dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos: Avoid hardcoding any IP prefixes

Browse Source
This commit is contained in:
Jack O'Sullivan 2022-05-31 21:58:29 +01:00
parent 11dbc01ba0
commit 575561a330
6 changed files with 50 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib.nix
View File

@ -158,19 +158,37 @@ rec {
colony = rec { colony = rec {
domain = "test.int.nul.ie"; domain = "test.int.nul.ie";
prefixes = { start = {
all = { all = {
v4 = "10.100.0.0/16"; v4 = "10.100.";
v6 = "2a0e:97c0:4d0:bbb0::/60"; v6 = "2a0e:97c0:4d0:bbb";
};
base = {
v4 = "${start.all.v4}0.";
v6 = "${start.all.v6}0::";
}; };
base.v6 = "2a0e:97c0:4d0:bbb0::/64";
vms = { vms = {
v4 = "10.100.1.0/24"; v4 = "${start.all.v4}1.";
v6 = "2a0e:97c0:4d0:bbb1::/64"; v6 = "${start.all.v6}1::";
}; };
ctrs = { ctrs = {
v4 = "10.100.2.0/24"; v4 = "${start.all.v4}2.";
v6 = "2a0e:97c0:4d0:bbb2::/64"; v6 = "${start.all.v6}2::";
};
};
prefixes = {
all = {
v4 = "${start.base.v4}0/16";
v6 = "${start.base.v6}/60";
};
base.v6 = "${start.base.v6}/64";
vms = {
v4 = "${start.vms.v4}0/24";
v6 = "${start.vms.v6}/64";
};
ctrs = {
v4 = "${start.ctrs.v4}0/24";
v6 = "${start.ctrs.v6}/64";
}; };
}; };
}; };

15
nixos/boxes/colony/default.nix
View File

@ -1,4 +1,4 @@
{ { lib, ... }: {
imports = [ ./vms ]; imports = [ ./vms ];
nixos.systems.colony = { nixos.systems.colony = {
@ -9,20 +9,18 @@
assignments = { assignments = {
internal = { internal = {
altNames = [ "vm" ]; altNames = [ "vm" ];
ipv4.address = "10.100.0.2"; ipv4.address = "${lib.my.colony.start.base.v4}2";
#ipv6.address = "2a0e:97c0:4d1:0::2"; ipv6 = {
ipv6 = rec {
iid = "::2"; iid = "::2";
address = "2a0e:97c0:4d0:bbb0${iid}"; address = "${lib.my.colony.start.base.v6}2";
}; };
}; };
vms = { vms = {
ipv4 = { ipv4 = {
address = "10.100.1.1"; address = "${lib.my.colony.start.vms.v4}1";
gateway = null; gateway = null;
}; };
#ipv6.address = "2a0e:97c0:4d1:1::1"; ipv6.address = "${lib.my.colony.start.vms.v6}1";
ipv6.address = "2a0e:97c0:4d0:bbb1::1";
}; };
}; };
@ -108,7 +106,6 @@
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
#ipv6PrefixConfig.Prefix = "2a0e:97c0:4d1:1::/64";
ipv6PrefixConfig.Prefix = lib.my.colony.prefixes.vms.v6; ipv6PrefixConfig.Prefix = lib.my.colony.prefixes.vms.v6;
} }
]; ];

10
nixos/boxes/colony/vms/estuary/default.nix
View File

@ -1,4 +1,4 @@
{ { lib, ... }: {
nixos.systems.estuary = { nixos.systems.estuary = {
system = "x86_64-linux"; system = "x86_64-linux";
nixpkgs = "mine"; nixpkgs = "mine";
@ -9,7 +9,7 @@
name = "estuary-vm"; name = "estuary-vm";
altNames = [ "fw" ]; altNames = [ "fw" ];
ipv4 = { ipv4 = {
address = "188.141.14.6"; address = "80.111.124.10";
gateway = null; gateway = null;
}; };
ipv6 = { ipv6 = {
@ -19,11 +19,10 @@
}; };
base = { base = {
ipv4 = { ipv4 = {
address = "10.100.0.1"; address = "${lib.my.colony.start.base.v4}1";
gateway = null; gateway = null;
}; };
#ipv6.address = "2a0e:97c0:4d1:0::1"; ipv6.address = "${lib.my.colony.start.base.v6}1";
ipv6.address = "2a0e:97c0:4d0:bbb0::1";
}; };
}; };
@ -105,7 +104,6 @@
}; };
ipv6Prefixes = [ ipv6Prefixes = [
{ {
#ipv6PrefixConfig.Prefix = "2a0e:97c0:4d1:0::/64";
ipv6PrefixConfig.Prefix = lib.my.colony.prefixes.base.v6; ipv6PrefixConfig.Prefix = lib.my.colony.prefixes.base.v6;
} }
]; ];

8
nixos/boxes/colony/vms/shill/containers/middleman.nix
View File

@ -1,4 +1,4 @@
{ { lib, ...}: {
nixos.systems.middleman = { nixos.systems.middleman = {
system = "x86_64-linux"; system = "x86_64-linux";
nixpkgs = "mine"; nixpkgs = "mine";
@ -7,10 +7,10 @@
internal = { internal = {
name = "middleman-ctr"; name = "middleman-ctr";
altNames = [ "http" ]; altNames = [ "http" ];
ipv4.address = "10.100.2.2"; ipv4.address = "${lib.my.colony.start.ctrs.v4}2";
ipv6 = rec { ipv6 = {
iid = "::2"; iid = "::2";
address = "2a0e:97c0:4d0:bbb2${iid}"; address = "${lib.my.colony.start.ctrs.v6}2";
}; };
}; };
}; };

8
nixos/boxes/colony/vms/shill/containers/vaultwarden.nix
View File

@ -1,4 +1,4 @@
{ { lib, ...}: {
nixos.systems.vaultwarden = { nixos.systems.vaultwarden = {
system = "x86_64-linux"; system = "x86_64-linux";
nixpkgs = "mine"; nixpkgs = "mine";
@ -6,10 +6,10 @@
assignments = { assignments = {
internal = { internal = {
name = "vaultwarden-ctr"; name = "vaultwarden-ctr";
ipv4.address = "10.100.2.3"; ipv4.address = "${lib.my.colony.start.ctrs.v4}3";
ipv6 = rec { ipv6 = {
iid = "::3"; iid = "::3";
address = "2a0e:97c0:4d0:bbb2${iid}"; address = "${lib.my.colony.start.ctrs.v6}3";
}; };
}; };
}; };

12
nixos/boxes/colony/vms/shill/default.nix
View File

@ -1,4 +1,4 @@
{ { lib, ... }: {
imports = [ ./containers ]; imports = [ ./containers ];
nixos.systems.shill = { nixos.systems.shill = {
@ -9,18 +9,18 @@
internal = { internal = {
name = "shill-vm"; name = "shill-vm";
altNames = [ "ctr" ]; altNames = [ "ctr" ];
ipv4.address = "10.100.1.2"; ipv4.address = "${lib.my.colony.start.vms.v4}2";
ipv6 = rec { ipv6 = {
iid = "::2"; iid = "::2";
address = "2a0e:97c0:4d0:bbb1${iid}"; address = "${lib.my.colony.start.vms.v6}2";
}; };
}; };
ctrs = { ctrs = {
ipv4 = { ipv4 = {
address = "10.100.2.1"; address = "${lib.my.colony.start.ctrs.v4}1";
gateway = null; gateway = null;
}; };
ipv6.address = "2a0e:97c0:4d0:bbb2::1"; ipv6.address = "${lib.my.colony.start.ctrs.v6}1";
}; };
}; };