ops/nixos: define a new my.ip.tailscale option which gets put into /etc/hosts everywhere

This commit is contained in:
Luke Granger-Brown 2020-11-01 18:25:01 +00:00
parent 9499761e7f
commit 7a19e14649
9 changed files with 21 additions and 3 deletions

View file

@ -100,6 +100,7 @@ in {
}; };
firewall.allowPing = true; firewall.allowPing = true;
}; };
my.ip.tailscale = "100.75.142.119";
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget

View file

@ -14,10 +14,14 @@ let
(depot.third_party.nixeval { (depot.third_party.nixeval {
system = builtins.currentSystem; system = builtins.currentSystem;
modules = [ (baseModule systemName) (args: { imports = [ lib/common.nix config ]; }) ]; modules = [ (baseModule systemName) (args: { imports = [ lib/common.nix config ]; }) ];
}).config.system.build.toplevel; });
systems = [ "porcorosso" "ixvm-fra01" "marukuru" "clouvider-fra01" "totoro" "kusakabe" "swann" ]; systems = [ "porcorosso" "ixvm-fra01" "marukuru" "clouvider-fra01" "totoro" "kusakabe" "swann" ];
rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; })); rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; }));
systemCfgs = lib.genAttrs systems systemCfgs = lib.genAttrs systems
(name: import (./. + "/${name}")); (name: import (./. + "/${name}"));
systemDrvs = mapAttrs systemFor systemCfgs; evaledSystems = mapAttrs systemFor systemCfgs;
in systemDrvs systemDrvs = mapAttrs (_: sys: sys.config.system.build.toplevel) evaledSystems;
systemTailscaleIPs = lib.mapAttrs' (n: v: lib.nameValuePair v [n]) (lib.filterAttrs (n: v: v != null) (mapAttrs (_: sys: sys.config.my.ip.tailscale) evaledSystems));
in systemDrvs // {
tailscaleIPs = systemTailscaleIPs;
}

View file

@ -86,6 +86,7 @@ in {
ATTR{address}=="00:50:56:a3:95:72", NAME="ens-locix" ATTR{address}=="00:50:56:a3:95:72", NAME="ens-locix"
ATTR{address}=="00:50:56:a3:6e:0f", NAME="ens-nlix" ATTR{address}=="00:50:56:a3:6e:0f", NAME="ens-nlix"
''; '';
my.ip.tailscale = "100.110.171.36";
environment.systemPackages = with pkgs; []; environment.systemPackages = with pkgs; [];

View file

@ -111,6 +111,7 @@ in {
]; ];
}; };
}; };
my.ip.tailscale = "100.101.38.52";
boot.kernel.sysctl."net.ipv4.ip_forward" = 1; boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1; boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
boot.kernel.sysctl."net.ipv6.conf.br-ext.proxy_ndp" = 1; boot.kernel.sysctl."net.ipv6.conf.br-ext.proxy_ndp" = 1;

View file

@ -18,9 +18,16 @@ in
default = null; default = null;
}; };
options.my.ip.tailscale = lib.mkOption {
type = lib.types.nullOr lib.types.string;
default = null;
};
config = { config = {
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
networking.hosts = depot.ops.nixos.tailscaleIPs;
nix = { nix = {
nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ]; nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ];
trustedUsers = [ "root" "@wheel" ]; trustedUsers = [ "root" "@wheel" ];

View file

@ -52,6 +52,7 @@ in {
}; };
}; };
}; };
my.ip.tailscale = "100.98.193.46";
services.udev.extraRules = '' services.udev.extraRules = ''
ATTR{address}=="52:54:00:84:e2:2a", NAME="eth0" ATTR{address}=="52:54:00:84:e2:2a", NAME="eth0"
''; '';

View file

@ -94,6 +94,7 @@ in {
networking.useDHCP = false; networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = false; networking.interfaces.eno1.useDHCP = false;
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
my.ip.tailscale = "100.125.26.108";
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";

View file

@ -48,6 +48,7 @@ in {
}; };
}; };
}; };
my.ip.tailscale = "100.102.224.95";
services.udev.extraRules = '' services.udev.extraRules = ''
ATTR{address}=="e4:3a:6e:16:07:62", NAME="ens-virginmedia" ATTR{address}=="e4:3a:6e:16:07:62", NAME="ens-virginmedia"
ATTR{address}=="e4:3a:6e:16:07:67", NAME="ens-general" ATTR{address}=="e4:3a:6e:16:07:67", NAME="ens-general"

View file

@ -70,6 +70,7 @@ in {
}; };
bridges.br-int.interfaces = []; bridges.br-int.interfaces = [];
}; };
my.ip.tailscale = "100.122.86.11";
# Virtualisation # Virtualisation
virtualisation.libvirtd = { virtualisation.libvirtd = {