From 62c00b8b22326bd984abb85ccff261110634d919 Mon Sep 17 00:00:00 2001 From: Jack O'Sullivan Date: Sun, 29 May 2022 15:48:26 +0100 Subject: [PATCH] nixos/estuary: Make public IP be internal assignment --- lib.nix | 8 ----- nixos/boxes/colony/default.nix | 2 +- nixos/boxes/colony/vms/estuary/default.nix | 36 ++++++++++++++-------- nixos/boxes/colony/vms/estuary/dns.nix | 5 ++- nixos/boxes/colony/vms/shill/default.nix | 2 +- 5 files changed, 28 insertions(+), 25 deletions(-) diff --git a/lib.nix b/lib.nix index d4deeea..b8c7b97 100644 --- a/lib.nix +++ b/lib.nix @@ -158,14 +158,6 @@ rec { colony = rec { domain = "test.int.nul.ie"; - # Shouldn't need this hopefully (IPv6 RA) - dns = { - domains = [ domain ]; - dns = [ - "10.100.0.1" - "2a0e:97c0:4d1:0::1" - ]; - }; prefixes = { all = { v4 = "10.100.0.0/16"; diff --git a/nixos/boxes/colony/default.nix b/nixos/boxes/colony/default.nix index f12a46a..605e495 100644 --- a/nixos/boxes/colony/default.nix +++ b/nixos/boxes/colony/default.nix @@ -103,7 +103,7 @@ IPv6SendRA = true; }; ipv6SendRAConfig = { - DNS = [ allAssignments.estuary.internal.ipv6.address ]; + DNS = [ allAssignments.estuary.base.ipv6.address ]; Domains = [ config.networking.domain ]; }; ipv6Prefixes = [ diff --git a/nixos/boxes/colony/vms/estuary/default.nix b/nixos/boxes/colony/vms/estuary/default.nix index e173174..ff23344 100644 --- a/nixos/boxes/colony/vms/estuary/default.nix +++ b/nixos/boxes/colony/vms/estuary/default.nix @@ -4,15 +4,27 @@ nixpkgs = "mine"; home-manager = "mine"; - assignments.internal = { - name = "estuary-vm"; - altNames = [ "fw" ]; - ipv4 = { - address = "10.100.0.1"; - gateway = null; + assignments = { + internal = { + name = "estuary-vm"; + altNames = [ "fw" ]; + ipv4 = { + address = "188.141.14.6"; + gateway = null; + }; + ipv6 = { + address = "2a0e:97c0:4d0:bbbf::1"; + gateway = "fe80::215:17ff:fe4b:494a"; + }; + }; + base = { + ipv4 = { + address = "10.100.0.1"; + gateway = null; + }; + #ipv6.address = "2a0e:97c0:4d1:0::1"; + ipv6.address = "2a0e:97c0:4d0:bbb0::1"; }; - #ipv6.address = "2a0e:97c0:4d1:0::1"; - ipv6.address = "2a0e:97c0:4d0:bbb0::1"; }; configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }: @@ -71,15 +83,15 @@ UseHostname = false; }; address = [ - "2a0e:97c0:4d0:bbbf::1/64" + (with assignments.internal.ipv6; "${address}/${toString mask}") ]; gateway = [ - "fe80::215:17ff:fe4b:494a" + assignments.internal.ipv6.gateway ]; networkConfig.IPv6AcceptRA = false; }; "80-base" = mkMerge [ - (networkdAssignment "base" assignments.internal) + (networkdAssignment "base" assignments.base) { dns = [ "127.0.0.1" "::1" ]; domains = [ config.networking.domain ]; @@ -88,7 +100,7 @@ IPv6SendRA = true; }; ipv6SendRAConfig = { - DNS = [ assignments.internal.ipv6.address ]; + DNS = [ assignments.base.ipv6.address ]; Domains = [ config.networking.domain ]; }; ipv6Prefixes = [ diff --git a/nixos/boxes/colony/vms/estuary/dns.nix b/nixos/boxes/colony/vms/estuary/dns.nix index 923c461..e3b2cba 100644 --- a/nixos/boxes/colony/vms/estuary/dns.nix +++ b/nixos/boxes/colony/vms/estuary/dns.nix @@ -17,7 +17,7 @@ in dns = { address = [ "127.0.0.1" "::1" - assignments.internal.ipv4.address assignments.internal.ipv6.address + assignments.base.ipv4.address assignments.base.ipv6.address ]; allowFrom = [ "127.0.0.0/8" "::1/128" @@ -85,8 +85,7 @@ in ) @ IN NS ns - ns IN A 188.141.14.6 - ns IN AAAA 2a0e:97c0:4d0:bbbf::1 + ns IN ALIAS ${config.networking.fqdn}. @ IN ALIAS ${config.networking.fqdn}. diff --git a/nixos/boxes/colony/vms/shill/default.nix b/nixos/boxes/colony/vms/shill/default.nix index 348e4ab..5e0c506 100644 --- a/nixos/boxes/colony/vms/shill/default.nix +++ b/nixos/boxes/colony/vms/shill/default.nix @@ -75,7 +75,7 @@ IPv6SendRA = true; }; ipv6SendRAConfig = { - DNS = [ allAssignments.estuary.internal.ipv6.address ]; + DNS = [ allAssignments.estuary.base.ipv6.address ]; Domains = [ config.networking.domain ]; }; ipv6Prefixes = [