From 4e4e8de984f63f98d6f7d19bf579c43175785250 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 23 Dec 2021 04:11:39 +0000 Subject: [PATCH] ops/nixos: init bvm-logger --- ops/nixos/bvm-logger/default.nix | 32 +++++++++++++++++++ ops/nixos/default.nix | 1 + ops/nixos/installcd/default.nix | 2 +- .../coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa | 5 ++- .../coredns/zones/db.28.118.92.in-addr.arpa | 8 ++--- ops/nixos/lib/coredns/zones/db.as205479.net | 7 +++- 6 files changed, 48 insertions(+), 7 deletions(-) create mode 100644 ops/nixos/bvm-logger/default.nix diff --git a/ops/nixos/bvm-logger/default.nix b/ops/nixos/bvm-logger/default.nix new file mode 100644 index 0000000000..503eae47c1 --- /dev/null +++ b/ops/nixos/bvm-logger/default.nix @@ -0,0 +1,32 @@ +# SPDX-FileCopyrightText: 2020 Luke Granger-Brown +# +# SPDX-License-Identifier: Apache-2.0 + +{ config, depot, lib, pkgs, ... }: +let + inherit (depot.ops) secrets; +in { + imports = [ + ../lib/bvm.nix + ]; + + # Networking! + networking = { + hostName = "bvm-logger"; + hostId = "2610e6ae"; + tempAddresses = "disabled"; + + interfaces.enp1s0 = { + ipv4.addresses = [{ address = "10.100.0.209"; prefixLength = 23; }]; + }; + interfaces.enp2s0 = { + ipv4.addresses = [{ address = "92.118.28.12"; prefixLength = 24; }]; + ipv6.addresses = [{ address = "2a09:a441::12"; prefixLength = 32; }]; + }; + defaultGateway = { address = "92.118.28.1"; interface = "enp2s0"; }; + defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; }; + }; + my.ip.tailscale = "100.68.134.82"; + + system.stateVersion = "21.11"; +} diff --git a/ops/nixos/default.nix b/ops/nixos/default.nix index 5ffa762ba0..6c4815d995 100644 --- a/ops/nixos/default.nix +++ b/ops/nixos/default.nix @@ -42,6 +42,7 @@ let "bvm-netbox" "bvm-radius" "bvm-heptapod" + "bvm-logger" ]; rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; })); systemCfgs = lib.genAttrs systems diff --git a/ops/nixos/installcd/default.nix b/ops/nixos/installcd/default.nix index a7829cafdd..6e630be537 100644 --- a/ops/nixos/installcd/default.nix +++ b/ops/nixos/installcd/default.nix @@ -13,7 +13,7 @@ in { isoImage.isoName = lib.mkForce "nixos-${depot.version}-${pkgs.stdenv.hostPlatform.system}.iso"; isoImage.storeContents = [ - depot.ops.nixos.systems.bvm-heptapod + depot.ops.nixos.systems.bvm-logger ]; system.stateVersion = "21.11"; diff --git a/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa b/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa index 70577d1987..44e8f09049 100644 --- a/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa +++ b/ops/nixos/lib/coredns/zones/db.1.4.4.a.9.0.a.2.ip6.arpa @@ -3,7 +3,7 @@ ; SPDX-License-Identifier: Apache-2.0 ; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL -@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 11 600 450 3600 300 +@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 12 600 450 3600 300 $INCLUDE tmpl.ns @@ -15,6 +15,9 @@ $INCLUDE tmpl.ns 7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-minecraft.public.as205479.net. 8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-netbox.public.as205479.net. 9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-radius.public.as205479.net. +10.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-heptapod.public.as205479.net. +11.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR hg.lukegb.com. +12.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR bvm-logger.public.as205479.net. 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR gw.public.as205479.net. e.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR blade-paris.public.as205479.net. f.f.f.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 3600 IN PTR blade-tuvok.public.as205479.net. diff --git a/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa b/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa index d96c518e67..9b136f2875 100644 --- a/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa +++ b/ops/nixos/lib/coredns/zones/db.28.118.92.in-addr.arpa @@ -3,7 +3,7 @@ ; SPDX-License-Identifier: Apache-2.0 ; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL -@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 14 600 450 3600 300 +@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 15 600 450 3600 300 $INCLUDE tmpl.ns @@ -17,9 +17,9 @@ $INCLUDE tmpl.ns 7 600 IN PTR bvm-minecraft.as205479.net. 8 600 IN PTR bvm-netbox.as205479.net. 9 600 IN PTR bvm-radius.as205479.net. -10 600 IN PTR 92-118-28-10.ptr.as205479.net. -11 600 IN PTR 92-118-28-11.ptr.as205479.net. -12 600 IN PTR 92-118-28-12.ptr.as205479.net. +10 600 IN PTR bvm-heptapod.as205479.net. +11 600 IN PTR hg.lukegb.com. +12 600 IN PTR bvm-logger.as205479.net. 13 600 IN PTR 92-118-28-13.ptr.as205479.net. 14 600 IN PTR 92-118-28-14.ptr.as205479.net. 15 600 IN PTR 92-118-28-15.ptr.as205479.net. diff --git a/ops/nixos/lib/coredns/zones/db.as205479.net b/ops/nixos/lib/coredns/zones/db.as205479.net index c5d8d35747..cf0bc15964 100644 --- a/ops/nixos/lib/coredns/zones/db.as205479.net +++ b/ops/nixos/lib/coredns/zones/db.as205479.net @@ -3,7 +3,7 @@ ; SPDX-License-Identifier: Apache-2.0 ; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL -@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 41 600 450 3600 300 +@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 42 600 450 3600 300 ; NB: this are also glue records in Google Domains. $INCLUDE tmpl.ns @@ -84,6 +84,7 @@ bvm-matrix.int 3600 IN A 100.74.197.67 bvm-netbox.int 3600 IN A 100.81.27.52 bvm-radius.int 3600 IN A 100.120.98.116 bvm-heptapod.int 3600 IN A 100.94.23.105 +bvm-logger.int 3600 IN A 100.68.134.82 mac-mini.int 3600 IN A 100.91.188.84 @@ -152,6 +153,7 @@ bvm-matrix.blade 3600 IN A 10.100.0.205 bvm-netbox.blade 3600 IN A 10.100.0.206 bvm-radius.blade 3600 IN A 10.100.0.207 bvm-heptapod.blade 3600 IN A 10.100.0.208 +bvm-logger.blade 3600 IN A 10.100.0.209 ; services ; ceph-mon: blade-tuvok, blade-janeway, blade-paris @@ -201,6 +203,9 @@ radius 3600 IN CNAME bvm-radius.as205479.net. bvm-heptapod.public 3600 IN CNAME bvm-heptapod.as205479.net. bvm-heptapod 3600 IN A 92.118.28.10 bvm-heptapod 3600 IN AAAA 2a09:a441::10 +bvm-logger.public 3600 IN CNAME bvm-logger.as205479.net. +bvm-logger 3600 IN A 92.118.28.12 +bvm-logger 3600 IN AAAA 2a09:a441::12 ; quadv inet-vip.quadv 6000 IN A 92.118.31.254