bvm-heptapod: init
This commit is contained in:
parent
fee02312d3
commit
5eb7f7102f
4 changed files with 46 additions and 3 deletions
37
ops/nixos/bvm-heptapod/default.nix
Normal file
37
ops/nixos/bvm-heptapod/default.nix
Normal file
|
@ -0,0 +1,37 @@
|
|||
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
{ config, depot, lib, pkgs, ... }:
|
||||
let
|
||||
inherit (depot.ops) secrets;
|
||||
in {
|
||||
imports = [
|
||||
../lib/bvm.nix
|
||||
];
|
||||
|
||||
# Networking!
|
||||
networking = {
|
||||
hostName = "bvm-heptapod";
|
||||
hostId = "c30784de";
|
||||
tempAddresses = "disabled";
|
||||
|
||||
interfaces.enp1s0 = {
|
||||
ipv4.addresses = [{ address = "10.100.0.208"; prefixLength = 23; }];
|
||||
};
|
||||
interfaces.enp2s0 = {
|
||||
ipv4.addresses = [{ address = "92.118.28.10"; prefixLength = 24; }];
|
||||
ipv6.addresses = [{ address = "2a09:a441::10"; prefixLength = 32; }];
|
||||
};
|
||||
defaultGateway = { address = "92.118.28.1"; interface = "enp2s0"; };
|
||||
defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; };
|
||||
|
||||
firewall = {
|
||||
allowedTCPPorts = [ 80 443 ];
|
||||
allowedUDPPorts = [ 443 ];
|
||||
};
|
||||
};
|
||||
my.ip.tailscale = "100.94.23.105";
|
||||
|
||||
system.stateVersion = "21.11";
|
||||
}
|
|
@ -41,6 +41,7 @@ let
|
|||
"bvm-minecraft"
|
||||
"bvm-netbox"
|
||||
"bvm-radius"
|
||||
"bvm-heptapod"
|
||||
];
|
||||
rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; }));
|
||||
systemCfgs = lib.genAttrs systems
|
||||
|
|
|
@ -13,8 +13,8 @@ in {
|
|||
isoImage.isoName = lib.mkForce "nixos-${depot.version}-${pkgs.stdenv.hostPlatform.system}.iso";
|
||||
|
||||
isoImage.storeContents = [
|
||||
depot.ops.nixos.systems.bvm-radius
|
||||
depot.ops.nixos.systems.bvm-heptapod
|
||||
];
|
||||
|
||||
system.stateVersion = "21.05";
|
||||
system.stateVersion = "21.11";
|
||||
}
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
; SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL
|
||||
@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 40 600 450 3600 300
|
||||
@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 41 600 450 3600 300
|
||||
|
||||
; NB: this are also glue records in Google Domains.
|
||||
$INCLUDE tmpl.ns
|
||||
|
@ -83,6 +83,7 @@ bvm-win10.int 3600 IN A 100.71.230.20
|
|||
bvm-matrix.int 3600 IN A 100.74.197.67
|
||||
bvm-netbox.int 3600 IN A 100.81.27.52
|
||||
bvm-radius.int 3600 IN A 100.120.98.116
|
||||
bvm-heptapod.int 3600 IN A 100.94.23.105
|
||||
|
||||
mac-mini.int 3600 IN A 100.91.188.84
|
||||
|
||||
|
@ -150,6 +151,7 @@ bvm-win10.blade 3600 IN A 10.100.0.204
|
|||
bvm-matrix.blade 3600 IN A 10.100.0.205
|
||||
bvm-netbox.blade 3600 IN A 10.100.0.206
|
||||
bvm-radius.blade 3600 IN A 10.100.0.207
|
||||
bvm-heptapod.blade 3600 IN A 10.100.0.208
|
||||
|
||||
; services
|
||||
; ceph-mon: blade-tuvok, blade-janeway, blade-paris
|
||||
|
@ -196,6 +198,9 @@ bvm-radius 3600 IN A 92.118.28.9
|
|||
bvm-radius 3600 IN AAAA 2a09:a441::9
|
||||
radius 3600 IN CNAME bvm-radius.as205479.net.
|
||||
@ 3600 IN NAPTR 100 10 "s" "x-eduroam:radius.tls" "" _radsec._tcp.roaming.ja.net.
|
||||
bvm-heptapod.public 3600 IN CNAME bvm-heptapod.as205479.net.
|
||||
bvm-heptapod 3600 IN A 92.118.28.10
|
||||
bvm-heptapod 3600 IN AAAA 2a09:a441::10
|
||||
|
||||
; quadv
|
||||
inet-vip.quadv 6000 IN A 92.118.31.254
|
||||
|
|
Loading…
Reference in a new issue