|
|
bcf60d2a5b
|
config: remove automatic config subnet4Len, subnet4Net
|
2021-11-13 02:53:54 +01:00 |
|
|
|
32c0def45b
|
config: nixify everything
|
2021-11-13 01:23:23 +01:00 |
|
|
|
6446c6b8a3
|
pkgs/ap: update ap_install_collectd.sh hint
|
2021-11-12 18:11:28 +01:00 |
|
|
|
ba94f712c1
|
pkgs/ap: fix wifi-iface
|
2021-11-11 17:49:29 +01:00 |
|
Daniel Poelzleithner
|
7f800810ad
|
fix missing string conversation
|
2021-11-10 22:58:17 +01:00 |
|
Daniel Poelzleithner
|
cbf226f3a5
|
add mon alias entries to ceph cluster
|
2021-11-10 22:54:03 +01:00 |
|
|
|
f41c7d37e2
|
lib/config: move _ceph-mon._tcp srv record from server7 to server5
|
2021-11-10 20:55:39 +01:00 |
|
|
|
245cbcfc10
|
nix/config: add cluster _ceph-mon._tcp SRV records
|
2021-11-10 20:13:05 +01:00 |
|
|
|
01f37cec9f
|
lib/dns: add extraRecords
|
2021-11-10 20:12:45 +01:00 |
|
|
|
f14c6ff200
|
pkgs/ap: catch failing service stop
|
2021-11-10 16:38:49 +01:00 |
|
|
|
d9443fc374
|
pkgs/ap: uci delete silently and don't abort
|
2021-11-09 21:16:53 +01:00 |
|
|
|
311df51820
|
pkgs/ap: don't use uci batch
was hiding which command produced an error
|
2021-11-09 21:10:56 +01:00 |
|
|
|
b8b4995433
|
pkgs/ap: delete unused networks
|
2021-11-09 21:07:37 +01:00 |
|
|
|
25217f0b82
|
pkgs/ap: move uciDeleteAll outside uci batch
|
2021-11-09 20:31:46 +01:00 |
|
|
|
bade3d54c6
|
pkgs/device-templates: rename device-scripts to .sh for nix run .#...
|
2021-11-09 16:47:48 +01:00 |
|
|
|
733f04258d
|
pkgs/network-graphs: add up* to physical-graph
|
2021-11-07 03:21:39 +01:00 |
|
|
|
f0c5f1d398
|
lib/config/legacy: reflect the actual topology
|
2021-11-07 02:55:44 +01:00 |
|
|
|
71675556f2
|
lib/config: implement assertions and warnings
|
2021-11-07 02:43:56 +01:00 |
|
|
|
4080368927
|
pkgs/switches: sort output stably
|
2021-11-07 02:22:24 +01:00 |
|
|
|
8fc0567204
|
pkgs/switches: fixes
|
2021-11-07 02:21:48 +01:00 |
|
|
|
5c074bb051
|
pkgs/ap: fix multiple issues
|
2021-11-07 00:23:21 +01:00 |
|
|
|
db4d075af2
|
pkgs/network-graphs: don't use callPackage as it breaks the flake
|
2021-11-07 00:05:55 +01:00 |
|
|
|
40e8b351d5
|
pkgs/ap.nix: migrate template to nix
|
2021-11-06 22:57:12 +01:00 |
|
|
|
f156ab6f05
|
pkgs/network-graphs: init
|
2021-11-06 19:48:46 +01:00 |
|
|
|
ecf1b3afca
|
pkgs/switches/linksys-srw2048: enable jumbo-frame
Attention: @poelzi
|
2021-11-06 03:38:57 +01:00 |
|
|
|
001aaecf3a
|
lib/config/options: rewrite getHostLinkNetworks et al
|
2021-11-06 03:38:01 +01:00 |
|
|
|
7834d64e27
|
lib/config/legacy: treat single eth0 as wan port
|
2021-11-06 03:36:55 +01:00 |
|
|
|
e975d78504
|
lib/config: add config.site.sshPubKeys
|
2021-11-04 19:17:57 +01:00 |
|
|
|
9852920ee8
|
nix/lib/config: begin treating aps as manageable switches
|
2021-11-04 19:17:31 +01:00 |
|
|
|
8acc37b5d5
|
lib/openwrt-models: add code to get port definitions
|
2021-11-03 23:21:43 +01:00 |
|
|
|
3072e1e78c
|
pkgs/switches: switch from salt to nix
|
2021-11-03 01:09:22 +01:00 |
|
|
|
f54fa47fd8
|
upstream4: add forwardPorts for jabber coturn
|
2021-10-18 03:32:50 +02:00 |
|
|
|
6b36f19af8
|
upstream: fix forwardPorts
|
2021-10-18 01:24:43 +02:00 |
|
|
|
4634b94199
|
upstream4: add forwardPorts for jabber
|
2021-10-18 01:21:28 +02:00 |
|
|
|
2c3c0fa13c
|
upstream: disable NAT reflection for DNS port forwards
|
2021-10-16 23:56:32 +02:00 |
|
|
|
84810697d7
|
pkgs/dns-slaves: add allow-query { all; };
|
2021-10-16 00:58:13 +02:00 |
|
|
|
e904c12847
|
nixos-module/container/dns: add local ns.c3d2.de
|
2021-10-15 23:38:33 +02:00 |
|
|
|
eae6cc680b
|
nix: fix more names
|
2021-10-14 17:12:33 +02:00 |
|
|
|
0ca0a9e9fd
|
nix: remove dangling .ip4
|
2021-10-14 17:10:11 +02:00 |
|
|
|
de4b674091
|
nixos-module/defaults: fix syntax
|
2021-10-14 17:08:09 +02:00 |
|
|
|
bd5ee9e7cd
|
nixos-module/defaults: add journalbeat for central logging
|
2021-10-14 17:06:39 +02:00 |
|
|
|
dd399d7871
|
lib/config/legacy: add bind to upstream4.forwardPorts
|
2021-10-14 17:05:05 +02:00 |
|
|
|
6da7456ba1
|
lib/config/legacy: increase readability of upstream4.forwardPorts
|
2021-10-14 17:03:49 +02:00 |
|
|
|
a5cc429946
|
upstream4: add forwardPorts for mail
|
2021-10-02 00:48:32 +02:00 |
|
|
|
e0d12435f0
|
upstream4: set gitea port forwarding to 22/tcp
|
2021-10-01 21:28:14 +02:00 |
|
|
|
2bae8c6785
|
Revert "upstream4: fix gitea port fwding"
This reverts commit 61cfd3a313.
|
2021-10-01 21:12:28 +02:00 |
|
|
|
61cfd3a313
|
upstream4: fix gitea port fwding
|
2021-10-01 20:51:04 +02:00 |
|
|
|
6245887f0f
|
lib/config/legacy: add dacbert mac
|
2021-09-28 00:24:11 +02:00 |
|
|
|
44094c1346
|
pulsebert.hq.c3d2.de: change MAC address
|
2021-09-22 23:35:28 +02:00 |
|
|
|
5915d9a16a
|
lib/config/options: doc
|
2021-09-19 02:18:17 +02:00 |
|
|
|
df0bca25bb
|
switch domainNames from zentralwerk.dn42 to zentralwerk.org
|
2021-09-16 19:26:03 +02:00 |
|
|
|
23190495ff
|
upstream4: add port forwarding
|
2021-09-10 20:00:04 +02:00 |
|
|
|
04de05ce75
|
lib/config/options: add missing staticIpv4Address default
|
2021-09-07 00:11:28 +02:00 |
|
|
|
8b6c7578e8
|
nixos-module/container/upstream: remove a lot of stuff by using loopbackIPs for forwarded ports
|
2021-09-06 23:41:45 +02:00 |
|
|
|
48cbaf5f08
|
nixos-module/container/upstream: fix SNAT for forwarded ports
|
2021-09-06 23:19:08 +02:00 |
|
|
|
501f96a225
|
nixos-module/container/upstream: specify externalIP to use SNAT instead of MASQUERADE
|
2021-09-06 23:17:46 +02:00 |
|
|
|
1b4f761de8
|
nixos-module/container/upstream: fix SNAT by adding a staticIpv4Address option
|
2021-09-06 22:58:52 +02:00 |
|
|
|
fd4c8ad65b
|
nixos-module/container/upstream: do SNAT for forwarded ports
|
2021-09-06 22:11:39 +02:00 |
|
|
|
3be7beaf27
|
upstream4: add port forward 2222/tcp to gitea
|
2021-09-06 21:14:37 +02:00 |
|
|
|
bc590bca8c
|
upstream4: remove outdated port forwardings
|
2021-09-06 21:12:26 +02:00 |
|
|
|
1d94fb4094
|
nixos-module/server/defaults: install ipmitool
|
2021-08-25 17:01:30 +02:00 |
|
|
|
5a012418dc
|
nixos-module/server/defaults: enable IPMI monitoring with collectd from nixpkgs-master
|
2021-08-25 16:48:04 +02:00 |
|
|
|
ee2db449fd
|
nixos-module/server: unify server1 and server2
|
2021-08-21 00:04:28 +02:00 |
|
|
|
6166d1ee3b
|
nixos-module/server/server1: init
|
2021-08-20 23:49:04 +02:00 |
|
|
|
5b27eb82ac
|
config: add server1 to mainServers
|
2021-08-20 21:39:31 +02:00 |
|
|
|
30aa03f07f
|
nixos-module/server/lxc-containers: make container startup conditional
preparing for cold failover
|
2021-08-20 21:39:00 +02:00 |
|
|
|
8434dcad0f
|
ap.sh: configure local graylog target
lefover
|
2021-08-20 21:38:25 +02:00 |
|
|
|
cf3d9b4891
|
config: don't use location to select server for lxc containers
|
2021-08-20 21:37:43 +02:00 |
|
|
|
c2b1a2f183
|
nix/lib/dns: fix reverseZone6Size to /56
|
2021-08-13 01:18:59 +02:00 |
|
|
|
2059c22c98
|
c3d2: enable dyndns
|
2021-07-16 19:36:41 +02:00 |
|
|
|
440ec18e71
|
upstream4: add ssh port forwarding for leon's web-deploy
|
2021-07-16 19:36:13 +02:00 |
|
|
|
dbca546593
|
nixos-module/server/lxc-containers: sysctl only when enabled
|
2021-07-14 19:01:24 +02:00 |
|
|
|
0cee77c2b4
|
nixos-module/container/dhcp-server: fix
|
2021-06-18 21:41:03 +02:00 |
|
|
|
7253ae6b17
|
nixos-module/container/dhcp-server: fix
|
2021-06-18 21:39:35 +02:00 |
|
|
|
13334f087c
|
netboot: support efi netboot
|
2021-06-18 21:31:17 +02:00 |
|
|
|
0e07293692
|
nixos-module/container/netboot: switch from xinetd to atftpd
|
2021-06-18 20:45:52 +02:00 |
|
|
|
250089b22f
|
nixos-module/server/lxc-containers: bump kernel limits
|
2021-06-18 20:20:04 +02:00 |
|
|
|
6b679e1b22
|
nixos-module/container/dhcp-server: fix next-server option
|
2021-06-18 20:13:07 +02:00 |
|
|
|
7d7c89ddb1
|
server2: disable vga modesetting
|
2021-06-18 20:09:22 +02:00 |
|
|
|
a85c25b0e2
|
server2: openssh.permitRootLogin=prohibit-password
|
2021-06-18 19:59:09 +02:00 |
|
|
|
7c0205f47e
|
netboot: init
|
2021-06-18 19:56:49 +02:00 |
|
|
|
bde21798b5
|
c3d2: add fixed-hosts
|
2021-06-16 19:58:40 +02:00 |
|
|
|
a896652436
|
lib/salt-support/expand-template: fix for nix/pkgs/ap.sh
|
2021-06-16 14:02:44 +02:00 |
|
|
|
0cdef19a7c
|
nix/pkgs/ap.sh: fix switchnum
|
2021-06-16 13:49:55 +02:00 |
|
|
|
efe6bf342a
|
nixos-module/*/network: enable LLDP
|
2021-06-14 22:00:06 +02:00 |
|
|
|
ff6933fa1a
|
nixos-module/network: disable IPv6AcceptRA by default
|
2021-06-14 21:56:58 +02:00 |
|
|
|
6d0c99c6ce
|
c3d2: enable dhcp
|
2021-06-09 22:11:46 +02:00 |
|
|
|
58047f565e
|
nixos-module/server/lxc-containers: check and shorten ifnames more
|
2021-06-09 21:37:21 +02:00 |
|
|
|
46ca027d80
|
priv17-gw-up3: init
|
2021-06-09 21:28:54 +02:00 |
|
|
|
e192781d2a
|
nixos-module/defaults: enable unstable zfs
|
2021-06-09 18:43:40 +02:00 |
|
|
|
994b00bf96
|
pkgs/ap.sh: use dnscache
|
2021-06-07 02:17:15 +02:00 |
|
|
|
96da13020f
|
allowedUpstreams: remove upstream2, use upstream1 for anon1
|
2021-06-02 23:45:10 +02:00 |
|
|
|
41a7f05c50
|
pkgs/dns-slaves: DRY masterAddrs
|
2021-06-02 23:44:02 +02:00 |
|
|
|
ee0c996ddc
|
nix/lib/dns: update to up4 ipv6 addrs
|
2021-06-02 20:07:56 +02:00 |
|
|
|
45174545f2
|
nixos-module/container/bird: disable radvd in c3d2-gw{1,2}
|
2021-06-02 20:02:31 +02:00 |
|
|
|
aba5796a57
|
IPv6 renumbering
|
2021-06-02 19:56:24 +02:00 |
|
|
|
9c485db8c3
|
partially revert ec5bed6
speedtest-cli is already installed by ../defaults.nix
|
2021-06-01 19:28:42 +02:00 |
|
|
|
0cf9122ce0
|
upstream4: copy forwardPorts from upstream1
|
2021-06-01 19:27:00 +02:00 |
|
Daniel Poelzleithner
|
ec5bed6e65
|
Add more packages, speedtest-cli on upstreams
|
2021-05-31 13:44:28 +02:00 |
|
|
|
8b2d329067
|
nixos-module/container/bird: fix syntax
|
2021-05-31 01:03:51 +02:00 |
|
|
|
ac4b28f1e3
|
nixos-module/server/server2: modprobe pppoe
|
2021-05-31 00:51:14 +02:00 |
|
|
|
bd795b270a
|
nixos-module/container/upstream/pppoe: init
|
2021-05-31 00:41:38 +02:00 |
|
|
|
b87b73d358
|
nixos-module/server/lxc-containers: update permissions
|
2021-05-31 00:40:19 +02:00 |
|
|
|
24b36568ca
|
options: add physicalInterfaces
|
2021-05-31 00:06:56 +02:00 |
|
|
|
280292b631
|
nixos-module/container/bird: enable radvd for c3d2-gw*
|
2021-05-28 16:49:36 +02:00 |
|
|
|
762a9df69c
|
nixos-module/collectd: add execUser workaround
|
2021-05-28 02:02:21 +02:00 |
|
|
|
78e528d024
|
duplicate c3d2-gw into c3d2-gw{1,2,3}
|
2021-05-27 15:17:45 +02:00 |
|
|
|
9e16a4284f
|
nixos-module/collectd/default: fix user
|
2021-05-27 03:47:14 +02:00 |
|
|
|
4f42b64b18
|
nixos-module/collectd/default: fix user
|
2021-05-27 03:41:22 +02:00 |
|
|
|
31334c4149
|
nixos-module/collectd/default: rm TODO
|
2021-05-27 03:40:56 +02:00 |
|
|
|
92f3be552d
|
nixos-module/collectd/default: restore ping plugin
|
2021-05-27 03:25:45 +02:00 |
|
|
|
57df325207
|
allowedUpstreams: add anon1 everywhere
because ipv4/ipv6 are configured together but switch independently,
anon1 can be working when upstream* has broken ipv6.
|
2021-05-27 03:01:09 +02:00 |
|
|
|
74dc00961b
|
nixos-module/container/bird: enable authentication for OSPFv3
|
2021-05-27 02:14:26 +02:00 |
|
|
|
97bd7bc7d5
|
nixos-module/server/lxc-containers: revert lxc to 4.0.6
|
2021-05-27 01:54:54 +02:00 |
|
|
|
5267e4ab32
|
nixos-module/container/anon: fix wireguard network
|
2021-05-27 00:19:04 +02:00 |
|
|
|
51df2155de
|
dnscache: update unbound settings for nixos-21.05
|
2021-05-26 23:32:11 +02:00 |
|
|
|
14f377248b
|
pkgs/starlink: fix convert.rb
|
2021-05-23 23:28:09 +02:00 |
|
|
|
ef371b32c4
|
nixos-module/collectd: add starlink-stats
|
2021-05-23 23:16:28 +02:00 |
|
|
|
e6ba05d34c
|
nixos-module/defaults: install speedtest-cli
|
2021-05-23 22:45:07 +02:00 |
|
|
|
cfb062063a
|
nixos-module/container/upstream: fix DHCP for upstream3, upstream4
|
2021-05-22 01:19:16 +02:00 |
|
|
|
68afa61ca1
|
lxc-containers: prepare upstream3, upstream4
|
2021-05-22 01:02:01 +02:00 |
|
|
|
33a4e65f69
|
nixos-module/container/upstream: catch failures
|
2021-05-14 18:56:38 +02:00 |
|
|
|
b23b687dfb
|
nixos-module/container/upstream: add proper networking.nat.extraStopCommands
|
2021-05-14 18:37:45 +02:00 |
|
|
|
5d97e85bf6
|
nixos-module/container/dns: add ns.spaceboyz.net over dn42 to slaves
|
2021-05-07 17:38:23 +02:00 |
|
|
|
73868f2f34
|
lib/dns: fix reverseZones4 to be complete
|
2021-05-07 17:37:52 +02:00 |
|
|
|
90c9c9dd13
|
nixos-module/container/dns: set notify-source for zone xfer
|
2021-05-06 18:00:47 +02:00 |
|
|
|
27571cff72
|
nixos-module/container/dns, pkgs/dns-slaves: add explicit addresses for zone xfers
|
2021-05-06 17:52:49 +02:00 |
|
|
|
88e67c827b
|
pkgs/dns-slaves: init
|
2021-05-06 17:42:26 +02:00 |
|
|
|
4d41e241b3
|
lib/dns: refactor localZones
|
2021-05-06 16:25:10 +02:00 |
|
|
|
4bb81fe044
|
nixos-module/container/dns: must use extraOptions
|
2021-05-06 15:51:58 +02:00 |
|
|
|
a9abf3d365
|
nixos-module/container/dns: create initial records in dynamic zones
|
2021-05-06 15:46:37 +02:00 |
|
|
|
8bc0ce6e15
|
nixos-module/container/dns: allow underscores in dynamic hostnames
|
2021-05-06 15:46:16 +02:00 |
|
|
|
3e2d8ef2fc
|
lib/config: enable site.net.pub.dynamicDomain
|
2021-05-06 15:01:39 +02:00 |
|
|
|
e141a0fc5a
|
nixos-module/defaults: install iftop
|
2021-05-06 03:27:35 +02:00 |
|
|
|
fd267085bc
|
nixos-module/container/{dns, dhcp-server}: implement internal ipv4 dyndns
|
2021-05-06 03:22:18 +02:00 |
|
|
|
bc61849e4d
|
nixos-module/network: try to make resolv.conf more compatible
|
2021-05-06 02:30:44 +02:00 |
|
|
|
0d25ccf0da
|
nix/key: add dyndnsKey
|
2021-05-06 02:05:26 +02:00 |
|
|
|
4402d724bb
|
nixos-module/container/anon: make nat, iproute2 config optional
|
2021-05-06 01:09:09 +02:00 |
|
|
|
0aa4169dcb
|
nixos-module/container/anon: make core flags optional
|
2021-05-06 01:08:01 +02:00 |
|
|
|
01f3685d9b
|
nixos-module/server/lxc-containers: add shortenNetName
|
2021-05-06 00:50:24 +02:00 |
|
|
|
5bda3ab775
|
nixos-module/defaults: let journald log to volatile storage
|
2021-05-06 00:45:18 +02:00 |
|
|
|
16d60e0dd3
|
nixos-module/container/dnscache: fix local forward-zones
|
2021-05-06 00:43:37 +02:00 |
|
|
|
c70cb80a78
|
nixos-module/container/dnscache: remove more domain-insecure definitions
|
2021-05-06 00:43:28 +02:00 |
|
|
|
b2e8fab30e
|
nixos-module/container/dnscache: disable c3d2 reverse zone
|
2021-05-05 23:28:26 +02:00 |
|
|
|
1eeb24a2e2
|
nixos-module/container/dnscache: use all the dn42 ns
|
2021-05-05 23:21:33 +02:00 |
|
|
|
911cd33a1c
|
nixos-module/container/dnscache: extend domain-insecure, remove all local-zone
|
2021-05-05 23:21:12 +02:00 |
|
|
|
a45fb3c484
|
nixos-module/container/dnscache: use data from config.site.dns.localZones
|
2021-05-05 23:20:39 +02:00 |
|
|
|
b800691dad
|
nixos-module/container/dns: factor zones out into config.site.dns.localZones
|
2021-05-05 23:19:41 +02:00 |
|
|
|
20c8821823
|
nixos-module/container/bird: don't redistribute bgp into ospf
|
2021-05-05 21:01:23 +02:00 |
|
|
|
bf0a185ed5
|
nixos-module/server/lxc-containers: decrease RestartSec
|
2021-05-05 20:23:56 +02:00 |
|
|
|
5f8203d901
|
nixos-module/container/bird: add check-upstream services
|
2021-05-05 17:35:44 +02:00 |
|
|
|
d89c373dfe
|
nixos-module/container/dns: add ipv6 reverse zones
|
2021-05-03 03:44:00 +02:00 |
|
|
|
187c657080
|
nixos-module/container/dns: add ipv4 reverse zones
|
2021-05-03 02:15:27 +02:00 |
|
|
|
8c896c31b8
|
nixos-module/container/dns: init
|
2021-05-03 01:26:57 +02:00 |
|
|
|
c15f716dd1
|
nixos-module/container/bird: fix ospf priority
|
2021-05-02 20:01:59 +02:00 |
|
|
|
f99d05c42d
|
nixos-module/container/bird: become designated router for ospf instances when adveritising upstream
|
2021-05-02 19:52:00 +02:00 |
|
|
|
df5fee8f69
|
nixos-module/container/bird: style
|
2021-05-02 19:51:48 +02:00 |
|
|
|
93d312c26c
|
nixos-module/server/lxc-containers: switch back to using ConditionPathExists
much more graceful to systemd
|
2021-05-01 03:07:28 +02:00 |
|
|
|
aa5c7377c7
|
nixos-module/server/lxc-containers: add restart on failed reload
|
2021-05-01 03:04:14 +02:00 |
|
|
|
03f755f841
|
nixos-module/container/upstream: provide NAT6 with noNat.subnets6
|
2021-05-01 01:14:54 +02:00 |
|
|
|
38da586d49
|
nixos-module/container/bird: disable ospfv3 auth again for ZW6_upstream*
upstream2 is still not migrated
|
2021-05-01 00:55:41 +02:00 |
|
|
|
d72789c35a
|
/nixos-module/container/bird: use ospf instances not areas for sharing upstream
|
2021-04-30 23:55:16 +02:00 |
|
|
|
003a948ce2
|
lib/config: remove ospf.networks[46]
|
2021-04-30 23:37:53 +02:00 |
|
|
|
268e16999f
|
nixos-module/container/bird: remove useless network declarations
|
2021-04-30 23:35:54 +02:00 |
|
|
|
eda2bc3b55
|
nixos-module/container/bird: simplify filters
|
2021-04-30 23:02:31 +02:00 |
|
|
|
692e12f07d
|
nixos-module/container/bird: start using multiple ospf instances
|
2021-04-30 22:39:56 +02:00 |
|
|
|
1f06e90cfc
|
nixos-module/defaults: enable boot.tmpOnTmpfs
|
2021-04-30 22:39:24 +02:00 |
|
|
|
5c8fa22ca8
|
nixos-module/server/lxc-containers: add prebuilt containers
|
2021-04-30 22:38:57 +02:00 |
|
|
|
2f02f474b9
|
flake.nix: switch zentralwerk-network-key input from nix to master branch
|
2021-04-30 18:39:41 +02:00 |
|
|
|
6b6f3d5598
|
nixos-module/container/bird: simplify filter operations
|
2021-04-30 00:16:00 +02:00 |
|
|
|
67acfb140b
|
nix/nixos-module/container/anon: change wireguardMark to an actually unused value
|
2021-04-29 23:26:58 +02:00 |
|
|
|
8b59a9a921
|
lib/config/legacy: setup allowedUpstreams for many containers
|
2021-04-29 23:09:13 +02:00 |
|
|
|
c4fe62ebeb
|
nixos-module/container/bird: export default routes on upstream*/anon*
|
2021-04-29 22:47:44 +02:00 |
|
|
|
0350826bc5
|
nixos-module/container/{anon,bird}: route wireguard with policy routing over default routes learned from OSPF
|
2021-04-29 22:46:03 +02:00 |
|
|
|
a467699f48
|
libx/config/default: remove dup warnings output
|
2021-04-29 22:43:46 +02:00 |
|
|
|
1330ba94d2
|
ap.sh: copy to nix/, change ping addr to mgmt-gw
|
2021-04-29 02:38:11 +02:00 |
|
|
|
257e6686b9
|
nixos-module/container/bird: implement upstream failover
|
2021-04-29 01:44:48 +02:00 |
|
|
|
ce49c22d2e
|
pkgs/device-templates: make executable and wrap scripts
|
2021-04-29 01:39:21 +02:00 |
|
|
|
02de036ba7
|
nixos-module/container/upstream: update DHCPv6PrefixDelegation configuration
|
2021-04-29 01:34:33 +02:00 |
|
|
|
c6d2879d93
|
lib/config/default: fix warnings
|
2021-04-29 01:34:05 +02:00 |
|
|
|
60758b448a
|
nix/pkgs: add ap_install_collectd.sh
|
2021-04-25 23:53:38 +02:00 |
|
|
|
266fed1c13
|
nixos-module/container/dnscache: tuning
|
2021-04-15 00:27:23 +02:00 |
|
|
|
e79bb4e297
|
nixos-module/collectd: add unbound.rb
|
2021-04-15 00:24:38 +02:00 |
|
|
|
52cac17f16
|
nixos-module/container/dnscache: set tls-cert-bundle
|
2021-04-14 23:25:21 +02:00 |
|
|
|
b73e12e32b
|
nixos-module/server/lxc-containers: fix hwaddr
|
2021-04-14 23:08:12 +02:00 |
|
|
|
405acaf875
|
nixos-module/container/dnscache: init
|
2021-04-14 23:07:27 +02:00 |
|
|
|
1ee38b50b0
|
nixos-module/firewall: add for mgmt-gw, priv13-gw
|
2021-04-14 20:04:28 +02:00 |
|
|
|
5aa53fbcb1
|
nixos-module/container/bird: add bgp configuration
|
2021-04-13 00:46:12 +02:00 |
|
|
|
aed29a54ce
|
lib/config/options+legacy: add bgp
|
2021-04-13 00:11:42 +02:00 |
|
|
|
8013241d6c
|
nixos-module/container/defaults: disable openssh
|
2021-04-12 23:40:17 +02:00 |
|
|
|
7e776b2dbf
|
nixos-module/collectd: don't invoke hostname in dhcpcount.rb
|
2021-04-12 23:36:41 +02:00 |
|
|
|
1a8b4811f7
|
nix/nixos-module/collectd: add dhcpcount.rb
|
2021-04-12 23:32:21 +02:00 |
|
|
|
4ef98c986c
|
nixos-module/container/defaults: disable nix-daemon.socket
should quelch a warning
|
2021-04-12 22:35:34 +02:00 |
|
|
|
f583833645
|
lib/config/options: fix isRouter logic
|
2021-04-12 22:35:02 +02:00 |
|
|
|
b243297760
|
pkgs/default.nix: rm dead code
|
2021-04-12 21:22:16 +02:00 |
|
|
|
cdd97678c1
|
nixos-module/container/bird: bump radv lifetime up to 10min
|
2021-04-12 21:18:18 +02:00 |
|
|
|
a5e036397c
|
nixos-module/server/qemu: increase nix-daemon LimitNOFILE
workaround
|
2021-04-12 21:12:03 +02:00 |
|
|
|
51460ad776
|
nix/nixos-module/server/qemu: move stuff here
|
2021-04-11 02:02:15 +02:00 |
|
|
|
0eabf2dbf6
|
doc
|
2021-04-11 02:02:15 +02:00 |
|
|
|
010a5cfb97
|
lib/config/options: make isRouter depend on having an ipv4 address in core
prevents server2 from becoming a router
|
2021-04-11 02:02:15 +02:00 |
|
|
|
6eb8a1d24f
|
lib/config/options: remove wg from interfaces
|
2021-04-11 02:02:15 +02:00 |
|
|
|
25be18358f
|
nixos-module/container/bird: add gatewayNet workaound for cls-gw
|
2021-04-11 02:02:15 +02:00 |
|
|
|
58dccf697f
|
netmasks.nix: turn into code
|
2021-04-11 02:02:15 +02:00 |
|
|
|
df32c2c7f3
|
nixos-module/network: doc, style
|
2021-04-11 02:02:15 +02:00 |
|
|
|
b0611efc57
|
doc
|
2021-04-11 02:02:15 +02:00 |
|
|
|
a2ac282c60
|
nixos-module/defaults: install iptables, conntrack-tools
|
2021-04-11 02:02:15 +02:00 |
|
|
|
ec6d26ab08
|
s/forwardedPorts/forwardPorts/
|
2021-04-11 02:02:15 +02:00 |
|
|
|
d820cdffd3
|
server2: add updateMicrocode
|
2021-04-11 02:02:15 +02:00 |
|
|
|
8bdeedea9a
|
nixos-module/container/upstream: style
|
2021-04-11 02:02:15 +02:00 |
|
|
|
9615317bf6
|
nixos-module/container/upstream: enable dhcpv6 prefix delegation
|
2021-04-11 02:02:15 +02:00 |
|
|
|
0ea6f38867
|
nixos-module/network: make IPForward depend on isRouter
|
2021-04-11 02:02:15 +02:00 |
|
|
|
1ddb9b6ac4
|
nixos-module/collectd: fix TypesDB syntax
|
2021-04-11 02:02:15 +02:00 |
|
|
|
d200cecb79
|
nixos-module/collectd: fix TypesDB
|
2021-04-11 02:02:15 +02:00 |
|
|
|
494715acfe
|
nixos-module/collectd: fix TypesDB src
|
2021-04-11 02:02:15 +02:00 |
|
|
|
cc5222e85b
|
nixos-module/collectd: install additional TypesDB
|
2021-04-11 02:02:15 +02:00 |
|
|
|
662261bbd9
|
nixos-module/container/bird: set radvd prefix
|
2021-04-11 02:02:15 +02:00 |
|
|
|
df4c9f35b3
|
legacy.nix: change gw4+gw6 to cls-gw
|
2021-04-11 02:02:15 +02:00 |
|
|
|
f5f62aa82a
|
legacy.nix: remove server1
|
2021-04-11 02:02:15 +02:00 |
|
|
|
aba9251f80
|
nixos-module/collectd: init
|
2021-04-11 02:02:15 +02:00 |
|
|
|
d5f7aecba6
|
nixos-module/server/lxc-containers: use switch-to-configuration in ExecReload
|
2021-04-11 02:02:15 +02:00 |
|
|
|
421dba52fc
|
nixos-module/defaults: remove nix.registry.zentralwerk-network
this will be checked out locally
|
2021-04-11 02:02:15 +02:00 |
|
|
|
79fa9127b7
|
nixos-module/container/bird: fix ospfv3 auth
|
2021-04-11 02:02:15 +02:00 |
|
|
|
fcc3fbaf52
|
nixos-module/container/upstream: fix nat
|
2021-04-11 02:02:15 +02:00 |
|
|
|
daa7bef9d5
|
nixos-module/container/bird: add radv
|
2021-04-11 02:02:15 +02:00 |
|
|
|
e9a2092608
|
nixos-module/defaults: prevent bond0 autocreation
|
2021-04-11 02:02:15 +02:00 |
|
|
|
498970035a
|
nixos-module/defaults: install bmon
|
2021-04-11 02:02:15 +02:00 |
|
|
|
93115c048b
|
nixos-module/container/anon: make shorter
|
2021-04-11 02:02:15 +02:00 |
|
|
|
69c2823694
|
nixos-module/container/bird: disable ospfv3 password for now
|
2021-04-11 02:02:15 +02:00 |
|
|
|
11d6a80317
|
nixos-module/network: enable forwarding
|
2021-04-11 02:02:15 +02:00 |
|
|
|
8807ce4435
|
nixos-module/container/anon: route
|
2021-04-11 02:02:15 +02:00 |
|
|
|
55fccbb4e0
|
nixos-module/container/anon: fix key service order
|
2021-04-11 02:02:15 +02:00 |
|
|
|
436ceab45e
|
nixos-module/container/anon: setup shaping
|
2021-04-11 02:02:15 +02:00 |
|
|
|
0a03be1469
|
nixos-module/container/anon: setup wireguard
|
2021-04-11 02:02:15 +02:00 |
|
|
|
b81923a444
|
nixos-module/defaults: set kernel paremeters/version
|
2021-04-11 02:02:15 +02:00 |
|
|
|
bafa33b229
|
lxc-containers.nix: refactor with imperative build-container script
|
2021-04-11 02:02:15 +02:00 |
|
|
|
c015497773
|
nixos-module/container/anon: setup wireguard
|
2021-04-11 02:02:15 +02:00 |
|
|
|
dbe5a867a7
|
nixos-module/server/network: attach vlan interfaces to bridges
|
2021-04-11 02:02:15 +02:00 |
|
|
|
276bb732c7
|
nixos-module/server/network: disable all addresses on bridges to make networkd happy
|
2021-04-11 02:02:15 +02:00 |
|
|
|
7da882f324
|
nixos-module/server/network: enable proper lacp
|
2021-04-11 02:02:15 +02:00 |
|
|
|
9fe5709976
|
lxc-containers: add experimental lxc-reload on system change
|
2021-04-11 02:02:15 +02:00 |
|
|
|
fd8cb77b40
|
nixos-module/server/network: load iptables, open ssh
|
2021-04-11 02:02:15 +02:00 |
|
|
|
dde0533e90
|
nix/lib/config: fix net name
|
2021-04-11 02:02:15 +02:00 |
|
|
|
f173d13dd7
|
lxc-containers: wiggle dependency on network.target
|
2021-04-11 02:02:15 +02:00 |
|
|
|
54a061f565
|
lxc-containers.nix: rm outdated TODO
|
2021-04-11 02:02:15 +02:00 |
|
|
|
953e43fa4a
|
nixos-module/container/mgmt-gw: init
|
2021-04-11 02:02:15 +02:00 |
|
|
|
afad6f46b8
|
nixos-module/container/defaults: disable nix-daemon
|
2021-04-11 02:02:15 +02:00 |
|
|
|
4e3fd3398b
|
options.nix: set a default domainName
|
2021-04-11 02:02:15 +02:00 |
|
|
|
2e2d8c976d
|
server2.nix: hack in
|
2021-04-11 02:02:15 +02:00 |
|
|
|
53cbe8e74b
|
lxc-containers.nix: start with non-ephemeral rootfs
|
2021-04-11 02:02:15 +02:00 |
|
|
|
7615d4d8de
|
nixos-module/container/upstream.nix: setup sched_cake
|
2021-04-11 02:02:15 +02:00 |
|
