|
cd959a1f88
|
Typo
|
2022-09-18 01:26:40 +02:00 |
|
|
0449688a76
|
dnscache: up caching
|
2022-09-18 01:22:35 +02:00 |
|
|
e000ed1719
|
nixos-module/container/bird: add flpk-gw to anon1 config
|
2022-09-18 00:39:25 +02:00 |
|
|
b6ebe0f136
|
net/flpk: init
|
2022-09-18 00:17:59 +02:00 |
|
|
1293ab0a75
|
nixos-module/container/wireguard: make upBandwidth optional
|
2022-09-18 00:07:10 +02:00 |
|
|
c1b698078b
|
nixos-module/container/upstream/pppoe: remove obsolete dhcpV6 settings
|
2022-09-15 19:33:38 +02:00 |
|
|
1d2f491a79
|
nixos-module/container/dhcp-server: add ignore-client-uids
|
2022-09-14 20:23:55 +02:00 |
|
|
80f8b041a3
|
nixos-module/container/upstream: fix typo
|
2022-09-13 01:10:13 +02:00 |
|
|
a7a9def709
|
nixos-module/container/upstream: fix typo
|
2022-09-13 01:05:00 +02:00 |
|
|
4bbd7b6bee
|
nixos-module/collectd/unbound.rb: make executable
|
2022-09-12 21:01:29 +02:00 |
|
|
09e4beb737
|
nixos-module/container/upstream: catch preexisting iptables chains
|
2022-08-29 19:46:48 +02:00 |
|
|
c5f57bd8c1
|
nixos-module/container/upstream: reflect connections to staticIpv4Address
|
2022-08-29 19:22:39 +02:00 |
|
|
24e979d6bd
|
nixos-module/container/upstream: use internal core ipv4 address for port forwarding reflection
|
2022-08-27 19:06:39 +02:00 |
|
|
f9b865c2dd
|
nixos-module/collectd: fix command name
|
2022-08-23 03:05:42 +02:00 |
|
|
1b5a599f7c
|
nix/nixos-module/collectd: use security.wrappers for dhcpcount.rb
|
2022-08-23 03:01:45 +02:00 |
|
|
eeef53a268
|
nixos-module/container/dhcp-server: enhance matching for pxe/efi/rpi4
|
2022-08-22 23:31:18 +02:00 |
|
|
2c9d36ff00
|
nixos-module/defaults: unpin kernel
|
2022-08-22 19:59:59 +02:00 |
|
|
d4a2f34f18
|
nix/nixos-module/container/netboot: merge into c3d2/nix-config host nfsroot
|
2022-08-22 19:54:07 +02:00 |
|
|
6655e5e6a9
|
Don't block systemd-networkd-wait-online on core interface being stuck in configuring
|
2022-08-05 22:56:49 +02:00 |
|
|
d8dce5f6da
|
nixos-module/container/upstream/pppoe: fix disabling DHCP
|
2022-08-05 22:24:09 +02:00 |
|
|
88cadab0f0
|
entirely remove obsolete upstream1+upstream2 ipv4 subnets
|
2022-08-05 18:15:00 +02:00 |
|
|
78586ec3f6
|
nixos-module/container/vpn: allow link-local addrs for ipv6 slaac
|
2022-07-18 22:43:01 +02:00 |
|
|
8de1eceb44
|
nixos-module/collectd: fix mqttServer config
|
2022-07-16 01:32:27 +02:00 |
|
|
5b1c0301d5
|
nixos-module/collectd: add distribution to mqttServer
|
2022-07-16 01:29:02 +02:00 |
|
|
32f4b3bd84
|
nixos-module/container/upstream: prohibit forwarding smtp except for serv
|
2022-07-12 01:29:09 +02:00 |
|
|
99dbdf23ff
|
nixos-module/defaults: add hydra.hq.c3d2.de to nix.binaryCaches
|
2022-07-12 00:46:48 +02:00 |
|
|
58eaaff70e
|
server1: fix /boot fsType
|
2022-07-12 00:17:22 +02:00 |
|
|
b6da1cf7fb
|
server1: update for reinstallation
|
2022-07-11 23:41:27 +02:00 |
|
|
7248a43a4b
|
server1: fix syntax
|
2022-07-11 23:34:51 +02:00 |
|
|
331b5436cc
|
server1: change /boot path
|
2022-07-11 23:22:59 +02:00 |
|
|
b2913f2d8e
|
nixos-module/collectd/dhcpcount.rb: bump INTERVAL to 300
script generates considerable load :(
|
2022-06-28 03:22:14 +02:00 |
|
|
675c549095
|
nixos-module/collectd: fix
|
2022-06-24 00:05:54 +02:00 |
|
|
a9e617cd63
|
nixos-module/collectd: let collectd start after dhcpd4
|
2022-06-24 00:04:41 +02:00 |
|
|
03c2b37596
|
nixos-module/server: remove outdated nixpkgs-master overwrite for collectd
|
2022-06-21 23:39:47 +02:00 |
|
|
966442a327
|
nixos-module/container/dhcp-server: change rpi tftp server to nfsroot
|
2022-06-21 23:10:18 +02:00 |
|
|
d88d57cde6
|
nixos-module/collectd: allow access to dhcpd4 StateDirectory
|
2022-06-20 01:20:26 +02:00 |
|
|
7344fa925f
|
nixos-module/collectd/dhcpcount.rb: fix path to dhcpd.leases
|
2022-06-20 01:06:54 +02:00 |
|
|
a0eb8a5f82
|
nixos-module/defaults: pin kernelPackage to 5.17 for zfs build compatibility
|
2022-06-10 20:05:19 +02:00 |
|
|
22e4e19a5b
|
nixos-module/container/upstream/pppoe: add clamp-mss-to-pmtu for IPv6
|
2022-06-10 01:15:22 +02:00 |
|
|
4625eef8cb
|
nixos-module/container/dns: remove IFD for obtaining serial
now 100% IFD free
|
2022-03-26 04:07:00 +01:00 |
|
|
2de02cc5bb
|
*.nix: remove unused code
|
2022-03-22 18:13:17 +01:00 |
|
|
e16be776bb
|
nixos-module/container/dhcp-server: change RPi4 tftp server from netboot to nix-build
|
2022-03-22 18:11:04 +01:00 |
|
|
a43c8e99b6
|
nixos-module/container/{dhcp-server,netboot}: prepare rpi4 netboot
|
2022-03-13 22:43:43 +01:00 |
|
|
bdca123b99
|
vpn-gw: init
|
2022-03-01 22:51:31 +01:00 |
|
|
b75633566d
|
yggdrasil: remove pantoto peering
Peer instead from the pantoto side.
|
2022-01-18 23:35:48 +01:00 |
|
|
4bb8fe46e2
|
yggdrasil: change listening port to 1337
1/tcp didn't work :(
|
2022-01-14 20:37:42 +01:00 |
|
|
b50a051904
|
yggdrasil: don't listen on ipv4 and fail
|
2022-01-14 19:30:29 +01:00 |
|
|
64ee9d06bb
|
yggdrasil: listen, add port forwarding on upstream4+upstream1
|
2022-01-14 19:23:03 +01:00 |
|
|
4bf0e2bf33
|
yggdrasil: reconfigure peers
|
2022-01-14 00:54:33 +01:00 |
|
|
6cc02abdb8
|
yggdrasil: properly add a static key
|
2022-01-13 23:40:43 +01:00 |
|
|
792426f22c
|
nixos-module/container/yggdrasil: enable NAT66
|
2022-01-13 20:34:01 +01:00 |
|
|
0e3921d126
|
Yggdrasil: enable IPv6 forwarding
|
2022-01-13 20:24:38 +01:00 |
|
|
d8bd90e049
|
yggdrasil: prepare container deployment
|
2022-01-13 20:17:50 +01:00 |
|
|
29c74782c7
|
Add yggdrasil container
|
2022-01-13 19:49:33 +01:00 |
|
|
806820950f
|
nixos-module/container/bird: fix direct interfaces
|
2022-01-11 23:57:35 +01:00 |
|
|
343fe8c429
|
nixos-module/defaults: remove journalbeat
the service caused excessive disk write traffic, and the target greylog
server is overloaded anyway.
|
2022-01-11 22:16:53 +01:00 |
|
|
e1bceca9ab
|
nix/nixos-module/container/wireguard: rename file from anon.nix
|
2022-01-11 20:02:25 +01:00 |
|
|
53cd892531
|
nixos-module/container/bird: advertise upstream local subnet into ospf
|
2022-01-11 20:00:07 +01:00 |
|
|
3c44eeaab1
|
lib/config/options: move host wireguard setting to interface entries
|
2022-01-11 19:58:50 +01:00 |
|
|
a474577abd
|
Revert "nix/nixos-module/defaults: use non-nft iptables-legacy for migration"
This reverts commit 48b050b283 .
|
2021-12-11 00:51:05 +01:00 |
|
|
48b050b283
|
nix/nixos-module/defaults: use non-nft iptables-legacy for migration
|
2021-12-10 22:56:43 +01:00 |
|
|
7ac993f61e
|
nixos-module/server/lxc-containers: fix scope
|
2021-11-20 22:10:35 +01:00 |
|
|
8d671d8dee
|
nixos-module/server/lxc-containers: resolve lxc interface name issue by ensuring the type key comes first
it took very long to find this
|
2021-11-20 00:43:32 +01:00 |
|
|
eb6e47e505
|
nixos-module/server/network: enable STP and decrease forward_delay for bridges
|
2021-11-18 22:54:33 +01:00 |
|
|
14ddaeba45
|
nixos-module/network: configure addresses for all net interfaces
|
2021-11-18 21:36:57 +01:00 |
|
|
abb226bc5a
|
server1, server2: allow building with zfs support
|
2021-11-18 20:39:52 +01:00 |
|
|
19674ea461
|
nixos-module/container/bird: revert to somewhat larger ospf intervals
|
2021-11-18 17:10:36 +01:00 |
|
|
f7dabd8e2d
|
nixos-module/server/lxc-container: split container build and activation phases
|
2021-11-18 16:58:32 +01:00 |
|
|
15f7687d92
|
nixos-module/container/bird: drastically reduce ospf intervals
|
2021-11-15 23:23:38 +01:00 |
|
|
624f2e38f6
|
nixos-module/container/upstream/pppoe: fix user option
|
2021-11-13 03:23:45 +01:00 |
|
|
32c0def45b
|
config: nixify everything
|
2021-11-13 01:23:23 +01:00 |
|
|
01f37cec9f
|
lib/dns: add extraRecords
|
2021-11-10 20:12:45 +01:00 |
|
|
6b36f19af8
|
upstream: fix forwardPorts
|
2021-10-18 01:24:43 +02:00 |
|
|
2c3c0fa13c
|
upstream: disable NAT reflection for DNS port forwards
|
2021-10-16 23:56:32 +02:00 |
|
|
e904c12847
|
nixos-module/container/dns: add local ns.c3d2.de
|
2021-10-15 23:38:33 +02:00 |
|
|
eae6cc680b
|
nix: fix more names
|
2021-10-14 17:12:33 +02:00 |
|
|
0ca0a9e9fd
|
nix: remove dangling .ip4
|
2021-10-14 17:10:11 +02:00 |
|
|
de4b674091
|
nixos-module/defaults: fix syntax
|
2021-10-14 17:08:09 +02:00 |
|
|
bd5ee9e7cd
|
nixos-module/defaults: add journalbeat for central logging
|
2021-10-14 17:06:39 +02:00 |
|
|
8b6c7578e8
|
nixos-module/container/upstream: remove a lot of stuff by using loopbackIPs for forwarded ports
|
2021-09-06 23:41:45 +02:00 |
|
|
48cbaf5f08
|
nixos-module/container/upstream: fix SNAT for forwarded ports
|
2021-09-06 23:19:08 +02:00 |
|
|
501f96a225
|
nixos-module/container/upstream: specify externalIP to use SNAT instead of MASQUERADE
|
2021-09-06 23:17:46 +02:00 |
|
|
1b4f761de8
|
nixos-module/container/upstream: fix SNAT by adding a staticIpv4Address option
|
2021-09-06 22:58:52 +02:00 |
|
|
fd4c8ad65b
|
nixos-module/container/upstream: do SNAT for forwarded ports
|
2021-09-06 22:11:39 +02:00 |
|
|
1d94fb4094
|
nixos-module/server/defaults: install ipmitool
|
2021-08-25 17:01:30 +02:00 |
|
|
5a012418dc
|
nixos-module/server/defaults: enable IPMI monitoring with collectd from nixpkgs-master
|
2021-08-25 16:48:04 +02:00 |
|
|
ee2db449fd
|
nixos-module/server: unify server1 and server2
|
2021-08-21 00:04:28 +02:00 |
|
|
6166d1ee3b
|
nixos-module/server/server1: init
|
2021-08-20 23:49:04 +02:00 |
|
|
30aa03f07f
|
nixos-module/server/lxc-containers: make container startup conditional
preparing for cold failover
|
2021-08-20 21:39:00 +02:00 |
|
|
cf3d9b4891
|
config: don't use location to select server for lxc containers
|
2021-08-20 21:37:43 +02:00 |
|
|
dbca546593
|
nixos-module/server/lxc-containers: sysctl only when enabled
|
2021-07-14 19:01:24 +02:00 |
|
|
0cee77c2b4
|
nixos-module/container/dhcp-server: fix
|
2021-06-18 21:41:03 +02:00 |
|
|
7253ae6b17
|
nixos-module/container/dhcp-server: fix
|
2021-06-18 21:39:35 +02:00 |
|
|
13334f087c
|
netboot: support efi netboot
|
2021-06-18 21:31:17 +02:00 |
|
|
0e07293692
|
nixos-module/container/netboot: switch from xinetd to atftpd
|
2021-06-18 20:45:52 +02:00 |
|
|
250089b22f
|
nixos-module/server/lxc-containers: bump kernel limits
|
2021-06-18 20:20:04 +02:00 |
|
|
6b679e1b22
|
nixos-module/container/dhcp-server: fix next-server option
|
2021-06-18 20:13:07 +02:00 |
|
|
7d7c89ddb1
|
server2: disable vga modesetting
|
2021-06-18 20:09:22 +02:00 |
|
|
a85c25b0e2
|
server2: openssh.permitRootLogin=prohibit-password
|
2021-06-18 19:59:09 +02:00 |
|
|
7c0205f47e
|
netboot: init
|
2021-06-18 19:56:49 +02:00 |
|