66 lines
1.6 KiB
Nix
66 lines
1.6 KiB
Nix
{ config, ... }:
|
|
|
|
{
|
|
site.net.flpk = {
|
|
domainName = "flpk.zentralwerk.org";
|
|
ipv6Router = "flpk-gw";
|
|
subnet4 = "45.158.40.160/27";
|
|
# we get a /56
|
|
subnets6.flpk = "2a0f:5382:acab:1400::/64";
|
|
hosts4 = {
|
|
flpk-gw = "45.158.40.160";
|
|
leon = "45.158.40.162";
|
|
sshlog = "45.158.40.163";
|
|
caveman = "45.158.40.164";
|
|
leoncloud = "45.158.40.165";
|
|
mastodon = "45.158.40.166";
|
|
c3d2-web = "45.158.40.167";
|
|
mailtngbert = "45.158.40.168";
|
|
};
|
|
hosts6.flpk = {
|
|
flpk-gw = "2a0f:5382:acab:1400::c3d2";
|
|
leon = "2a0f:5382:acab:1400::1e0";
|
|
sshlog = "2a0f:5382:acab:1400::22";
|
|
caveman = "2a0f:5382:acab:1400::a4";
|
|
leoncloud = "2a0f:5382:acab:1400::a5";
|
|
mastodon = "2a0f:5382:acab:1400::a6";
|
|
c3d2-web = "2a0f:5382:acab:1400::a7";
|
|
mailtngbert = "2a0f:5382:acab:1400::a8";
|
|
};
|
|
};
|
|
|
|
site.hosts.flpk-gw = {
|
|
interfaces = {
|
|
core = {
|
|
hwaddr = "0A:14:48:b7:e4:91";
|
|
type = "veth";
|
|
};
|
|
flpk = {
|
|
hwaddr = "0A:14:48:01:16:01";
|
|
type = "veth";
|
|
};
|
|
up-flpk = {
|
|
type = "wireguard";
|
|
upstream = {
|
|
provider = "flpk";
|
|
noNat = {
|
|
subnets4 = [ "45.158.40.160/27" ];
|
|
subnets6 = [ "2a0f:5382:acab:1400::/56" ];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
bgp = {
|
|
upstreamTable = "vpn_table";
|
|
allowedUpstreams = [ "upstream4" "upstream3" "freifunk" ];
|
|
# IPv6 ::/0 via wireguard tunnel
|
|
allowedUpstreams6 = [];
|
|
peers.${config.site.net.core.subnets6.dn42} = {
|
|
type = "upstream";
|
|
name = "up";
|
|
};
|
|
};
|
|
role = "container";
|
|
};
|
|
}
|