 Astro
|
6a181bbf18
|
nixos-module/container/upstream: try fixing upstream.noNat.subnets4
|
2022-09-18 23:02:46 +02:00 |
|
Astro
|
8ee629945d
|
nixos-module/container/upstream: remove remnants
|
2022-09-18 22:52:31 +02:00 |
|
Astro
|
2765dd05e2
|
nixos-module/container/upstream: try making upstream.noNat.subnets6 actually work
|
2022-09-18 22:48:25 +02:00 |
|
Astro
|
555026dd84
|
nixos-module/container/upstream: put noNat.subnets4 in proper iptables chain
|
2022-09-18 19:25:58 +02:00 |
|
Astro
|
c356db8bb4
|
nixos-module/container/wireguard: remove explicit ipv4 default route again
there is one implicitly
|
2022-09-18 19:09:22 +02:00 |
|
Astro
|
7d6f3f521b
|
nixos-module/container/upstream: fix syntax
|
2022-09-18 19:06:59 +02:00 |
|
Astro
|
2133522dc8
|
nixos-module/container/upstream: disable dhcp6 just for flpk-gw
|
2022-09-18 18:59:22 +02:00 |
|
Astro
|
82594811d4
|
nixos-module/container/wireguard: set ipv4 default route
|
2022-09-18 18:54:08 +02:00 |
|
Astro
|
9144ef6107
|
nixos-module/container/wireguard: remove direct RouteTable setting
|
2022-09-18 16:25:53 +02:00 |
|
Astro
|
a5e3abfca6
|
nixos-module/container/wireguard: brind back wireguardMark
|
2022-09-18 16:23:18 +02:00 |
|
Astro
|
5eb915e4f6
|
nixos-module/container/wireguard: rename rt_table vpn4 to vpn, add to wg settings
|
2022-09-18 16:14:38 +02:00 |
|
Astro
|
8583b55c0f
|
nixos-module/container/upstream: fix
|
2022-09-18 14:43:07 +02:00 |
|
Astro
|
bd95d81cba
|
ixos-module/container/upstream: fix noNat6
|
2022-09-18 14:40:44 +02:00 |
|
Astro
|
6e01f8c5df
|
nixos-module/container/bird: add flpk ipv6 range unreachable route
|
2022-09-18 01:58:00 +02:00 |
|
Astro
|
5a88fedebe
|
nixos-module/container/bird: add escaping
|
2022-09-18 01:47:57 +02:00 |
|
Astro
|
05641a7f74
|
flpk-gw: implement upstream.noNat.subnets4
|
2022-09-18 01:42:34 +02:00 |
|
Astro
|
f8c1c17a1d
|
bird: implement ospf.allowedUpstreams6
|
2022-09-18 01:37:57 +02:00 |
 Sandro -
|
cd959a1f88
|
Typo
|
2022-09-18 01:26:40 +02:00 |
|
Sandro -
|
0449688a76
|
dnscache: up caching
|
2022-09-18 01:22:35 +02:00 |
|
Astro
|
e000ed1719
|
nixos-module/container/bird: add flpk-gw to anon1 config
|
2022-09-18 00:39:25 +02:00 |
|
Astro
|
b6ebe0f136
|
net/flpk: init
|
2022-09-18 00:17:59 +02:00 |
|
Astro
|
1293ab0a75
|
nixos-module/container/wireguard: make upBandwidth optional
|
2022-09-18 00:07:10 +02:00 |
|
Astro
|
c1b698078b
|
nixos-module/container/upstream/pppoe: remove obsolete dhcpV6 settings
|
2022-09-15 19:33:38 +02:00 |
|
Astro
|
1d2f491a79
|
nixos-module/container/dhcp-server: add ignore-client-uids
|
2022-09-14 20:23:55 +02:00 |
|
Astro
|
80f8b041a3
|
nixos-module/container/upstream: fix typo
|
2022-09-13 01:10:13 +02:00 |
|
Astro
|
a7a9def709
|
nixos-module/container/upstream: fix typo
|
2022-09-13 01:05:00 +02:00 |
|
Astro
|
4bbd7b6bee
|
nixos-module/collectd/unbound.rb: make executable
|
2022-09-12 21:01:29 +02:00 |
|
Astro
|
09e4beb737
|
nixos-module/container/upstream: catch preexisting iptables chains
|
2022-08-29 19:46:48 +02:00 |
|
Astro
|
c5f57bd8c1
|
nixos-module/container/upstream: reflect connections to staticIpv4Address
|
2022-08-29 19:22:39 +02:00 |
|
Astro
|
24e979d6bd
|
nixos-module/container/upstream: use internal core ipv4 address for port forwarding reflection
|
2022-08-27 19:06:39 +02:00 |
|
Astro
|
f9b865c2dd
|
nixos-module/collectd: fix command name
|
2022-08-23 03:05:42 +02:00 |
|
Astro
|
1b5a599f7c
|
nix/nixos-module/collectd: use security.wrappers for dhcpcount.rb
|
2022-08-23 03:01:45 +02:00 |
|
Astro
|
eeef53a268
|
nixos-module/container/dhcp-server: enhance matching for pxe/efi/rpi4
|
2022-08-22 23:31:18 +02:00 |
|
Astro
|
2c9d36ff00
|
nixos-module/defaults: unpin kernel
|
2022-08-22 19:59:59 +02:00 |
|
Astro
|
d4a2f34f18
|
nix/nixos-module/container/netboot: merge into c3d2/nix-config host nfsroot
|
2022-08-22 19:54:07 +02:00 |
|
Sandro -
|
6655e5e6a9
|
Don't block systemd-networkd-wait-online on core interface being stuck in configuring
|
2022-08-05 22:56:49 +02:00 |
|
Astro
|
d8dce5f6da
|
nixos-module/container/upstream/pppoe: fix disabling DHCP
|
2022-08-05 22:24:09 +02:00 |
|
Astro
|
88cadab0f0
|
entirely remove obsolete upstream1+upstream2 ipv4 subnets
|
2022-08-05 18:15:00 +02:00 |
|
Astro
|
78586ec3f6
|
nixos-module/container/vpn: allow link-local addrs for ipv6 slaac
|
2022-07-18 22:43:01 +02:00 |
|
Astro
|
8de1eceb44
|
nixos-module/collectd: fix mqttServer config
|
2022-07-16 01:32:27 +02:00 |
|
Astro
|
5b1c0301d5
|
nixos-module/collectd: add distribution to mqttServer
|
2022-07-16 01:29:02 +02:00 |
|
Astro
|
32f4b3bd84
|
nixos-module/container/upstream: prohibit forwarding smtp except for serv
|
2022-07-12 01:29:09 +02:00 |
|
Astro
|
99dbdf23ff
|
nixos-module/defaults: add hydra.hq.c3d2.de to nix.binaryCaches
|
2022-07-12 00:46:48 +02:00 |
|
Astro
|
58eaaff70e
|
server1: fix /boot fsType
|
2022-07-12 00:17:22 +02:00 |
|
Astro
|
b6da1cf7fb
|
server1: update for reinstallation
|
2022-07-11 23:41:27 +02:00 |
|
Astro
|
7248a43a4b
|
server1: fix syntax
|
2022-07-11 23:34:51 +02:00 |
|
Astro
|
331b5436cc
|
server1: change /boot path
|
2022-07-11 23:22:59 +02:00 |
|
Astro
|
b2913f2d8e
|
nixos-module/collectd/dhcpcount.rb: bump INTERVAL to 300
script generates considerable load :(
|
2022-06-28 03:22:14 +02:00 |
|
Astro
|
675c549095
|
nixos-module/collectd: fix
|
2022-06-24 00:05:54 +02:00 |
|
Astro
|
a9e617cd63
|
nixos-module/collectd: let collectd start after dhcpd4
|
2022-06-24 00:04:41 +02:00 |
|
Astro
|
03c2b37596
|
nixos-module/server: remove outdated nixpkgs-master overwrite for collectd
|
2022-06-21 23:39:47 +02:00 |
|
Astro
|
966442a327
|
nixos-module/container/dhcp-server: change rpi tftp server to nfsroot
|
2022-06-21 23:10:18 +02:00 |
|
Astro
|
d88d57cde6
|
nixos-module/collectd: allow access to dhcpd4 StateDirectory
|
2022-06-20 01:20:26 +02:00 |
|
Astro
|
7344fa925f
|
nixos-module/collectd/dhcpcount.rb: fix path to dhcpd.leases
|
2022-06-20 01:06:54 +02:00 |
|
Astro
|
a0eb8a5f82
|
nixos-module/defaults: pin kernelPackage to 5.17 for zfs build compatibility
|
2022-06-10 20:05:19 +02:00 |
|
Astro
|
22e4e19a5b
|
nixos-module/container/upstream/pppoe: add clamp-mss-to-pmtu for IPv6
|
2022-06-10 01:15:22 +02:00 |
|
Astro
|
4625eef8cb
|
nixos-module/container/dns: remove IFD for obtaining serial
now 100% IFD free
|
2022-03-26 04:07:00 +01:00 |
|
Astro
|
2de02cc5bb
|
*.nix: remove unused code
|
2022-03-22 18:13:17 +01:00 |
|
Astro
|
e16be776bb
|
nixos-module/container/dhcp-server: change RPi4 tftp server from netboot to nix-build
|
2022-03-22 18:11:04 +01:00 |
|
Astro
|
a43c8e99b6
|
nixos-module/container/{dhcp-server,netboot}: prepare rpi4 netboot
|
2022-03-13 22:43:43 +01:00 |
|
Astro
|
bdca123b99
|
vpn-gw: init
|
2022-03-01 22:51:31 +01:00 |
 Ehmry -
|
b75633566d
|
yggdrasil: remove pantoto peering
Peer instead from the pantoto side.
|
2022-01-18 23:35:48 +01:00 |
|
Astro
|
4bb8fe46e2
|
yggdrasil: change listening port to 1337
1/tcp didn't work :(
|
2022-01-14 20:37:42 +01:00 |
|
Astro
|
b50a051904
|
yggdrasil: don't listen on ipv4 and fail
|
2022-01-14 19:30:29 +01:00 |
|
Astro
|
64ee9d06bb
|
yggdrasil: listen, add port forwarding on upstream4+upstream1
|
2022-01-14 19:23:03 +01:00 |
|
Ehmry -
|
4bf0e2bf33
|
yggdrasil: reconfigure peers
|
2022-01-14 00:54:33 +01:00 |
|
Astro
|
6cc02abdb8
|
yggdrasil: properly add a static key
|
2022-01-13 23:40:43 +01:00 |
|
Astro
|
792426f22c
|
nixos-module/container/yggdrasil: enable NAT66
|
2022-01-13 20:34:01 +01:00 |
|
Ehmry -
|
0e3921d126
|
Yggdrasil: enable IPv6 forwarding
|
2022-01-13 20:24:38 +01:00 |
|
Astro
|
d8bd90e049
|
yggdrasil: prepare container deployment
|
2022-01-13 20:17:50 +01:00 |
|
Ehmry -
|
29c74782c7
|
Add yggdrasil container
|
2022-01-13 19:49:33 +01:00 |
|
Astro
|
806820950f
|
nixos-module/container/bird: fix direct interfaces
|
2022-01-11 23:57:35 +01:00 |
|
Astro
|
343fe8c429
|
nixos-module/defaults: remove journalbeat
the service caused excessive disk write traffic, and the target greylog
server is overloaded anyway.
|
2022-01-11 22:16:53 +01:00 |
|
Astro
|
e1bceca9ab
|
nix/nixos-module/container/wireguard: rename file from anon.nix
|
2022-01-11 20:02:25 +01:00 |
|
Astro
|
53cd892531
|
nixos-module/container/bird: advertise upstream local subnet into ospf
|
2022-01-11 20:00:07 +01:00 |
|
Astro
|
3c44eeaab1
|
lib/config/options: move host wireguard setting to interface entries
|
2022-01-11 19:58:50 +01:00 |
|
Astro
|
a474577abd
|
Revert "nix/nixos-module/defaults: use non-nft iptables-legacy for migration"
This reverts commit 48b050b283.
|
2021-12-11 00:51:05 +01:00 |
|
Astro
|
48b050b283
|
nix/nixos-module/defaults: use non-nft iptables-legacy for migration
|
2021-12-10 22:56:43 +01:00 |
|
Astro
|
7ac993f61e
|
nixos-module/server/lxc-containers: fix scope
|
2021-11-20 22:10:35 +01:00 |
|
Astro
|
8d671d8dee
|
nixos-module/server/lxc-containers: resolve lxc interface name issue by ensuring the type key comes first
it took very long to find this
|
2021-11-20 00:43:32 +01:00 |
|
Astro
|
eb6e47e505
|
nixos-module/server/network: enable STP and decrease forward_delay for bridges
|
2021-11-18 22:54:33 +01:00 |
|
Astro
|
14ddaeba45
|
nixos-module/network: configure addresses for all net interfaces
|
2021-11-18 21:36:57 +01:00 |
|
Astro
|
abb226bc5a
|
server1, server2: allow building with zfs support
|
2021-11-18 20:39:52 +01:00 |
|
Astro
|
19674ea461
|
nixos-module/container/bird: revert to somewhat larger ospf intervals
|
2021-11-18 17:10:36 +01:00 |
|
Astro
|
f7dabd8e2d
|
nixos-module/server/lxc-container: split container build and activation phases
|
2021-11-18 16:58:32 +01:00 |
|
Astro
|
15f7687d92
|
nixos-module/container/bird: drastically reduce ospf intervals
|
2021-11-15 23:23:38 +01:00 |
|
Astro
|
624f2e38f6
|
nixos-module/container/upstream/pppoe: fix user option
|
2021-11-13 03:23:45 +01:00 |
|
Astro
|
32c0def45b
|
config: nixify everything
|
2021-11-13 01:23:23 +01:00 |
|
Astro
|
01f37cec9f
|
lib/dns: add extraRecords
|
2021-11-10 20:12:45 +01:00 |
|
Astro
|
6b36f19af8
|
upstream: fix forwardPorts
|
2021-10-18 01:24:43 +02:00 |
|
Astro
|
2c3c0fa13c
|
upstream: disable NAT reflection for DNS port forwards
|
2021-10-16 23:56:32 +02:00 |
|
Astro
|
e904c12847
|
nixos-module/container/dns: add local ns.c3d2.de
|
2021-10-15 23:38:33 +02:00 |
|
Astro
|
eae6cc680b
|
nix: fix more names
|
2021-10-14 17:12:33 +02:00 |
|
Astro
|
0ca0a9e9fd
|
nix: remove dangling `.ip4`
|
2021-10-14 17:10:11 +02:00 |
|
Astro
|
de4b674091
|
nixos-module/defaults: fix syntax
|
2021-10-14 17:08:09 +02:00 |
|
Astro
|
bd5ee9e7cd
|
nixos-module/defaults: add journalbeat for central logging
|
2021-10-14 17:06:39 +02:00 |
|
Astro
|
8b6c7578e8
|
nixos-module/container/upstream: remove a lot of stuff by using loopbackIPs for forwarded ports
|
2021-09-06 23:41:45 +02:00 |
|
Astro
|
48cbaf5f08
|
nixos-module/container/upstream: fix SNAT for forwarded ports
|
2021-09-06 23:19:08 +02:00 |
|
Astro
|
501f96a225
|
nixos-module/container/upstream: specify externalIP to use SNAT instead of MASQUERADE
|
2021-09-06 23:17:46 +02:00 |
|
Astro
|
1b4f761de8
|
nixos-module/container/upstream: fix SNAT by adding a staticIpv4Address option
|
2021-09-06 22:58:52 +02:00 |
|
Astro
|
fd4c8ad65b
|
nixos-module/container/upstream: do SNAT for forwarded ports
|
2021-09-06 22:11:39 +02:00 |
|
Astro
|
1d94fb4094
|
nixos-module/server/defaults: install ipmitool
|
2021-08-25 17:01:30 +02:00 |
|
Astro
|
5a012418dc
|
nixos-module/server/defaults: enable IPMI monitoring with collectd from nixpkgs-master
|
2021-08-25 16:48:04 +02:00 |
|
Astro
|
ee2db449fd
|
nixos-module/server: unify server1 and server2
|
2021-08-21 00:04:28 +02:00 |
|
Astro
|
6166d1ee3b
|
nixos-module/server/server1: init
|
2021-08-20 23:49:04 +02:00 |
|
Astro
|
30aa03f07f
|
nixos-module/server/lxc-containers: make container startup conditional
preparing for cold failover
|
2021-08-20 21:39:00 +02:00 |
|
Astro
|
cf3d9b4891
|
config: don't use location to select server for lxc containers
|
2021-08-20 21:37:43 +02:00 |
|
Astro
|
dbca546593
|
nixos-module/server/lxc-containers: sysctl only when enabled
|
2021-07-14 19:01:24 +02:00 |
|
Astro
|
0cee77c2b4
|
nixos-module/container/dhcp-server: fix
|
2021-06-18 21:41:03 +02:00 |
|
Astro
|
7253ae6b17
|
nixos-module/container/dhcp-server: fix
|
2021-06-18 21:39:35 +02:00 |
|
Astro
|
13334f087c
|
netboot: support efi netboot
|
2021-06-18 21:31:17 +02:00 |
|
Astro
|
0e07293692
|
nixos-module/container/netboot: switch from xinetd to atftpd
|
2021-06-18 20:45:52 +02:00 |
|
Astro
|
250089b22f
|
nixos-module/server/lxc-containers: bump kernel limits
|
2021-06-18 20:20:04 +02:00 |
|
Astro
|
6b679e1b22
|
nixos-module/container/dhcp-server: fix next-server option
|
2021-06-18 20:13:07 +02:00 |
|
Astro
|
7d7c89ddb1
|
server2: disable vga modesetting
|
2021-06-18 20:09:22 +02:00 |
|
Astro
|
a85c25b0e2
|
server2: openssh.permitRootLogin=prohibit-password
|
2021-06-18 19:59:09 +02:00 |
|
Astro
|
7c0205f47e
|
netboot: init
|
2021-06-18 19:56:49 +02:00 |
|
Astro
|
efe6bf342a
|
nixos-module/*/network: enable LLDP
|
2021-06-14 22:00:06 +02:00 |
|
Astro
|
ff6933fa1a
|
nixos-module/network: disable IPv6AcceptRA by default
|
2021-06-14 21:56:58 +02:00 |
|
Astro
|
58047f565e
|
nixos-module/server/lxc-containers: check and shorten ifnames more
|
2021-06-09 21:37:21 +02:00 |
|
Astro
|
e192781d2a
|
nixos-module/defaults: enable unstable zfs
|
2021-06-09 18:43:40 +02:00 |
|
Astro
|
ee0c996ddc
|
nix/lib/dns: update to up4 ipv6 addrs
|
2021-06-02 20:07:56 +02:00 |
|
Astro
|
45174545f2
|
nixos-module/container/bird: disable radvd in c3d2-gw{1,2}
|
2021-06-02 20:02:31 +02:00 |
|
Astro
|
aba5796a57
|
IPv6 renumbering
|
2021-06-02 19:56:24 +02:00 |
|
Astro
|
9c485db8c3
|
partially revert ec5bed6
speedtest-cli is already installed by ../defaults.nix
|
2021-06-01 19:28:42 +02:00 |
Daniel Poelzleithner
|
ec5bed6e65
|
Add more packages, speedtest-cli on upstreams
|
2021-05-31 13:44:28 +02:00 |
|
Astro
|
8b2d329067
|
nixos-module/container/bird: fix syntax
|
2021-05-31 01:03:51 +02:00 |
|
Astro
|
ac4b28f1e3
|
nixos-module/server/server2: modprobe pppoe
|
2021-05-31 00:51:14 +02:00 |
|
Astro
|
bd795b270a
|
nixos-module/container/upstream/pppoe: init
|
2021-05-31 00:41:38 +02:00 |
|
Astro
|
b87b73d358
|
nixos-module/server/lxc-containers: update permissions
|
2021-05-31 00:40:19 +02:00 |
|
Astro
|
24b36568ca
|
options: add physicalInterfaces
|
2021-05-31 00:06:56 +02:00 |
|
Astro
|
280292b631
|
nixos-module/container/bird: enable radvd for c3d2-gw*
|
2021-05-28 16:49:36 +02:00 |
|
Astro
|
762a9df69c
|
nixos-module/collectd: add execUser workaround
|
2021-05-28 02:02:21 +02:00 |
|
Astro
|
9e16a4284f
|
nixos-module/collectd/default: fix user
|
2021-05-27 03:47:14 +02:00 |
|
Astro
|
4f42b64b18
|
nixos-module/collectd/default: fix user
|
2021-05-27 03:41:22 +02:00 |
|
Astro
|
31334c4149
|
nixos-module/collectd/default: rm TODO
|
2021-05-27 03:40:56 +02:00 |
|
Astro
|
92f3be552d
|
nixos-module/collectd/default: restore ping plugin
|
2021-05-27 03:25:45 +02:00 |
|
Astro
|
74dc00961b
|
nixos-module/container/bird: enable authentication for OSPFv3
|
2021-05-27 02:14:26 +02:00 |
|
Astro
|
97bd7bc7d5
|
nixos-module/server/lxc-containers: revert lxc to 4.0.6
|
2021-05-27 01:54:54 +02:00 |
|
Astro
|
5267e4ab32
|
nixos-module/container/anon: fix wireguard network
|
2021-05-27 00:19:04 +02:00 |
|
Astro
|
51df2155de
|
dnscache: update unbound settings for nixos-21.05
|
2021-05-26 23:32:11 +02:00 |
|
Astro
|
ef371b32c4
|
nixos-module/collectd: add starlink-stats
|
2021-05-23 23:16:28 +02:00 |
|
Astro
|
e6ba05d34c
|
nixos-module/defaults: install speedtest-cli
|
2021-05-23 22:45:07 +02:00 |
|
Astro
|
cfb062063a
|
nixos-module/container/upstream: fix DHCP for upstream3, upstream4
|
2021-05-22 01:19:16 +02:00 |
|
Astro
|
33a4e65f69
|
nixos-module/container/upstream: catch failures
|
2021-05-14 18:56:38 +02:00 |
|
Astro
|
b23b687dfb
|
nixos-module/container/upstream: add proper networking.nat.extraStopCommands
|
2021-05-14 18:37:45 +02:00 |
|
Astro
|
5d97e85bf6
|
nixos-module/container/dns: add ns.spaceboyz.net over dn42 to slaves
|
2021-05-07 17:38:23 +02:00 |
|
Astro
|
90c9c9dd13
|
nixos-module/container/dns: set notify-source for zone xfer
|
2021-05-06 18:00:47 +02:00 |
|
Astro
|
27571cff72
|
nixos-module/container/dns, pkgs/dns-slaves: add explicit addresses for zone xfers
|
2021-05-06 17:52:49 +02:00 |
|
Astro
|
4d41e241b3
|
lib/dns: refactor localZones
|
2021-05-06 16:25:10 +02:00 |