nixos/colony: Initial (attempt at) switch to ColoClue
This commit is contained in:
parent
c267640925
commit
e8d6a702e6
@ -201,11 +201,11 @@ rec {
|
||||
dockerNetAssignment =
|
||||
assignments: name: with assignments."${name}".internal; "ip=${ipv4.address},ip=${ipv6.address}";
|
||||
colony = rec {
|
||||
domain = "fra1.int.${pubDomain}";
|
||||
domain = "ams1.int.${pubDomain}";
|
||||
start = {
|
||||
all = {
|
||||
v4 = "10.100.";
|
||||
v6 = "2a0e:97c0:4d1:1";
|
||||
v6 = "2a0e:97c0:4d2:1";
|
||||
};
|
||||
base = {
|
||||
v4 = "${start.all.v4}0.";
|
||||
|
||||
@ -44,33 +44,33 @@
|
||||
systemd = {
|
||||
network = {
|
||||
links = {
|
||||
"10-wan10g" = {
|
||||
matchConfig.Path = "pci-0000:2d:00.0";
|
||||
linkConfig.Name = "wan10g";
|
||||
};
|
||||
#"10-wan10g" = {
|
||||
# matchConfig.Path = "pci-0000:2d:00.0";
|
||||
# linkConfig.Name = "wan10g";
|
||||
#};
|
||||
};
|
||||
netdevs = {
|
||||
"25-vm-wan10g" = {
|
||||
netdevConfig = {
|
||||
Name = "vm-wan10g";
|
||||
Kind = "macvtap";
|
||||
};
|
||||
# TODO: Upstream this missing section
|
||||
extraConfig = ''
|
||||
[MACVTAP]
|
||||
Mode=passthru
|
||||
'';
|
||||
};
|
||||
#"25-vm-wan10g" = {
|
||||
# netdevConfig = {
|
||||
# Name = "vm-wan10g";
|
||||
# Kind = "macvtap";
|
||||
# };
|
||||
# # TODO: Upstream this missing section
|
||||
# extraConfig = ''
|
||||
# [MACVTAP]
|
||||
# Mode=passthru
|
||||
# '';
|
||||
#};
|
||||
};
|
||||
networks = {
|
||||
"75-wan10g" = {
|
||||
matchConfig.Name = "wan10g";
|
||||
networkConfig.MACVTAP = "vm-wan10g";
|
||||
};
|
||||
"75-vm-wan10g" = {
|
||||
matchConfig.Name = "vm-wan10g";
|
||||
linkConfig.RequiredForOnline = "no";
|
||||
};
|
||||
#"75-wan10g" = {
|
||||
# matchConfig.Name = "wan10g";
|
||||
# networkConfig.MACVTAP = "vm-wan10g";
|
||||
#};
|
||||
#"75-vm-wan10g" = {
|
||||
# matchConfig.Name = "vm-wan10g";
|
||||
# linkConfig.RequiredForOnline = "no";
|
||||
#};
|
||||
};
|
||||
};
|
||||
|
||||
@ -98,14 +98,15 @@
|
||||
};
|
||||
memory = 3072;
|
||||
networks = {
|
||||
wan = {
|
||||
ifname = "vm-wan10g";
|
||||
bridge = null;
|
||||
tapFD = 100;
|
||||
# Real hardware MAC
|
||||
mac = "00:02:c9:56:24:6e";
|
||||
waitOnline = false;
|
||||
};
|
||||
# Mellanox ConnectX-2 hackery
|
||||
#wan = {
|
||||
# ifname = "vm-wan10g";
|
||||
# bridge = null;
|
||||
# tapFD = 100;
|
||||
# # Real hardware MAC
|
||||
# mac = "00:02:c9:56:24:6e";
|
||||
# waitOnline = false;
|
||||
#};
|
||||
base = {
|
||||
waitOnline = "carrier";
|
||||
mac = "52:54:00:15:1a:53";
|
||||
|
||||
@ -10,15 +10,15 @@
|
||||
altNames = [ "fw" ];
|
||||
domain = lib.my.colony.domain;
|
||||
ipv4 = {
|
||||
address = "212.83.51.97";
|
||||
address = "94.142.240.44";
|
||||
mask = 24;
|
||||
gateway = "212.83.51.1";
|
||||
gateway = "94.142.240.254";
|
||||
genPTR = false;
|
||||
};
|
||||
ipv6 = {
|
||||
address = "2a00:f48:103:2::10";
|
||||
address = "2a02:898:0:20::329:1";
|
||||
mask = 64;
|
||||
gateway = "2a00:f48:103:2::1";
|
||||
gateway = "2a02:898:0:20::1";
|
||||
genPTR = false;
|
||||
};
|
||||
};
|
||||
@ -39,7 +39,7 @@
|
||||
inherit (lib.my) networkdAssignment;
|
||||
in
|
||||
{
|
||||
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ./dns.nix ./bandwidth.nix ];
|
||||
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ./dns.nix ];
|
||||
|
||||
config = mkMerge [
|
||||
{
|
||||
@ -81,7 +81,7 @@
|
||||
in
|
||||
{
|
||||
description = "Frequent ICMP6 neighbour solicitations";
|
||||
enable = true;
|
||||
enable = false;
|
||||
requires = [ waitOnline ];
|
||||
after = [ waitOnline ];
|
||||
script = ''
|
||||
@ -97,14 +97,15 @@
|
||||
|
||||
systemd.network = {
|
||||
links = {
|
||||
"10-phy1g0" = {
|
||||
matchConfig.MACAddress = "d0:50:99:fa:a7:99";
|
||||
linkConfig.Name = "phy1g0";
|
||||
};
|
||||
"10-wan" = {
|
||||
matchConfig.MACAddress = "00:02:c9:56:24:6e";
|
||||
matchConfig.MACAddress = "d0:50:99:fa:a7:99";
|
||||
linkConfig.Name = "wan";
|
||||
};
|
||||
# Mellanox ConnectX-2
|
||||
#"10-wan" = {
|
||||
# matchConfig.MACAddress = "00:02:c9:56:24:6e";
|
||||
# linkConfig.Name = "wan";
|
||||
#};
|
||||
|
||||
"10-base" = {
|
||||
matchConfig.MACAddress = "52:54:00:15:1a:53";
|
||||
@ -126,8 +127,8 @@
|
||||
];
|
||||
networkConfig = {
|
||||
# We're using an explicit gateway and Linux uses link local address for neighbour discovery, so we
|
||||
# get lost to the router...
|
||||
LinkLocalAddressing = "no";
|
||||
# get lost to the router... (this was true in 23M Frankfurt)
|
||||
#LinkLocalAddressing = "no";
|
||||
IPv6AcceptRA = false;
|
||||
};
|
||||
};
|
||||
|
||||
@ -7,8 +7,8 @@ let
|
||||
ptrDots = 2;
|
||||
reverseZone = "100.10.in-addr.arpa";
|
||||
ptrDots6 = 20;
|
||||
reverseZone6 = "1.d.4.0.0.c.7.9.e.0.a.2.ip6.arpa";
|
||||
ptr6ValTrim = (stringLength "2a0e:97c0:4d1:") + 1;
|
||||
reverseZone6 = "2.d.4.0.0.c.7.9.e.0.a.2.ip6.arpa";
|
||||
ptr6ValTrim = (stringLength "2a0e:97c0:4d2:") + 1;
|
||||
|
||||
authZones = attrNames config.my.pdns.auth.bind.zones;
|
||||
in
|
||||
@ -76,7 +76,7 @@ in
|
||||
lua-dns-script = pkgs.writeText "pdns-script.lua" ''
|
||||
function preresolve(dq)
|
||||
if dq.qname:equal("nix-cache.nul.ie") then
|
||||
dq:addAnswer(pdns.CNAME, "http.fra1.int.nul.ie.")
|
||||
dq:addAnswer(pdns.CNAME, "http.${config.networking.domain}.")
|
||||
dq.rcode = 0
|
||||
dq.followupFunction = "followCNAMERecords"
|
||||
return true
|
||||
|
||||
Loading…
Reference in New Issue
Block a user