nixos: Add Gitea VM

2023-12-09 15:22:01 +00:00
parent b4d0d9aff9
commit 88b6e00f93
59 changed files with 953 additions and 792 deletions
--- a/nixos/boxes/colony/vms/estuary/bgp.nix
+++ b/nixos/boxes/colony/vms/estuary/bgp.nix
@@ -16,10 +16,11 @@ in

          define CCVIP1 = ${lib.my.c.colony.prefixes.vip1};
          define CCVIP2 = ${lib.my.c.colony.prefixes.vip2};
+          define CCVIP3 = ${lib.my.c.colony.prefixes.vip3};

          define OWNIP4 = ${assignments.internal.ipv4.address};
          define OWNNETSET4 = [ ${assignments.internal.ipv4.address}/32 ];
-          define CCNETSET4 = [ ${lib.my.c.colony.prefixes.vip1}, ${lib.my.c.colony.prefixes.vip2} ];
+          define CCNETSET4 = [ ${lib.my.c.colony.prefixes.vip1}, ${lib.my.c.colony.prefixes.vip2}, ${lib.my.c.colony.prefixes.vip3} ];

          define INTNET6 = ${intnet6};
          define AMSNET6 = ${amsnet6};
@@ -55,6 +56,7 @@ in
          protocol static static4 {
            route CCVIP1 via "base";
            route CCVIP2 via "base";
+            route CCVIP3 via "base";

            ipv4 {
              import all;
--- a/nixos/boxes/colony/vms/estuary/default.nix
+++ b/nixos/boxes/colony/vms/estuary/default.nix
@@ -290,6 +290,10 @@ in
                          Destination = prefixes.vip1;
                          Gateway = allAssignments.colony.routing.ipv4.address;
                        }
+                        {
+                          Destination = prefixes.vip3;
+                          Gateway = allAssignments.colony.routing.ipv4.address;
+                        }
                        {
                          Destination = prefixes.darts.v4;
                          Gateway = allAssignments.colony.routing.ipv4.address;
@@ -439,8 +443,8 @@ in
                  table inet nat {
                    chain prerouting {
                      ${matchInet "meta l4proto { udp, tcp } th dport domain redirect to :5353" "estuary"}
-                      ip daddr ${allAssignments.shill.internal.ipv4.address} tcp dport { http, https } dnat to ${allAssignments.middleman.internal.ipv4.address}
-                      ip6 daddr ${allAssignments.shill.internal.ipv6.address} tcp dport { http, https } dnat to ${allAssignments.middleman.internal.ipv6.address}
+                      ip daddr ${aa.git.internal.ipv4.address} tcp dport { http, https } dnat to ${aa.middleman.internal.ipv4.address}
+                      ip6 daddr ${aa.git.internal.ipv6.address} tcp dport { http, https } dnat to ${aa.middleman.internal.ipv6.address}
                    }
                    chain postrouting {
                      ip saddr ${prefixes.all.v4} snat to ${assignments.internal.ipv4.address}