f1f295f027
swann: switch to IPv4 for wireguard as well
...
I'm having trouble getting a properly delegated prefix for tethering on the
Quectel modem inside kerrigan. One day I'll figure it out I guess.
2023-08-19 22:37:13 +00:00
7a8614d2f7
swann: switch to erbium (this is broken)
2023-08-08 23:29:58 +01:00
e93f012772
swann: migrate to erbium
2023-08-06 17:06:18 +01:00
5d47f75c2f
swann: don't add mopup rules for wg-intfs, since we'll get that via BGP
2023-07-19 23:28:58 +01:00
528ed1debc
swann: add qvmpc6552
2023-07-11 12:01:00 +01:00
1c9b9e9fcd
swann: boot.tmpOnTmpfs -> boot.tmp.useTmpfs
2023-05-28 01:32:25 +01:00
4faf4a4630
swann: disable unifi
2023-04-15 02:45:10 +00:00
ed03e709c5
euw1.api.riotgames.com is on AWS and isn't useful
2023-01-14 22:17:36 +00:00
40ed8549b8
resolve some warnings
2022-12-29 14:15:58 +00:00
9dee33f3dc
swann: reenable unifi controller
2022-10-09 18:15:47 +01:00
c16856f8ab
treewide: add my.ip.tailscale6
2022-09-02 00:22:16 +01:00
784324fd20
ops/nixos: decommission virgin media
2022-04-15 23:42:05 +01:00
b40f3435f4
swann: switch to SFP
2022-03-30 16:42:37 +00:00
b8acd6e31b
swann: re-enable vault-agent
2022-03-20 19:10:24 +00:00
262620f177
swann: also put v6 RA routes into the correct route table
...
(fixes ee)
2022-03-13 20:35:11 +00:00
615c30ed54
swann: reduce write activity on disk
2022-03-13 17:34:23 +00:00
5283ee4fee
swann: migrate fully to using networkd
...
networkd appears to have gotten very aggressive about clearing routing rules it didn't insert itself
2022-03-12 19:38:54 +00:00
9099ee2a45
swann: only rename physical interfaces
2022-03-12 07:25:48 +00:00
6353ce6603
swann: make systemd-networkd-wait-online wait for _any_ NIC
2022-03-11 22:57:08 +00:00
0c458988de
ops/nixos: misc cleanups
2022-03-11 03:27:58 +00:00
f0e645fccb
swann: add lukegb01.ring.nlnog.net to smokeping prober
2022-03-03 18:44:56 +00:00
080577e0f3
swann: fix tailscale outbound
...
Tailscale adds a policy-based routing rule at priority 5200-ish, which is
before all the rules that we add. This avoids any Tailscale traffic going
out... over Tailscale, which would be bad.
Anyway, this breaks us because our main table is empty, so there's nowhere
for the Tailscale traffic to actually go. Oops.
Instead, use policy-based routing to send things over our WG tunnel, or over
any of our upstream connections depending on what's available.
2022-03-02 00:32:31 +00:00
cbabb6f211
ops/nixos: migrate nix.maxJobs/binaryCaches/trustedBinaryCaches to the nix.settings equivalents
2022-01-30 20:30:20 +00:00
4b14ea5b4d
ops/nixos: remove rebuilder
...
It's in the common profile, we don't need it everywhere.
2022-01-23 16:57:20 +00:00
eb3b306439
Backed out changeset 073cf55ed346
...
Mischief managed
2022-01-15 13:32:47 +00:00
687d72cfdc
ops/nixos: experiment with ECMP
2022-01-15 13:32:41 +00:00
9be6bcaf2d
ops/nixos: set up gnetwork link
2022-01-14 19:42:06 +00:00
ad95bffd3d
ops/nixos: tidy up networking.useDHCP
2022-01-08 21:45:18 +00:00
6cfcd10e06
swann: use the router's public IP when making connections
...
For v6, the link is on an unrouted subnet so there's no way to address it from
outside. We don't want Linux to use the v6 subnet for connections it makes, so
we ask politely that the source on the route is actually an IP address that we
Like.
2022-01-01 02:11:59 +00:00
3458c7766e
swann: switch from prod.euw1.riotgames.com to euw1.api.riotgames.com
...
The former appears to resolve, but no longer respond to ICMP ping (even from a
different network). Switch to the documented API endpoint, which still
responds to ICMP ping.
2022-01-01 01:31:56 +00:00
8b3e77de1e
swann: coredns shouldn't bind to 127.0.0.53 because systemd-resolved wants it
2021-12-31 23:52:57 +00:00
ca6de1910d
swann: services.unifi.openPorts -> openFirewall
2021-12-24 02:03:36 +00:00
d99fe8b153
depot: fixups
2021-12-08 02:37:12 +00:00
29f7073384
ops/nixos: compatibility with NixOS 22.05
2021-12-07 19:13:04 +00:00
c535655086
totoro/swann: do shenanigans with PS5 RTMP
2021-09-30 17:10:52 +00:00
fb16bea95c
swann: give PS5 a static IP
2021-09-30 16:07:12 +00:00
a8718864c1
swann: configure for eduroam on VLAN 100
2021-09-25 17:38:21 +00:00
4bb015ee0d
swann: use IPv6 endpoint for tuvok over EE
...
EE uses CGNAT on IPv4, which makes this... less than ideal. However, IPv6 is
IPv6 and works pretty reasonably.
2021-09-03 12:40:52 +00:00
d35a0a35ba
swann: ee-scrape-data must output data with a newline
2021-09-02 19:23:03 +00:00
58b87a9f0e
swann: add ee-scrape-data, for putting allowance data into prometheus
2021-09-02 19:19:53 +00:00
e95324c175
swann: yes, this one
2021-08-31 02:29:56 +00:00
2d0a607383
ops/nixos: enable bird-exporter-lfty
2021-08-31 02:26:50 +00:00
7134fe904a
ops/nixos: implement BFD+WG tunneling for mldn-rd
2021-08-30 19:58:21 +01:00
1557066375
coredns: allow tailscale net
2021-07-16 01:32:54 +00:00
ded652a595
swann: change MAC address of VM-facing interface
2021-07-15 12:18:07 +00:00
78da7c9f4d
swann: disable radvd/ndppd, add static IP for xerox printer
2021-07-15 11:55:10 +00:00
73b1e96727
swann: use /dev/null as /etc/hosts file for coredns
2021-05-31 23:54:07 +00:00
7195ed24c4
swann: change hosts lookup
2021-05-31 23:09:37 +00:00
bb06285f6d
swann: map www.nhs.uk to Akamai IPv6 address
2021-05-21 15:22:34 +00:00
63ecd2d0ab
swann: metric is a string field
2021-05-15 19:38:46 +00:00