dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Update nixpkgs-stable to 24.11

Browse Source
This commit is contained in:
Jack O'Sullivan
2024-11-30 17:45:59 +00:00
parent 2fe94bba23
commit 5783d3a51e
20 changed files with 141 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
nixos/boxes/colony/vms/estuary/default.nix
View File

@@ -164,11 +164,9 @@ in
};
wireguardPeers = [
{
wireguardPeerConfig = {
PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
PersistentKeepalive = 25;
};
PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
PersistentKeepalive = 25;
}
];
};
@@ -278,52 +276,51 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.base.v6;
Prefix = prefixes.base.v6;
}
];
routes = map (r: { routeConfig = r; }) (flatten
([
{
Destination = prefixes.vip1;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.vip3;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.darts.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.cust.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
routes = flatten ([
{
Destination = prefixes.vip1;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.vip3;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.darts.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = prefixes.cust.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = lib.my.c.tailscale.prefix.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
{
Destination = lib.my.c.tailscale.prefix.v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
{
Destination = prefixes.qclk.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
] ++
(map (pName: [
{
Gateway = allAssignments.colony.routing.ipv4.address;
Destination = prefixes."${pName}".v4;
}
{
Destination = prefixes."${pName}".v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
]) [ "vms" "ctrs" "oci" ])));
{
Destination = prefixes.qclk.v4;
Gateway = allAssignments.colony.routing.ipv4.address;
}
] ++
(map (pName: [
{
Gateway = allAssignments.colony.routing.ipv4.address;
Destination = prefixes."${pName}".v4;
}
{
Destination = prefixes."${pName}".v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
]) [ "vms" "ctrs" "oci" ]));
}
];
@@ -332,7 +329,7 @@ in
{
matchConfig.Name = "as211024";
networkConfig.IPv6AcceptRA = mkForce false;
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = lib.my.c.home.prefixes.all.v4;
Gateway = lib.my.c.home.vips.as211024.v4;
@@ -344,10 +341,8 @@ in
matchConfig.Name = "kelder";
routes = [
{
routeConfig = {
Destination = allAssignments.kelder.estuary.ipv4.address;
Scope = "link";
};
Destination = allAssignments.kelder.estuary.ipv4.address;
Scope = "link";
}
];
};

4
nixos/boxes/colony/vms/shill/containers-ext.nix
View File

@@ -47,10 +47,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.jam.v6;
Prefix = prefixes.jam.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = prefixes.jam.v4;
Scope = "link";

8
nixos/boxes/colony/vms/shill/containers/jackflix/default.nix
View File

@@ -94,6 +94,14 @@ in
};
};
nixpkgs.config.permittedInsecurePackages = [
# FIXME: This is needed for Sonarr
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
services = {
netdata.enable = true;

14
nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix
View File

@@ -71,14 +71,12 @@ in
RouteTable = routeTable;
};
wireguardPeers = [
# AirVPN NL
{
# AirVPN NL
wireguardPeerConfig = {
Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
};
Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
PresharedKeyFile = config.age.secrets."${pskFile}".path;
AllowedIPs = [ "0.0.0.0/0" "::/0" ];
}
];
};
@@ -94,7 +92,7 @@ in
matchConfig.Name = "vpn";
address = [ "10.182.97.37/32" "fd7d:76ee:e68f:a993:735d:ef5e:6907:b122/128" ];
dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
routingPolicyRules = [
{
Family = "both";
SuppressPrefixLength = 0;

2
nixos/boxes/colony/vms/shill/containers/object.nix
View File

@@ -237,7 +237,7 @@ in
harmonia = {
enable = true;
signKeyPath = config.age.secrets."nix-cache.key".path;
signKeyPaths = [ config.age.secrets."nix-cache.key".path ];
settings = {
priority = 30;
};

4
nixos/boxes/colony/vms/shill/default.nix
View File

@@ -140,10 +140,10 @@ in
};
ipv6Prefixes = [
{
ipv6PrefixConfig.Prefix = prefixes.ctrs.v6;
Prefix = prefixes.ctrs.v6;
}
];
routes = map (r: { routeConfig = r; }) [
routes = [
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.waffletail.internal.ipv4.address;