etheroute-lon01: switch to networkd
This commit is contained in:
parent
becf0d9fd6
commit
1c4530988d
1 changed files with 6 additions and 49 deletions
|
@ -3,44 +3,7 @@
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
{ depot, lib, pkgs, config, ... }:
|
{ depot, lib, pkgs, config, ... }:
|
||||||
let
|
{
|
||||||
makeIPIPInterface = {
|
|
||||||
name,
|
|
||||||
underlayDevice,
|
|
||||||
localIP,
|
|
||||||
remoteIP
|
|
||||||
}: {
|
|
||||||
description = "IPIP interface ${name}";
|
|
||||||
wantedBy = [ "network-setup.service" "sys-subsystem-net-devices-${underlayDevice}.device" ];
|
|
||||||
bindsTo = [ "sys-subsystem-net-devices-${underlayDevice}.device" ];
|
|
||||||
partOf = [ "network-setup.service" ];
|
|
||||||
after = [ "network-pre.target" "sys-subsystem-net-devices-${underlayDevice}.device" "network-addresses-${underlayDevice}.service" ];
|
|
||||||
before = [ "network-setup.service" ];
|
|
||||||
serviceConfig.Type = "oneshot";
|
|
||||||
serviceConfig.RemainAfterExit = true;
|
|
||||||
path = [ pkgs.iproute2 ];
|
|
||||||
|
|
||||||
script = ''
|
|
||||||
echo "Removing old interface"
|
|
||||||
ip link show "${name}" >/dev/null 2>&1 && ip link del "${name}"
|
|
||||||
|
|
||||||
echo "Adding interface"
|
|
||||||
ip link add name "${name}" type ipip local "${localIP}" remote "${remoteIP}"
|
|
||||||
|
|
||||||
echo "Bringing up interface"
|
|
||||||
ip link set "${name}" up
|
|
||||||
'';
|
|
||||||
preStop = ''
|
|
||||||
echo "Removing interface"
|
|
||||||
ip link set "${name}" down || true
|
|
||||||
ip link del "${name}" || true
|
|
||||||
'';
|
|
||||||
reload = ''
|
|
||||||
ip link set dev "${name}" type ipip local "${localIP}" remote "${remoteIP}"
|
|
||||||
'';
|
|
||||||
reloadIfChanged = true;
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
imports = [
|
imports = [
|
||||||
../lib/bgp.nix
|
../lib/bgp.nix
|
||||||
../lib/zfs.nix
|
../lib/zfs.nix
|
||||||
|
@ -113,6 +76,7 @@ in {
|
||||||
hostName = "etheroute-lon01";
|
hostName = "etheroute-lon01";
|
||||||
domain = "as205479.net";
|
domain = "as205479.net";
|
||||||
hostId = "420bee1b";
|
hostId = "420bee1b";
|
||||||
|
useNetworkd = true;
|
||||||
|
|
||||||
nameservers = [
|
nameservers = [
|
||||||
"2001:4860:4860::8888"
|
"2001:4860:4860::8888"
|
||||||
|
@ -132,10 +96,10 @@ in {
|
||||||
ipv4.addresses = [{ address = "103.141.25.50"; prefixLength = 30; }];
|
ipv4.addresses = [{ address = "103.141.25.50"; prefixLength = 30; }];
|
||||||
ipv6.addresses = [{ address = "2a07:242:800:64::68"; prefixLength = 64; }];
|
ipv6.addresses = [{ address = "2a07:242:800:64::68"; prefixLength = 64; }];
|
||||||
};
|
};
|
||||||
interfaces.quadv1-4 = {
|
#interfaces.quadv1-4 = {
|
||||||
ipv4.addresses = [{ address = "92.118.31.254"; prefixLength = 24; }];
|
# ipv4.addresses = [{ address = "92.118.31.254"; prefixLength = 24; }];
|
||||||
virtual = true;
|
# virtual = true;
|
||||||
};
|
#};
|
||||||
firewall.allowedTCPPorts = [ 80 443 ];
|
firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
firewall.extraCommands = ''
|
firewall.extraCommands = ''
|
||||||
# Flush old rules.
|
# Flush old rules.
|
||||||
|
@ -168,13 +132,6 @@ in {
|
||||||
my.ip.tailscale = "100.99.227.112";
|
my.ip.tailscale = "100.99.227.112";
|
||||||
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6263:e370";
|
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6263:e370";
|
||||||
|
|
||||||
networking.greTunnels.quadv1-4 = {
|
|
||||||
remote = "82.163.116.66";
|
|
||||||
local = "103.141.25.50";
|
|
||||||
dev = "eno1";
|
|
||||||
type = "tun";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.openssh.hostKeys = [
|
services.openssh.hostKeys = [
|
||||||
{
|
{
|
||||||
path = "/persist/etc/ssh/ssh_host_ed25519_key";
|
path = "/persist/etc/ssh/ssh_host_ed25519_key";
|
||||||
|
|
Loading…
Reference in a new issue