clouvider-lon01: add minotarproxy IPs

This commit is contained in:
Luke Granger-Brown 2020-11-04 16:41:15 +00:00
parent 4da102053c
commit 86a09dab73
2 changed files with 27 additions and 3 deletions

View file

@ -105,6 +105,11 @@ in {
ipv4.addresses = [{ address = "185.198.188.29"; prefixLength = 31; }];
ipv6.addresses = [{ address = "2a0a:54c0:0:17::2"; prefixLength = 126; }];
};
interfaces.lo = {
ipv4.addresses = [{ address = "127.0.0.1"; prefixLength = 8; }] ++ (
map (n: { address = "92.118.29.${toString n}"; prefixLength = 32; }) (lib.range 225 253));
ipv6.addresses = [{ address = "::1"; prefixLength = 128; }];
};
firewall.allowPing = true;
firewall.allowedTCPPorts = [
80 443 # HTTP/nginx
@ -142,6 +147,9 @@ in {
local = {
routerID = "185.198.188.29";
};
export = {
v4 = ["92.118.28.0/24" "92.118.29.0/24"];
};
peering = {
clouvider = {
local = local // {

View file

@ -113,6 +113,20 @@ in {
};
});
};
export = mkOption { # lukegbgp.config.export
type = submodule {
options = {
v4 = mkOption { # lukegbgp.config.export.v4
type = listOf str;
default = ["92.118.31.0/24"];
};
v6 = mkOption { # lukegbgp.config.export.v6
type = listOf str;
default = ["2a09:a440::/48"];
};
};
};
};
};
};
};
@ -151,10 +165,11 @@ in {
bgp_ext_community.add((ro, 205479, 2001));
bgp_ext_community.add((ro, 205479, 2002));
bgp_ext_community.add((ro, 205479, 2003));
bgp_ext_community.add((ro, 205479, 3000));
accept;
};
};
route 92.118.31.0/24 blackhole;
${lib.concatMapStrings (ip: "route ${ip} blackhole;") config.services.lukegbgp.config.export.v4}
};
protocol static export6 {
ipv6 {
@ -164,10 +179,11 @@ in {
bgp_ext_community.add((ro, 205479, 2001));
bgp_ext_community.add((ro, 205479, 2002));
bgp_ext_community.add((ro, 205479, 2003));
bgp_ext_community.add((ro, 205479, 3000));
accept;
};
};
route 2a09:a440::/48 blackhole;
${lib.concatMapStrings (ip: "route ${ip} blackhole;") config.services.lukegbgp.config.export.v6}
};
'';
};
@ -181,4 +197,4 @@ in {
"net.ipv6.conf.all.autoconf" = 0;
};
};
}
}