dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Revert "nixos/home/routing-common: Move Tailscale to home routers"
Some checks failed
CI / Check, build and cache Nix flake (push) Failing after 1h15m14s
Details

Browse Source 
This reverts commit 7c05b6158f.
This commit is contained in:
Jack O'Sullivan
2024-11-26 00:04:43 +00:00
parent 18981e240b
commit 6c98ef8944
4 changed files with 29 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
nixos/boxes/home/routing-common/default.nix
View File

@@ -1,7 +1,6 @@
index: { lib, allAssignments, ... }:
let
inherit (builtins) elemAt;
inherit (lib) concatStringsSep;
inherit (lib.my) net mkVLAN;
inherit (lib.my.c) pubDomain;
inherit (lib.my.c.home) domain vlans prefixes vips routers routersPubV4;
@@ -151,28 +150,6 @@ in
};
nginx.enable = true;
tailscale =
let
advRoutes = concatStringsSep "," [
prefixes.all.v4
prefixes.all.v6
];
in
{
enable = true;
authKeyFile = config.age.secrets."tailscale-auth.key".path;
openFirewall = true;
interfaceName = "tailscale0";
extraUpFlags = [
"--operator=${config.my.user.config.name}"
"--login-server=https://hs.nul.ie"
"--netfilter-mode=off"
"--advertise-exit-node"
"--advertise-routes=${advRoutes}"
"--accept-routes=false"
];
};
};
networking = { inherit domain; };
@@ -304,6 +281,15 @@ in
Destination = lib.my.c.colony.prefixes.all.v4;
Gateway = allAssignments.estuary.as211024.ipv4.address;
}
{
Destination = lib.my.c.tailscale.prefix.v4;
Gateway = allAssignments.britway.as211024.ipv4.address;
}
{
Destination = lib.my.c.tailscale.prefix.v6;
Gateway = allAssignments.britway.as211024.ipv6.address;
}
];
}
];
@@ -330,7 +316,6 @@ in
secrets = {
files = {
"l2mesh/as211024.key" = {};
"tailscale-auth.key" = {};
};
};
@@ -340,7 +325,7 @@ in
};
};
firewall = {
trustedInterfaces = [ "lan-hi" "lan-lo" "tailscale0" ];
trustedInterfaces = [ "lan-hi" "lan-lo" ];
udp.allowed = [ 5353 ];
tcp.allowed = [ 5353 ];
nat = {

7
nixos/boxes/home/routing-common/keepalived.nix
View File

@@ -61,12 +61,7 @@ in
v6Alive = pingScriptFor "v6" [ "2606:4700:4700::1111" "2001:4860:4860::8888" "2600::" ];
};
vrrpInstances = {
v4 = mkVRRP "v4" 51 // {
extraConfig = ''
notify_master "${config.systemd.package}/bin/systemctl start tailscaled.service" root
notify_backup "${config.systemd.package}/bin/systemctl stop tailscaled.service" root
'';
};
v4 = mkVRRP "v4" 51;
v6 = (mkVRRP "v6" 52) // {
extraConfig = ''
notify_master "${config.systemd.package}/bin/systemctl start radvd.service" root