dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/estuary: Make public IP be internal assignment

Browse Source
This commit is contained in:
Jack O'Sullivan 2022-05-29 15:48:26 +01:00
parent baed6f24f6
commit 62c00b8b22
5 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib.nix
View File

@ -158,14 +158,6 @@ rec {
colony = rec { colony = rec {
domain = "test.int.nul.ie"; domain = "test.int.nul.ie";
# Shouldn't need this hopefully (IPv6 RA)
dns = {
domains = [ domain ];
dns = [
"10.100.0.1"
"2a0e:97c0:4d1:0::1"
];
};
prefixes = { prefixes = {
all = { all = {
v4 = "10.100.0.0/16"; v4 = "10.100.0.0/16";

2
nixos/boxes/colony/default.nix
View File

@ -103,7 +103,7 @@
IPv6SendRA = true; IPv6SendRA = true;
}; };
ipv6SendRAConfig = { ipv6SendRAConfig = {
DNS = [ allAssignments.estuary.internal.ipv6.address ]; DNS = [ allAssignments.estuary.base.ipv6.address ];
Domains = [ config.networking.domain ]; Domains = [ config.networking.domain ];
}; };
ipv6Prefixes = [ ipv6Prefixes = [

22
nixos/boxes/colony/vms/estuary/default.nix
View File

@ -4,9 +4,20 @@
nixpkgs = "mine"; nixpkgs = "mine";
home-manager = "mine"; home-manager = "mine";
assignments.internal = { assignments = {
internal = {
name = "estuary-vm"; name = "estuary-vm";
altNames = [ "fw" ]; altNames = [ "fw" ];
ipv4 = {
address = "188.141.14.6";
gateway = null;
};
ipv6 = {
address = "2a0e:97c0:4d0:bbbf::1";
gateway = "fe80::215:17ff:fe4b:494a";
};
};
base = {
ipv4 = { ipv4 = {
address = "10.100.0.1"; address = "10.100.0.1";
gateway = null; gateway = null;
@ -14,6 +25,7 @@
#ipv6.address = "2a0e:97c0:4d1:0::1"; #ipv6.address = "2a0e:97c0:4d1:0::1";
ipv6.address = "2a0e:97c0:4d0:bbb0::1"; ipv6.address = "2a0e:97c0:4d0:bbb0::1";
}; };
};
configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }: configuration = { lib, pkgs, modulesPath, config, assignments, allAssignments, ... }:
let let
@ -71,15 +83,15 @@
UseHostname = false; UseHostname = false;
}; };
address = [ address = [
"2a0e:97c0:4d0:bbbf::1/64" (with assignments.internal.ipv6; "${address}/${toString mask}")
]; ];
gateway = [ gateway = [
"fe80::215:17ff:fe4b:494a" assignments.internal.ipv6.gateway
]; ];
networkConfig.IPv6AcceptRA = false; networkConfig.IPv6AcceptRA = false;
}; };
"80-base" = mkMerge [ "80-base" = mkMerge [
(networkdAssignment "base" assignments.internal) (networkdAssignment "base" assignments.base)
{ {
dns = [ "127.0.0.1" "::1" ]; dns = [ "127.0.0.1" "::1" ];
domains = [ config.networking.domain ]; domains = [ config.networking.domain ];
@ -88,7 +100,7 @@
IPv6SendRA = true; IPv6SendRA = true;
}; };
ipv6SendRAConfig = { ipv6SendRAConfig = {
DNS = [ assignments.internal.ipv6.address ]; DNS = [ assignments.base.ipv6.address ];
Domains = [ config.networking.domain ]; Domains = [ config.networking.domain ];
}; };
ipv6Prefixes = [ ipv6Prefixes = [

5
nixos/boxes/colony/vms/estuary/dns.nix
View File

@ -17,7 +17,7 @@ in
dns = { dns = {
address = [ address = [
"127.0.0.1" "::1" "127.0.0.1" "::1"
assignments.internal.ipv4.address assignments.internal.ipv6.address assignments.base.ipv4.address assignments.base.ipv6.address
]; ];
allowFrom = [ allowFrom = [
"127.0.0.0/8" "::1/128" "127.0.0.0/8" "::1/128"
@ -85,8 +85,7 @@ in
) )
@ IN NS ns @ IN NS ns
ns IN A 188.141.14.6 ns IN ALIAS ${config.networking.fqdn}.
ns IN AAAA 2a0e:97c0:4d0:bbbf::1
@ IN ALIAS ${config.networking.fqdn}. @ IN ALIAS ${config.networking.fqdn}.

2
nixos/boxes/colony/vms/shill/default.nix
View File

@ -75,7 +75,7 @@
IPv6SendRA = true; IPv6SendRA = true;
}; };
ipv6SendRAConfig = { ipv6SendRAConfig = {
DNS = [ allAssignments.estuary.internal.ipv6.address ]; DNS = [ allAssignments.estuary.base.ipv6.address ];
Domains = [ config.networking.domain ]; Domains = [ config.networking.domain ];
}; };
ipv6Prefixes = [ ipv6Prefixes = [