gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

network module refactor: result

Browse source
This commit is contained in:
kat witch 2021-08-31 00:48:24 +01:00
parent d27db5f4fc
commit bd320a7c0f
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
12 changed files with 45 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

12
config/hosts/athame/nixos.nix
View file

@ -49,7 +49,7 @@ with lib;
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.public.ipv4.address;
host = config.network.addresses.public.nixos.ipv4.address;
};
};
};
@ -83,7 +83,7 @@ with lib;
enp1s0 = {
useDHCP = true;
ipv6.addresses = [{
address = config.network.addresses.public.ipv6.address;
address = config.network.addresses.public.nixos.ipv6.address;
prefixLength = 64;
}];
};
@ -98,15 +98,17 @@ with lib;
addresses = {
public = {
enable = true;
ipv4.address = "168.119.126.111";
ipv6.address = "2a01:4f8:c2c:b7a8::1";
nixos = {
ipv4.address = "168.119.126.111";
ipv6.address = "2a01:4f8:c2c:b7a8::1";
};
};
};
yggdrasil = {
enable = true;
pubkey = "55e3f29c252d16e73ac849a6039824f94df1dee670c030b9e29f90584f935575";
listen.enable = true;
listen.endpoints = [ "tcp://${config.network.addresses.public.ipv4.address}:52969" "tcp://[${config.network.addresses.public.ipv6.address}]:52969" ];
listen.endpoints = [ "tcp://${config.network.addresses.public.nixos.ipv4.address}:52969" "tcp://[${config.network.addresses.public.nixos.ipv6.address}]:52969" ];
};
};

10
config/hosts/beltane/nixos.nix
View file

@ -28,7 +28,7 @@ with lib;
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.ipv4.address;
host = config.network.addresses.private.nixos.ipv4.address;
};
};
};
@ -97,7 +97,7 @@ with lib;
hostId = "3ef9a419";
useDHCP = false;
interfaces.eno1.ipv4.addresses = singleton {
inherit (config.network.addresses.private.ipv4) address;
inherit (config.network.addresses.private.nixos.ipv4) address;
prefixLength = 24;
};
defaultGateway = config.network.privateGateway;
@ -108,8 +108,10 @@ with lib;
addresses = {
private = {
enable = true;
ipv4.address = "192.168.1.2";
# TODO ipv6.address
nixos = {
ipv4.address = "192.168.1.2";
# TODO ipv6.address
};
};
};
yggdrasil = {

9
config/hosts/ostara/nixos.nix
View file

@ -18,7 +18,7 @@ with lib;
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.ipv4.address;
host = config.network.addresses.private.nixos.ipv4.address;
};
};
};
@ -53,7 +53,7 @@ with lib;
hostId = "9f89b327";
useDHCP = false;
interfaces.enp1s0.ipv4.addresses = singleton {
inherit (config.network.addresses.private.ipv4) address;
inherit (config.network.addresses.private.nixos.ipv4) address;
prefixLength = 24;
};
defaultGateway = config.network.privateGateway;
@ -62,7 +62,10 @@ with lib;
network = {
addresses = {
private = {
ipv4.address = "192.168.1.32";
enable = true;
nixos = {
ipv4.address = "192.168.1.32";
};
};
};
};

7
config/hosts/rinnosuke/nixos.nix
View file

@ -31,8 +31,8 @@ in
interfaces.ens3 = {
useDHCP = true;
ipv6 = {
addresses = mkIf (config.network.addresses.public.ipv6.enable) [{
address = config.network.addresses.public.ipv6.address;
addresses = mkIf (config.network.addresses.public.nixos.ipv6.enable) [{
address = config.network.addresses.public.nixos.ipv6.address;
prefixLength = 64;
}];
routes = [{
@ -47,7 +47,8 @@ in
addresses = {
public = {
enable = true;
ipv6.address = mkIf (tf.state.resources ? ${tf.resources.${config.networking.hostName}.out.reference}) addr_ipv6_nix;
nixos.ipv6.address = mkIf (tf.state.resources ? ${tf.resources.${config.networking.hostName}.out.reference}) addr_ipv6_nix;
tf.ipv6.address = tf.resources.rinnosuke_ipv6.refAttr "ip_address";
};
};
firewall.public.interfaces = singleton "ens3";

8
config/hosts/samhain/nixos.nix
View file

@ -30,7 +30,7 @@ in
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.ipv4.address;
host = config.network.addresses.private.nixos.ipv4.address;
};
};
};
@ -192,7 +192,7 @@ in
};
networks.br = {
matchConfig.Name = "br";
address = singleton "${config.network.addresses.private.ipv4.address}/24";
address = singleton "${config.network.addresses.private.nixos.ipv4.address}/24";
gateway = singleton config.network.privateGateway;
};
netdevs.br = {
@ -210,7 +210,9 @@ in
addresses = {
private = {
enable = true;
ipv4.address = "192.168.1.1";
nixos = {
ipv4.address = "192.168.1.1";
};
};
};
yggdrasil = {

8
config/hosts/yule/nixos.nix
View file

@ -22,7 +22,7 @@ with lib;
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.ipv4.address;
host = config.network.addresses.private.nixos.ipv4.address;
};
};
};
@ -68,7 +68,7 @@ with lib;
wireless.interfaces = singleton "wlp2s0";
interfaces = {
wlp2s0.ipv4.addresses = singleton {
inherit (config.network.addresses.private.ipv4) address;
inherit (config.network.addresses.private.nixos.ipv4) address;
prefixLength = 24;
};
};
@ -79,7 +79,9 @@ with lib;
addresses = {
private = {
enable = true;
ipv4.address = "192.168.1.3";
nixos = {
ipv4.address = "192.168.1.3";
};
};
};
yggdrasil = {

2
config/services/kattv/default.nix
View file

@ -35,7 +35,7 @@ let
{ element.matroskamux.streamable = true; }
{
element.tcpclientsink = {
host = meta.network.nodes.beltane.network.addresses.private.ipv4.address;
host = meta.network.nodes.beltane.network.addresses.private.nixos.ipv4.address;
port = "4953";
sync = false;
};

2
config/services/mail/default.nix
View file

@ -23,7 +23,7 @@ with lib;
deploy.tf.dns.records.services_mail_spf = {
tld = config.network.dns.tld;
domain = "@";
txt.value = "v=spf1 ip4:${config.network.addresses.public.ipv4.address} ip6:${config.network.addresses.public.ipv6.address} -all";
txt.value = "v=spf1 ip4:${config.network.addresses.public.nixos.ipv4.address} ip6:${config.network.addresses.public.nixos.ipv6.address} -all";
};
deploy.tf.dns.records.services_mail_dmarc = {

4
config/services/xmpp/default.nix
View file

@ -59,13 +59,13 @@ with lib;
deploy.tf.dns.records.services_prosody_xmpp = {
tld = config.network.dns.tld;
domain = "xmpp";
a.address = config.network.addresses.public.ipv4.address;
a.address = config.network.addresses.public.nixos.ipv4.address;
};
deploy.tf.dns.records.services_prosody_xmpp_v6 = {
tld = config.network.dns.tld;
domain = "xmpp";
aaaa.address = config.network.addresses.public.ipv6.address;
aaaa.address = config.network.addresses.public.nixos.ipv6.address;
};
deploy.tf.dns.records.services_prosody_upload = {

2
config/users/kat/base/ssh.nix
View file

@ -19,7 +19,7 @@
in
(lib.foldAttrList (map
(network:
lib.mapAttrs (_: v: { hostname = v.address; } // common) (lib.filterAttrs (_: v: v.enable) (lib.mapAttrs (_: v: v.network.addresses.${network}.ipv4) meta.network.nodes))
lib.mapAttrs (_: v: { hostname = v.domain; } // common) (lib.filterAttrs (_: v: v.enable) (lib.mapAttrs (_: v: v.network.addresses.${network}) meta.network.nodes))
) [ "private" "public" ]));
};
}

12
nix/sources.json
View file

@ -89,10 +89,10 @@
"homepage": null,
"owner": "kittywitch",
"repo": "nixexprs",
"rev": "cace9038678b16a73a41430ef6fd32b7a86c2ef6",
"sha256": "0sm1ak1av97s0wm3z47f2aknf5a943lr2cqsyhl4mp9vhvhy87fd",
"rev": "1d3794d833bd3c76f5244410b44f947b8b0460b1",
"sha256": "0rf44z4k9xqvdqbkppdgw467r0znabn4ad0qv6q7b1149r7y9mfs",
"type": "tarball",
"url": "https://github.com/kittywitch/nixexprs/archive/cace9038678b16a73a41430ef6fd32b7a86c2ef6.tar.gz",
"url": "https://github.com/kittywitch/nixexprs/archive/1d3794d833bd3c76f5244410b44f947b8b0460b1.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"niv": {
@ -171,10 +171,10 @@
"homepage": null,
"owner": "arcnmx",
"repo": "tf-nix",
"rev": "5075a67154d58e72a68eb86f0277e9904979f0a7",
"sha256": "0ykshlh34widkaf45afzynqldh03hspx0kxlmlv6ka354is5iq44",
"rev": "509bdbb0768e033fc1d8b7a4bc7b2ec8e141806a",
"sha256": "1h48lh55j8jpknl4zica6b6q402r5nj816sz1k7dqy607y0pfcrb",
"type": "tarball",
"url": "https://github.com/arcnmx/tf-nix/archive/5075a67154d58e72a68eb86f0277e9904979f0a7.tar.gz",
"url": "https://github.com/arcnmx/tf-nix/archive/509bdbb0768e033fc1d8b7a4bc7b2ec8e141806a.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

2
overlays/exprs

@ -1 +1 @@
Subproject commit fa797581e3ec5139f25d22b8ec4e64cde5fe0257
Subproject commit 1d3794d833bd3c76f5244410b44f947b8b0460b1