bd83a33608
swann: swap to 192.168.2.x for the EE interface
2024-10-13 20:04:00 +01:00
adc5d0fb05
ops/nixos: try to make some things more robust by trying Harder
2024-10-13 14:03:05 +01:00
52a0d29396
nixos/bgp: fixup
2024-07-13 16:57:05 +00:00
398cadaac3
swann: correct kea configs
2024-06-10 08:43:44 +01:00
4db9ef0543
ops/nixos: change shape of systemd-networkd
...
some repeated things have moved up
2024-06-09 00:53:59 +01:00
761465b393
swann: add peering to cofractal-ams01/rexxar
2024-04-04 22:51:27 +00:00
6f11983d75
swann: add wg-eta
2023-11-17 10:59:16 +00:00
20490c0853
swann: enable TFTP and HTTP for phone booting
2023-10-28 20:32:40 +00:00
ac0d2c58ed
swann: switch to v6
2023-10-13 01:40:35 +00:00
dab5bd9c5b
swann: add minicom and screen
2023-10-12 20:22:17 +00:00
7b585fab0d
swann: add conntrack-tools
2023-10-10 23:29:39 +00:00
0eab7d1802
swann: disable multicast snooping and vlan filtering
2023-10-02 17:08:30 +00:00
f51c993198
swann: correct the path to the bird socket
2023-09-30 21:22:50 +00:00
acb3f9c849
swann: fix en-ee routes so they belong to the ee route table
2023-09-30 21:22:36 +00:00
bb084d5aab
swann: kea/radvd if erbium is off
2023-08-19 23:54:48 +01:00
2e6ef07a23
swann: disable erbium again
2023-08-14 01:07:39 +01:00
eaa2538389
swann: fix IP for en-ee interface
2023-08-13 21:38:47 +01:00
f1f295f027
swann: switch to IPv4 for wireguard as well
...
I'm having trouble getting a properly delegated prefix for tethering on the
Quectel modem inside kerrigan. One day I'll figure it out I guess.
2023-08-19 22:37:13 +00:00
7a8614d2f7
swann: switch to erbium (this is broken)
2023-08-08 23:29:58 +01:00
e93f012772
swann: migrate to erbium
2023-08-06 17:06:18 +01:00
5d47f75c2f
swann: don't add mopup rules for wg-intfs, since we'll get that via BGP
2023-07-19 23:28:58 +01:00
528ed1debc
swann: add qvmpc6552
2023-07-11 12:01:00 +01:00
1c9b9e9fcd
swann: boot.tmpOnTmpfs -> boot.tmp.useTmpfs
2023-05-28 01:32:25 +01:00
4faf4a4630
swann: disable unifi
2023-04-15 02:45:10 +00:00
ed03e709c5
euw1.api.riotgames.com is on AWS and isn't useful
2023-01-14 22:17:36 +00:00
40ed8549b8
resolve some warnings
2022-12-29 14:15:58 +00:00
9dee33f3dc
swann: reenable unifi controller
2022-10-09 18:15:47 +01:00
c16856f8ab
treewide: add my.ip.tailscale6
2022-09-02 00:22:16 +01:00
784324fd20
ops/nixos: decommission virgin media
2022-04-15 23:42:05 +01:00
b40f3435f4
swann: switch to SFP
2022-03-30 16:42:37 +00:00
b8acd6e31b
swann: re-enable vault-agent
2022-03-20 19:10:24 +00:00
262620f177
swann: also put v6 RA routes into the correct route table
...
(fixes ee)
2022-03-13 20:35:11 +00:00
615c30ed54
swann: reduce write activity on disk
2022-03-13 17:34:23 +00:00
5283ee4fee
swann: migrate fully to using networkd
...
networkd appears to have gotten very aggressive about clearing routing rules it didn't insert itself
2022-03-12 19:38:54 +00:00
9099ee2a45
swann: only rename physical interfaces
2022-03-12 07:25:48 +00:00
6353ce6603
swann: make systemd-networkd-wait-online wait for _any_ NIC
2022-03-11 22:57:08 +00:00
0c458988de
ops/nixos: misc cleanups
2022-03-11 03:27:58 +00:00
f0e645fccb
swann: add lukegb01.ring.nlnog.net to smokeping prober
2022-03-03 18:44:56 +00:00
080577e0f3
swann: fix tailscale outbound
...
Tailscale adds a policy-based routing rule at priority 5200-ish, which is
before all the rules that we add. This avoids any Tailscale traffic going
out... over Tailscale, which would be bad.
Anyway, this breaks us because our main table is empty, so there's nowhere
for the Tailscale traffic to actually go. Oops.
Instead, use policy-based routing to send things over our WG tunnel, or over
any of our upstream connections depending on what's available.
2022-03-02 00:32:31 +00:00
cbabb6f211
ops/nixos: migrate nix.maxJobs/binaryCaches/trustedBinaryCaches to the nix.settings equivalents
2022-01-30 20:30:20 +00:00
4b14ea5b4d
ops/nixos: remove rebuilder
...
It's in the common profile, we don't need it everywhere.
2022-01-23 16:57:20 +00:00
eb3b306439
Backed out changeset 073cf55ed346
...
Mischief managed
2022-01-15 13:32:47 +00:00
687d72cfdc
ops/nixos: experiment with ECMP
2022-01-15 13:32:41 +00:00
9be6bcaf2d
ops/nixos: set up gnetwork link
2022-01-14 19:42:06 +00:00
ad95bffd3d
ops/nixos: tidy up networking.useDHCP
2022-01-08 21:45:18 +00:00
6cfcd10e06
swann: use the router's public IP when making connections
...
For v6, the link is on an unrouted subnet so there's no way to address it from
outside. We don't want Linux to use the v6 subnet for connections it makes, so
we ask politely that the source on the route is actually an IP address that we
Like.
2022-01-01 02:11:59 +00:00
3458c7766e
swann: switch from prod.euw1.riotgames.com to euw1.api.riotgames.com
...
The former appears to resolve, but no longer respond to ICMP ping (even from a
different network). Switch to the documented API endpoint, which still
responds to ICMP ping.
2022-01-01 01:31:56 +00:00
8b3e77de1e
swann: coredns shouldn't bind to 127.0.0.53 because systemd-resolved wants it
2021-12-31 23:52:57 +00:00
ca6de1910d
swann: services.unifi.openPorts -> openFirewall
2021-12-24 02:03:36 +00:00
d99fe8b153
depot: fixups
2021-12-08 02:37:12 +00:00
