gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: internal bridge

Browse source
This commit is contained in:
arcnmx 2024-03-22 19:18:24 -07:00
parent 5f36636902
commit 1d1dc64ef5
4 changed files with 78 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

48
nixos/reisen-ct/internal.nix Normal file
View file

@ -0,0 +1,48 @@
{
config,
lib,
...
}: let
inherit (lib.options) mkOption mkEnableOption;
inherit (lib.modules) mkIf mkMerge mkDefault mkOptionDefault;
inherit (lib.trivial) toHexString;
cfg = config.access.internal;
offset = 32;
in {
options.access = with lib.types; {
internal = {
enable = mkEnableOption "eth9";
macAddress = mkOption {
type = nullOr str;
default = null;
};
vmid = mkOption {
type = int;
};
address4 = mkOption {
type = str;
};
address6 = mkOption {
type = str;
};
};
};
config.access.internal = {
address4 = mkOptionDefault "10.9.1.${toString (cfg.vmid - offset)}";
address6 = mkOptionDefault "fd0c::${toHexString (cfg.vmid - offset)}";
};
config.systemd.network.networks.eth9 = mkIf cfg.enable {
mdns.enable = false;
name = mkDefault "eth9";
matchConfig = {
MACAddress = mkIf (cfg.macAddress != null) (mkOptionDefault cfg.macAddress);
Type = mkOptionDefault "ether";
};
linkConfig.RequiredForOnline = mkOptionDefault false;
address = mkMerge [
["${cfg.address4}/24"]
(mkIf config.networking.enableIPv6 [ "${cfg.address6}/64" ])
];
DHCP = "no";
};
}

5
systems/mediabox/nixos.nix
View file

@ -116,6 +116,11 @@ in {
gateway = ["10.1.1.1"]; gateway = ["10.1.1.1"];
DHCP = "no"; DHCP = "no";
}; };
access.internal = {
enable = true;
macAddress = "BC:24:19:34:F4:A8";
vmid = 102;
};
sops.defaultSopsFile = ./secrets.yaml; sops.defaultSopsFile = ./secrets.yaml;

12
tf/proxmox_reisen.tf
View file

@ -1,4 +1,8 @@
locals { locals {
reisen_int_prefix4 = "10.9.1.0/24"
reisen_int_prefix6 = "fd0c::/64"
reisen_int_offset = 32
proxmox_reisen_connection = { proxmox_reisen_connection = {
type = "ssh" type = "ssh"
user = var.proxmox_reisen_ssh_username user = var.proxmox_reisen_ssh_username
@ -60,3 +64,11 @@ resource "terraform_data" "proxmox_reisen_users" {
] ]
} }
} }
resource "proxmox_virtual_environment_network_linux_bridge" "internal" {
node_name = "reisen"
name = "vmbr9"
address = "${cidrhost(local.reisen_int_prefix4, 2)}/24"
address6 = "${cidrhost(local.reisen_int_prefix6, 2)}/64"
comment = "internal private network"
}

13
tf/proxmox_vms.tf
View file

@ -143,6 +143,14 @@ EOT
gateway = "10.1.1.1" gateway = "10.1.1.1"
} }
} }
ip_config {
ipv6 {
address = "${cidrhost(local.reisen_int_prefix6, local.proxmox_mediabox_vm_id - local.reisen_int_offset)}/64"
}
ipv4 {
address = "${cidrhost(local.reisen_int_prefix4, local.proxmox_mediabox_vm_id - local.reisen_int_offset)}/24"
}
}
} }
startup { startup {
@ -155,6 +163,11 @@ EOT
name = "eth0" name = "eth0"
mac_address = "BC:24:11:34:F4:A8" mac_address = "BC:24:11:34:F4:A8"
} }
network_interface {
name = "eth9"
mac_address = "BC:24:19:34:F4:A8"
bridge = proxmox_virtual_environment_network_linux_bridge.internal.name
}
operating_system { operating_system {
template_file_id = var.proxmox_container_template template_file_id = var.proxmox_container_template