bvm-heptapod: init

This commit is contained in:
Luke Granger-Brown 2021-12-17 01:28:39 +00:00
parent fee02312d3
commit 5eb7f7102f
4 changed files with 46 additions and 3 deletions

View file

@ -0,0 +1,37 @@
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0
{ config, depot, lib, pkgs, ... }:
let
inherit (depot.ops) secrets;
in {
imports = [
../lib/bvm.nix
];
# Networking!
networking = {
hostName = "bvm-heptapod";
hostId = "c30784de";
tempAddresses = "disabled";
interfaces.enp1s0 = {
ipv4.addresses = [{ address = "10.100.0.208"; prefixLength = 23; }];
};
interfaces.enp2s0 = {
ipv4.addresses = [{ address = "92.118.28.10"; prefixLength = 24; }];
ipv6.addresses = [{ address = "2a09:a441::10"; prefixLength = 32; }];
};
defaultGateway = { address = "92.118.28.1"; interface = "enp2s0"; };
defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; };
firewall = {
allowedTCPPorts = [ 80 443 ];
allowedUDPPorts = [ 443 ];
};
};
my.ip.tailscale = "100.94.23.105";
system.stateVersion = "21.11";
}

View file

@ -41,6 +41,7 @@ let
"bvm-minecraft"
"bvm-netbox"
"bvm-radius"
"bvm-heptapod"
];
rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; }));
systemCfgs = lib.genAttrs systems

View file

@ -13,8 +13,8 @@ in {
isoImage.isoName = lib.mkForce "nixos-${depot.version}-${pkgs.stdenv.hostPlatform.system}.iso";
isoImage.storeContents = [
depot.ops.nixos.systems.bvm-radius
depot.ops.nixos.systems.bvm-heptapod
];
system.stateVersion = "21.05";
system.stateVersion = "21.11";
}

View file

@ -3,7 +3,7 @@
; SPDX-License-Identifier: Apache-2.0
; MNAME RNAME SERIAL REFRESH RETRY EXPIRE TTL
@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 40 600 450 3600 300
@ 600 IN SOA frantech-lux01.as205479.net. hostmaster.lukegb.com. 41 600 450 3600 300
; NB: this are also glue records in Google Domains.
$INCLUDE tmpl.ns
@ -83,6 +83,7 @@ bvm-win10.int 3600 IN A 100.71.230.20
bvm-matrix.int 3600 IN A 100.74.197.67
bvm-netbox.int 3600 IN A 100.81.27.52
bvm-radius.int 3600 IN A 100.120.98.116
bvm-heptapod.int 3600 IN A 100.94.23.105
mac-mini.int 3600 IN A 100.91.188.84
@ -150,6 +151,7 @@ bvm-win10.blade 3600 IN A 10.100.0.204
bvm-matrix.blade 3600 IN A 10.100.0.205
bvm-netbox.blade 3600 IN A 10.100.0.206
bvm-radius.blade 3600 IN A 10.100.0.207
bvm-heptapod.blade 3600 IN A 10.100.0.208
; services
; ceph-mon: blade-tuvok, blade-janeway, blade-paris
@ -196,6 +198,9 @@ bvm-radius 3600 IN A 92.118.28.9
bvm-radius 3600 IN AAAA 2a09:a441::9
radius 3600 IN CNAME bvm-radius.as205479.net.
@ 3600 IN NAPTR 100 10 "s" "x-eduroam:radius.tls" "" _radsec._tcp.roaming.ja.net.
bvm-heptapod.public 3600 IN CNAME bvm-heptapod.as205479.net.
bvm-heptapod 3600 IN A 92.118.28.10
bvm-heptapod 3600 IN AAAA 2a09:a441::10
; quadv
inet-vip.quadv 6000 IN A 92.118.31.254