From 42e8b1eed01c6e1fa37eb3e6687ff027ca1f37a0 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 18 Apr 2021 16:04:25 +0000 Subject: [PATCH] bvm-ipfs: add public IPv4/v6 addresses --- ops/nixos/bvm-ipfs/default.nix | 27 ++++++++++++++++++- .../coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa | 3 ++- .../coredns/zones/db.28.118.92.in-addr.arpa | 4 +-- ops/nixos/lib/coredns/zones/db.as205479.net | 4 ++- 4 files changed, 33 insertions(+), 5 deletions(-) diff --git a/ops/nixos/bvm-ipfs/default.nix b/ops/nixos/bvm-ipfs/default.nix index 5ac907e668..7dff9cbf47 100644 --- a/ops/nixos/bvm-ipfs/default.nix +++ b/ops/nixos/bvm-ipfs/default.nix @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: Apache-2.0 -{ ... }: +{ config, ... }: { imports = [ ../lib/bvm.nix @@ -16,6 +16,21 @@ interfaces.enp1s0 = { ipv4.addresses = [{ address = "10.100.0.203"; prefixLength = 23; }]; }; + interfaces.enp6s0 = { + ipv4.addresses = [{ address = "92.118.28.4"; prefixLength = 24; }]; + ipv6.addresses = [{ address = "2a09:a441::4"; prefixLength = 32; }]; + }; + defaultGateway = { address = "92.118.28.1"; interface = "enp6s0"; }; + defaultGateway6 = { address = "2a09:a441::1"; interface = "enp6s0"; }; + + firewall.allowedTCPPorts = [ + # IPFS + 4001 + ]; + firewall.allowedUDPPorts = [ + # IPFS + 4001 + ]; }; my.ip.tailscale = "100.73.206.41"; @@ -24,6 +39,16 @@ dataDir = "/store/ipfs"; extraConfig = { Experimental.FilestoreEnabled = true; + Addresses.API = [ + "/ip4/127.0.0.1/tcp/5001" + "/ip4/10.100.0.203/tcp/5001" + "/ip4/${config.my.ip.tailscale}/tcp/5001" + ]; + Addresses.Gateway = [ + "/ip4/127.0.0.1/tcp/8080" + "/ip4/10.100.0.203/tcp/8080" + "/ip4/${config.my.ip.tailscale}/tcp/8080" + ]; }; }; diff --git a/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa b/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa index 0727c9a44c..e7cd918d46 100644 --- a/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa +++ b/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa @@ -3,12 +3,13 @@ ; SPDX-License-Identifier: Apache-2.0 ; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL -@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 6 600 450 3600 300 +@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 7 600 450 3600 300 $INCLUDE tmpl.ns 2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-korobi.public.as205479.net. 3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-prosody.public.as205479.net. +4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-ipfs.public.as205479.net. 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR gw.public.as205479.net. e.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR blade-paris.public.as205479.net. f.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR blade-tuvok.public.as205479.net. diff --git a/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa b/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa index 066387b5cc..0ffd165e0e 100644 --- a/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa +++ b/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa @@ -3,7 +3,7 @@ ; SPDX-License-Identifier: Apache-2.0 ; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL -@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 5 600 450 3600 300 +@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 6 600 450 3600 300 $INCLUDE tmpl.ns @@ -11,7 +11,7 @@ $INCLUDE tmpl.ns 1 600 IN PTR gw.public.as205479.net. 2 600 IN PTR bvm-korobi.public.as205479.net. 3 600 IN PTR bvm-prosody.public.as205479.net. -4 600 IN PTR 92-118-28-4.ptr.as205479.net. +4 600 IN PTR bvm-ipfs.public.as205479.net. 5 600 IN PTR 92-118-28-5.ptr.as205479.net. 6 600 IN PTR 92-118-28-6.ptr.as205479.net. 7 600 IN PTR 92-118-28-7.ptr.as205479.net. diff --git a/ops/nixos/lib/coredns/zones/db.as205479.net b/ops/nixos/lib/coredns/zones/db.as205479.net index 27ee0012d6..5f1e246d7f 100644 --- a/ops/nixos/lib/coredns/zones/db.as205479.net +++ b/ops/nixos/lib/coredns/zones/db.as205479.net @@ -3,7 +3,7 @@ ; SPDX-License-Identifier: Apache-2.0 ; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL -@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 15 600 450 3600 300 +@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 16 600 450 3600 300 ; NB: this are also glue records in Google Domains. $INCLUDE tmpl.ns @@ -119,6 +119,8 @@ bvm-korobi.public 3600 IN A 92.118.28.2 bvm-korobi.public 3600 IN AAAA 2a09:a441::2 bvm-prosody.public 3600 IN A 92.118.28.3 bvm-prosody.public 3600 IN AAAA 2a09:a441::3 +bvm-ipfs.public 3600 IN A 92.118.28.4 +bvm-ipfs.public 3600 IN AAAA 2a09:a441::4 92-118-28-0.ptr 6000 IN A 92.118.28.0 92-118-28-1.ptr 6000 IN A 92.118.28.1