos-module/container/dnscache: tuning 2021-04-15 00:27:23 +02:00
Astro e79bb4e297 nixos-module/collectd: add unbound.rb 2021-04-15 00:24:38 +02:00
Astro 52cac17f16 nixos-module/container/dnscache: set tls-cert-bundle 2021-04-14 23:25:21 +02:00
Astro b73e12e32b nixos-module/server/lxc-containers: fix hwaddr 2021-04-14 23:08:12 +02:00
Astro 405acaf875 nixos-module/container/dnscache: init 2021-04-14 23:07:27 +02:00
Astro 1ee38b50b0 nixos-module/firewall: add for mgmt-gw, priv13-gw 2021-04-14 20:04:28 +02:00
Astro 5aa53fbcb1 nixos-module/container/bird: add bgp configuration 2021-04-13 00:46:12 +02:00
Astro aed29a54ce lib/config/options+legacy: add bgp 2021-04-13 00:11:42 +02:00
Astro 8013241d6c nixos-module/container/defaults: disable openssh 2021-04-12 23:40:17 +02:00
Astro 7e776b2dbf nixos-module/collectd: don't invoke `hostname` in dhcpcount.rb 2021-04-12 23:36:41 +02:00
Astro 1a8b4811f7 nix/nixos-module/collectd: add dhcpcount.rb 2021-04-12 23:32:21 +02:00
Astro 4ef98c986c nixos-module/container/defaults: disable nix-daemon.socket
should quelch a warning
2021-04-12 22:35:34 +02:00
Astro f583833645 lib/config/options: fix isRouter logic 2021-04-12 22:35:02 +02:00
Astro b243297760 pkgs/default.nix: rm dead code 2021-04-12 21:22:16 +02:00
Astro cdd97678c1 nixos-module/container/bird: bump radv lifetime up to 10min 2021-04-12 21:18:18 +02:00
Astro a5e036397c nixos-module/server/qemu: increase nix-daemon LimitNOFILE
workaround
2021-04-12 21:12:03 +02:00
Astro 51460ad776 nix/nixos-module/server/qemu: move stuff here 2021-04-11 02:02:15 +02:00
Astro 0eabf2dbf6 doc 2021-04-11 02:02:15 +02:00
Astro 010a5cfb97 lib/config/options: make isRouter depend on having an ipv4 address in core
prevents server2 from becoming a router
2021-04-11 02:02:15 +02:00
Astro 6eb8a1d24f lib/config/options: remove wg from interfaces 2021-04-11 02:02:15 +02:00
Astro 25be18358f nixos-module/container/bird: add gatewayNet workaound for cls-gw 2021-04-11 02:02:15 +02:00
Astro 58dccf697f netmasks.nix: turn into code 2021-04-11 02:02:15 +02:00
Astro df32c2c7f3 nixos-module/network: doc, style 2021-04-11 02:02:15 +02:00
Astro b0611efc57 doc 2021-04-11 02:02:15 +02:00
Astro a2ac282c60 nixos-module/defaults: install iptables, conntrack-tools 2021-04-11 02:02:15 +02:00
Astro ec6d26ab08 s/forwardedPorts/forwardPorts/ 2021-04-11 02:02:15 +02:00
Astro d820cdffd3 server2: add updateMicrocode 2021-04-11 02:02:15 +02:00
Astro 8bdeedea9a nixos-module/container/upstream: style 2021-04-11 02:02:15 +02:00
Astro 9615317bf6 nixos-module/container/upstream: enable dhcpv6 prefix delegation 2021-04-11 02:02:15 +02:00
Astro 0ea6f38867 nixos-module/network: make IPForward depend on isRouter 2021-04-11 02:02:15 +02:00
Astro 1ddb9b6ac4 nixos-module/collectd: fix TypesDB syntax 2021-04-11 02:02:15 +02:00
Astro d200cecb79 nixos-module/collectd: fix TypesDB 2021-04-11 02:02:15 +02:00
Astro 494715acfe nixos-module/collectd: fix TypesDB src 2021-04-11 02:02:15 +02:00
Astro cc5222e85b nixos-module/collectd: install additional TypesDB 2021-04-11 02:02:15 +02:00
Astro 662261bbd9 nixos-module/container/bird: set radvd prefix 2021-04-11 02:02:15 +02:00
Astro df4c9f35b3 legacy.nix: change gw4+gw6 to cls-gw 2021-04-11 02:02:15 +02:00
Astro f5f62aa82a legacy.nix: remove server1 2021-04-11 02:02:15 +02:00
Astro aba9251f80 nixos-module/collectd: init 2021-04-11 02:02:15 +02:00
Astro d5f7aecba6 nixos-module/server/lxc-containers: use switch-to-configuration in ExecReload 2021-04-11 02:02:15 +02:00
Astro 421dba52fc nixos-module/defaults: remove nix.registry.zentralwerk-network
this will be checked out locally
2021-04-11 02:02:15 +02:00
Astro 79fa9127b7 nixos-module/container/bird: fix ospfv3 auth 2021-04-11 02:02:15 +02:00
Astro fcc3fbaf52 nixos-module/container/upstream: fix nat 2021-04-11 02:02:15 +02:00
Astro daa7bef9d5 nixos-module/container/bird: add radv 2021-04-11 02:02:15 +02:00
Astro e9a2092608 nixos-module/defaults: prevent bond0 autocreation 2021-04-11 02:02:15 +02:00
Astro 498970035a nixos-module/defaults: install bmon 2021-04-11 02:02:15 +02:00
Astro 93115c048b nixos-module/container/anon: make shorter 2021-04-11 02:02:15 +02:00
Astro 69c2823694 nixos-module/container/bird: disable ospfv3 password for now 2021-04-11 02:02:15 +02:00
Astro 11d6a80317 nixos-module/network: enable forwarding 2021-04-11 02:02:15 +02:00
Astro 8807ce4435 nixos-module/container/anon: route 2021-04-11 02:02:15 +02:00
Astro 55fccbb4e0 nixos-module/container/anon: fix key service order 2021-04-11 02:02:15 +02:00
Astro 436ceab45e nixos-module/container/anon: setup shaping 2021-04-11 02:02:15 +02:00
Astro 0a03be1469 nixos-module/container/anon: setup wireguard 2021-04-11 02:02:15 +02:00
Astro b81923a444 nixos-module/defaults: set kernel paremeters/version 2021-04-11 02:02:15 +02:00
Astro bafa33b229 lxc-containers.nix: refactor with imperative build-container script 2021-04-11 02:02:15 +02:00
Astro c015497773 nixos-module/container/anon: setup wireguard 2021-04-11 02:02:15 +02:00
Astro dbe5a867a7 nixos-module/server/network: attach vlan interfaces to bridges 2021-04-11 02:02:15 +02:00
Astro 276bb732c7 nixos-module/server/network: disable all addresses on bridges to make networkd happy 2021-04-11 02:02:15 +02:00
Astro 7da882f324 nixos-module/server/network: enable proper lacp 2021-04-11 02:02:15 +02:00
Astro 9fe5709976 lxc-containers: add experimental lxc-reload on system change 2021-04-11 02:02:15 +02:00
Astro fd8cb77b40 nixos-module/server/network: load iptables, open ssh 2021-04-11 02:02:15 +02:00
Astro dde0533e90 nix/lib/config: fix net name 2021-04-11 02:02:15 +02:00
Astro f173d13dd7 lxc-containers: wiggle dependency on network.target 2021-04-11 02:02:15 +02:00
Astro 54a061f565 lxc-containers.nix: rm outdated TODO 2021-04-11 02:02:15 +02:00
Astro 953e43fa4a nixos-module/container/mgmt-gw: init 2021-04-11 02:02:15 +02:00
Astro afad6f46b8 nixos-module/container/defaults: disable nix-daemon 2021-04-11 02:02:15 +02:00
Astro 4e3fd3398b options.nix: set a default domainName 2021-04-11 02:02:15 +02:00
Astro 2e2d8c976d server2.nix: hack in 2021-04-11 02:02:15 +02:00
Astro 53cbe8e74b lxc-containers.nix: start with non-ephemeral rootfs 2021-04-11 02:02:15 +02:00
Astro 7615d4d8de nixos-module/container/upstream.nix: setup sched_cake 2021-04-11 02:02:15 +02:00
Astro e9d4f1192f nixos-module/defaults.nix: disable documentation, add more systemPackages, optimize qemu settings 2021-04-11 02:02:15 +02:00
Astro b5210fa37d options.nix: move domainName 2021-04-11 02:02:15 +02:00
Astro c6de032ff3 nixos-module/container/upstream.nix: init dhcp, forwardedPorts 2021-04-11 02:02:15 +02:00
Astro ac8c771375 nix/pkgs: specify meta.mainProgram for vm-packages
enables `nix run .#server1-vm`
2021-04-11 02:02:15 +02:00
Astro 881f985450 nix/lib/config: add upstream, forwardedPorts, fix fixed-hosts 2021-04-11 02:02:15 +02:00
Astro 775b91fb18 dhcp-server.nix: add fixed-hosts 2021-04-11 02:02:15 +02:00
Astro df3ef74862 nixos-module/container/dhcp-server.nix: init 2021-04-11 02:02:15 +02:00
Astro c34e2e72c2 nix/pkgs: build *-vm packages 2021-04-11 02:02:15 +02:00
Astro a9336c4513 lxc-containers.nix: s/stdenv.shell/runtimeShell/ 2021-04-11 02:02:15 +02:00
Astro ea515088b3 lxc-containers.nix: get working 2021-04-11 02:02:15 +02:00
Astro 74c10c0446 config: add dhcpOpts, import from salt-pillar 2021-04-11 02:02:15 +02:00
Astro 9afc25d6c3 nixos-module/defaults.nix: add more tools 2021-04-11 02:02:15 +02:00
Astro 454566755b legacy: add forceVeth hack for unrelated problem 2021-04-11 02:02:15 +02:00
Astro 3d2cfa4e8a legacy: implement "*" for salt-pillar lookup 2021-04-11 02:02:15 +02:00
Astro 37dd4550bb nixos-modules/server/lxc-containers.nix: build rootfs before starting container 2021-04-11 02:02:15 +02:00
Astro 2c9d5c085a nixos-module/defaults: setup nix.registry 2021-04-11 02:02:15 +02:00
Astro 8a5f17806d nixos-module/network.nix: fix gw4 2021-04-11 02:02:15 +02:00
Astro 58f8441a1e nixos-module/defaults: set system.stateVersion 2021-04-11 02:02:15 +02:00
Astro 260bc3aeb5 nixos-module/container/bird.nix: init for ospf 2021-04-11 02:02:15 +02:00
Astro 704f007ae5 nixos-module/network.nix: configure host IP 2021-04-11 02:02:15 +02:00
Astro 46c16e4413 lxc-containers.nix: fix interface names 2021-04-11 02:02:15 +02:00
Astro b570447d01 nix/lib/config: add hosts4/6 options 2021-04-11 02:02:15 +02:00
Astro 59c61fb42f nixos-module/server/lxc-containers.nix: add systemd target 2021-04-11 02:02:15 +02:00
Astro 511b4df85e nixos-module/network.nix: add defaults 2021-04-11 02:02:15 +02:00
Astro 7109ae50cb server/network.nix: setup vlan/bridge infra 2021-04-11 02:02:15 +02:00
Astro 9d7d383740 nixos-module: mkdir server container 2021-04-11 02:02:15 +02:00
Astro 38c6344adf rm obsolete comments 2021-04-11 02:02:15 +02:00
Astro 020e8c3af2 nix: put interfaces in options 2021-04-11 02:02:15 +02:00
Astro 465a316192 nixos-module/lxc-containers: begin netConfig 2021-04-11 02:02:15 +02:00
Astro 681ac0ab5d move rootfs nixos-module to nix/pkgs 2021-04-11 02:02:15 +02:00
Astro d1cca3b029 nixos-powered lxc container 2021-04-11 02:02:15 +02:00
Astro c04ca49755 nix: fix infinite recursion by passing hostName as module arg 2021-04-11 02:02:15 +02:00
Astro 0a5ebd7f49 nixos-module: break by setting config 2021-04-11 02:02:15 +02:00
Ehmry - 72830ddc21 Remove "rec" from flake output 2021-04-11 02:02:15 +02:00
Astro a39bad4f85 nixosConfiguration with infinite recursion 2021-04-11 02:02:15 +02:00
Astro 84723105f3 nix/lib/default.nix: reorder 2021-04-11 02:02:15 +02:00
Astro 3aedafe119 nix/lib/salt-support: implement saltPillarFor by hostName 2021-04-11 02:02:15 +02:00
Astro 171b213603 host roles 2021-04-11 02:02:15 +02:00
Astro 99edf9fe53 salt-pillar: remove decryptMessage trace 2021-04-11 02:02:15 +02:00
Astro 3923b5fecd gpgKey: fix'n'update 2021-04-11 02:02:15 +02:00
Astro 67298b919e zentralwerk-network-key as flake input 2021-04-11 02:02:15 +02:00
Astro d364011f62 nix/key: init empty default 2021-04-11 02:02:15 +02:00
Astro 1119f72162 nix/nixos-modules -> nix/nixos-module 2021-04-11 02:02:15 +02:00
Astro ce4bda8862 nix/pkgs/default: init, add export-config 2021-04-11 02:02:15 +02:00
Astro d2a3d8a3c6 device-templates.nix: futile decryption attempts 2021-04-11 02:02:15 +02:00
Astro 1e0201b429 config: remove yaml-gpg.rb again
this approach required the gpg privkey all time
2021-04-11 02:02:15 +02:00
Astro f15bb721d2 pkgs/device-templates.nix: update 2021-04-11 02:02:15 +02:00
Astro 7b7745e376 lib: move into lib/config 2021-04-11 02:02:15 +02:00
Astro bf06bbe809 mv nix config stuff to nix/lib 2021-04-11 02:02:15 +02:00
Astro 133798c601 flake, nixos-modules: init 2021-04-11 02:02:15 +02:00
Astro bf297cd5d7 nix: add subnet 2021-04-11 02:02:15 +02:00
Astro b1fddd0ba7 nix: generate device scripts 2021-04-11 02:02:15 +02:00
Astro c23ebe64d2 nix: evaluating/parsing/decrypting the pillar for nix options 2021-04-11 02:02:15 +02:00