treewide: add my.ip.tailscale6

This commit is contained in:
Luke Granger-Brown 2022-09-02 00:22:16 +01:00
parent c1064daf09
commit c16856f8ab
24 changed files with 43 additions and 5 deletions

View file

@ -18,6 +18,7 @@ in {
hostId = "3a62390f"; hostId = "3a62390f";
}; };
my.ip.tailscale = "100.121.116.85"; my.ip.tailscale = "100.121.116.85";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6279:7455";
my.blade.bay = 3; my.blade.bay = 3;
my.blade.macAddress = { my.blade.macAddress = {
internal = "e8:39:35:1f:7f:8a"; internal = "e8:39:35:1f:7f:8a";

View file

@ -19,6 +19,7 @@ in {
hostId = "41b2a198"; hostId = "41b2a198";
}; };
my.ip.tailscale = "100.117.185.118"; my.ip.tailscale = "100.117.185.118";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6275:b976";
my.blade.bay = 2; my.blade.bay = 2;
my.blade.macAddress = { my.blade.macAddress = {
internal = "e4:11:5b:ac:e4:8a"; internal = "e4:11:5b:ac:e4:8a";

View file

@ -25,6 +25,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.92.118.36"; my.ip.tailscale = "100.92.118.36";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:625c:7624";
my.blade.bay = 8; my.blade.bay = 8;
my.blade.macAddress = { my.blade.macAddress = {
internal = "e4:11:5b:ac:e3:cc"; internal = "e4:11:5b:ac:e3:cc";

View file

@ -48,6 +48,7 @@ in {
''; '';
}; };
my.ip.tailscale = "100.119.123.33"; my.ip.tailscale = "100.119.123.33";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6277:7b21";
my.blade.bay = 6; my.blade.bay = 6;
my.blade.macAddress = { my.blade.macAddress = {
internal = "e4:11:5b:ac:e3:fe"; internal = "e4:11:5b:ac:e3:fe";

View file

@ -43,6 +43,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.94.23.105"; my.ip.tailscale = "100.94.23.105";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:625e:1769";
services.openssh.ports = [ 20022 ]; services.openssh.ports = [ 20022 ];
my.deploy.args = "-p 20022"; my.deploy.args = "-p 20022";

View file

@ -33,6 +33,7 @@
]; ];
}; };
my.ip.tailscale = "100.73.206.41"; my.ip.tailscale = "100.73.206.41";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6249:ce29";
services.ipfs = { services.ipfs = {
enable = true; enable = true;
@ -41,7 +42,8 @@
Experimental.FilestoreEnabled = true; Experimental.FilestoreEnabled = true;
Addresses = let Addresses = let
internalv4 = ["127.0.0.1" "10.100.0.203" config.my.ip.tailscale]; internalv4 = ["127.0.0.1" "10.100.0.203" config.my.ip.tailscale];
internal = map (a: "/ip4/${a}") internalv4; internalv6 = ["::1" config.my.ip.tailscale6];
internal = (map (a: "/ip4/${a}") internalv4) ++ (map (a: "/ip6/${a}") internalv6);
externalv4 = internalv4 ++ ["92.118.28.4"]; externalv4 = internalv4 ++ ["92.118.28.4"];
externalv6 = ["2a09:a441::4"]; externalv6 = ["2a09:a441::4"];
external = (map (a: "/ip4/${a}") externalv4) ++ (map (a: "/ip6/${a}") externalv6); external = (map (a: "/ip4/${a}") externalv4) ++ (map (a: "/ip6/${a}") externalv6);

View file

@ -27,6 +27,7 @@ in {
defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; }; defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; };
}; };
my.ip.tailscale = "100.68.134.82"; my.ip.tailscale = "100.68.134.82";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6244:8652";
services.clickhouse.enable = true; services.clickhouse.enable = true;
services.clickhouse.package = pkgs.symlinkJoin { services.clickhouse.package = pkgs.symlinkJoin {

View file

@ -32,6 +32,7 @@
]; ];
}; };
my.ip.tailscale = "100.74.197.67"; my.ip.tailscale = "100.74.197.67";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:624a:c543";
services.postfix = { services.postfix = {
enable = true; enable = true;

View file

@ -147,6 +147,7 @@ in {
defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; }; defaultGateway6 = { address = "2a09:a441::1"; interface = "enp2s0"; };
}; };
my.ip.tailscale = "100.81.27.52"; my.ip.tailscale = "100.81.27.52";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6251:1b34";
services.postgresql = { services.postgresql = {
enable = true; enable = true;

View file

@ -28,6 +28,7 @@
defaultGateway6 = { address = "2a09:a441::1"; interface = "enp6s0"; }; defaultGateway6 = { address = "2a09:a441::1"; interface = "enp6s0"; };
}; };
my.ip.tailscale = "100.65.226.19"; my.ip.tailscale = "100.65.226.19";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6241:e213";
services.rundeck = { services.rundeck = {
enable = true; enable = true;

View file

@ -20,10 +20,11 @@ in {
}; };
}; };
my.ip.tailscale = "100.85.236.121"; my.ip.tailscale = "100.85.236.121";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6255:ec79";
services.paperless = { services.paperless = {
enable = true; enable = true;
address = config.my.ip.tailscale; address = config.my.ip.tailscale6;
extraConfig = { extraConfig = {
PAPERLESS_URL = "https://paperless.int.lukegb.com"; PAPERLESS_URL = "https://paperless.int.lukegb.com";
PAPERLESS_ALLOWED_HOSTS = "paperless.int.lukegb.com,bvm-paperless.int.as205479.net:28981,bvm-paperless.int.as205479.net"; PAPERLESS_ALLOWED_HOSTS = "paperless.int.lukegb.com,bvm-paperless.int.as205479.net:28981,bvm-paperless.int.as205479.net";

View file

@ -27,6 +27,7 @@
firewall.allowedTCPPorts = [ 80 443 3478 5280 5281 5222 5223 5269 5298 ]; firewall.allowedTCPPorts = [ 80 443 3478 5280 5281 5222 5223 5269 5298 ];
}; };
my.ip.tailscale = "100.86.22.44"; my.ip.tailscale = "100.86.22.44";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6256:162c";
services.coturn = { services.coturn = {
enable = true; enable = true;

View file

@ -53,6 +53,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.120.98.116"; my.ip.tailscale = "100.120.98.116";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6278:6274";
my.vault.acmeCertificates."as205479.net" = { my.vault.acmeCertificates."as205479.net" = {
group = "acme"; group = "acme";

View file

@ -18,6 +18,7 @@
}; };
}; };
my.ip.tailscale = "100.119.86.55"; my.ip.tailscale = "100.119.86.55";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6277:5637";
services.postgresql = { services.postgresql = {
enable = true; enable = true;

View file

@ -18,8 +18,14 @@ let
other = _apply lib.id { other = _apply lib.id {
"content.int.lukegb.com" = { "content.int.lukegb.com" = {
listen = [{ listen = [{
addr = "[${config.my.ip.tailscale6}]";
port = 80;
} {
addr = config.my.ip.tailscale; addr = config.my.ip.tailscale;
port = 80; port = 80;
} {
addr = "[${config.my.ip.tailscale6}]";
port = 18081;
} { } {
addr = config.my.ip.tailscale; addr = config.my.ip.tailscale;
port = 18081; port = 18081;
@ -40,6 +46,9 @@ let
listen = [{ listen = [{
addr = config.my.ip.tailscale; addr = config.my.ip.tailscale;
port = 80; port = 80;
} {
addr = "[${config.my.ip.tailscale6}]";
port = 80;
}]; }];
}; };
in { in {
@ -121,6 +130,7 @@ in {
]; ];
}; };
my.ip.tailscale = "100.75.142.119"; my.ip.tailscale = "100.75.142.119";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:624b:8e77";
my.coredns.bind = [ "enp1s0" "tailscale0" "127.0.0.1" "::1" ]; my.coredns.bind = [ "enp1s0" "tailscale0" "127.0.0.1" "::1" ];
# Define a user account. # Define a user account.

View file

@ -125,10 +125,12 @@
iptables -A INPUT -p tcp --dport 22 --dst 185.198.188.29 -j ACCEPT iptables -A INPUT -p tcp --dport 22 --dst 185.198.188.29 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 --dst ${config.my.ip.tailscale} -j ACCEPT iptables -A INPUT -p tcp --dport 22 --dst ${config.my.ip.tailscale} -j ACCEPT
ip6tables -A INPUT -p tcp --dport 22 --dst 2a0a:54c0:0:17::2 -j ACCEPT ip6tables -A INPUT -p tcp --dport 22 --dst 2a0a:54c0:0:17::2 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 22 --dst ${config.my.ip.tailscale6} -j ACCEPT
''; '';
}; };
}; };
my.ip.tailscale = "100.79.173.25"; my.ip.tailscale = "100.79.173.25";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:624f:ad19";
my.coredns.bind = [ "br-ext" "tailscale0" "127.0.0.1" "::1" ]; my.coredns.bind = [ "br-ext" "tailscale0" "127.0.0.1" "::1" ];
services.openssh.openFirewall = false; # allowed by networking.firewall.extraCommands services.openssh.openFirewall = false; # allowed by networking.firewall.extraCommands

View file

@ -22,6 +22,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.127.132.77"; my.ip.tailscale = "100.127.132.77";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:627f:844d";
system.stateVersion = "21.05"; system.stateVersion = "21.05";
} }

View file

@ -22,6 +22,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.125.159.57"; my.ip.tailscale = "100.125.159.57";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:627d:9f39";
system.stateVersion = "21.05"; system.stateVersion = "21.05";
} }

View file

@ -20,6 +20,7 @@
}; };
}; };
my.ip.tailscale = "100.99.236.25"; my.ip.tailscale = "100.99.236.25";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6263:ec19";
system.stateVersion = "21.05"; system.stateVersion = "21.05";
} }

View file

@ -64,6 +64,10 @@ in
type = lib.types.nullOr lib.types.str; type = lib.types.nullOr lib.types.str;
default = null; default = null;
}; };
options.my.ip.tailscale6 = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
};
options.my.deploy.enable = lib.mkOption { options.my.deploy.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
@ -80,7 +84,7 @@ in
}; };
options.my.scrapeJournal.addr = lib.mkOption { options.my.scrapeJournal.addr = lib.mkOption {
type = lib.types.nullOr lib.types.str; type = lib.types.nullOr lib.types.str;
default = if config.my.ip.tailscale == null then null else "${config.my.ip.tailscale}:19531"; default = if config.my.ip.tailscale6 == null then if config.my.ip.tailscale == null then null else "${config.my.ip.tailscale}:19531" else "[${config.my.ip.tailscale6}]:19531";
}; };
config = { config = {
@ -324,9 +328,9 @@ in
services.fwupd.enable = true; services.fwupd.enable = true;
# This is enabled independently of my.scrapeJournal.enable. # This is enabled independently of my.scrapeJournal.enable.
services.journald.enableHttpGateway = config.my.ip.tailscale != null; services.journald.enableHttpGateway = config.my.ip.tailscale != null || config.my.ip.tailscale6 != null;
systemd.sockets.systemd-journal-gatewayd.socketConfig = lib.optionalAttrs (config.my.ip.tailscale != null) { systemd.sockets.systemd-journal-gatewayd.socketConfig = lib.optionalAttrs (config.my.ip.tailscale != null) {
ListenStream = [ "" "${config.my.ip.tailscale}:19531" ]; ListenStream = [ "" ] ++ (lib.optional (config.my.ip.tailscale != null) "${config.my.ip.tailscale}:19531") ++ (lib.optional (config.my.ip.tailscale6 != null) "[${config.my.ip.tailscale6}:19531");
FreeBind = true; FreeBind = true;
}; };

View file

@ -58,6 +58,7 @@
}; };
}; };
my.ip.tailscale = "100.93.85.40"; my.ip.tailscale = "100.93.85.40";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:625d:5528";
my.systemType = "aarch64-linux"; my.systemType = "aarch64-linux";
nix.gc.automatic = false; nix.gc.automatic = false;

View file

@ -134,6 +134,7 @@ in {
wifi.backend = "iwd"; wifi.backend = "iwd";
}; };
my.ip.tailscale = "100.125.26.108"; my.ip.tailscale = "100.125.26.108";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:627d:1a6c";
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";

View file

@ -369,6 +369,7 @@ in {
}; };
services.mstpd.enable = true; services.mstpd.enable = true;
my.ip.tailscale = "100.102.224.95"; my.ip.tailscale = "100.102.224.95";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:6266:e05f";
services.udev.extraRules = '' services.udev.extraRules = ''
ATTR{address}=="e4:3a:6e:16:07:63", DRIVERS=="?*", NAME="en-ee" ATTR{address}=="e4:3a:6e:16:07:63", DRIVERS=="?*", NAME="en-ee"
ATTR{address}=="e4:3a:6e:16:07:64", DRIVERS=="?*", NAME="en-gnet" ATTR{address}=="e4:3a:6e:16:07:64", DRIVERS=="?*", NAME="en-gnet"

View file

@ -145,6 +145,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.122.86.11"; my.ip.tailscale = "100.122.86.11";
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:627a:560b";
# Virtualisation # Virtualisation
virtualisation.libvirtd = { virtualisation.libvirtd = {