89 lines
2.2 KiB
Nix
89 lines
2.2 KiB
Nix
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
{ depot, lib, pkgs, rebuilder, config, ... }:
|
|
let
|
|
inherit (depot.ops) secrets;
|
|
|
|
internetAddresses = {
|
|
v4 = { local = "195.74.55.23"; remote = "195.74.55.22"; };
|
|
v6 = {
|
|
local = "2a03:ee40:8080:9:2::2";
|
|
remote = "2a03:ee40:8080:9:2::1";
|
|
};
|
|
};
|
|
in {
|
|
imports = [
|
|
../lib/blade.nix
|
|
../lib/bgp.nix
|
|
];
|
|
|
|
boot.loader.grub.device = "/dev/disk/by-id/usb-USB_SanDisk_3.2Gen1_0101da58c052a35c497ff39f7bd33f46a018bf2f2cd4503e52a89df5e552da8d661f000000000000000000005e0619e7ff90240091558107b6a8e58d-0:0";
|
|
|
|
services.lukegbgp = {
|
|
enable = true;
|
|
config = {
|
|
local.routerID = internetAddresses.v4.local;
|
|
peering.veloxserv = {
|
|
local = {
|
|
asn = 205479;
|
|
v4 = internetAddresses.v4.local;
|
|
v6 = internetAddresses.v6.local;
|
|
};
|
|
remote = {
|
|
asn = 3170;
|
|
export_community = 4001;
|
|
routers = [{ v4 = internetAddresses.v4.remote; v6 = internetAddresses.v6.remote; }];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
# Networking!
|
|
networking = {
|
|
hostName = "blade-paris";
|
|
hostId = "41b2a198";
|
|
interfaces.en-internet.ipv4.addresses = [{
|
|
address = internetAddresses.v4.local;
|
|
prefixLength = 31;
|
|
}];
|
|
interfaces.en-internet.ipv6.addresses = [{
|
|
address = internetAddresses.v6.local;
|
|
prefixLength = 126;
|
|
}];
|
|
defaultGateway = internetAddresses.v4.remote;
|
|
defaultGateway6 = internetAddresses.v6.remote;
|
|
firewall.extraCommands = "iptables -A INPUT -p vrrp -i br-mgmt -j ACCEPT";
|
|
};
|
|
my.ip.tailscale = "100.117.185.118";
|
|
my.blade.bay = 2;
|
|
my.blade.macAddress = {
|
|
internal = "e4:11:5b:ac:e4:8a";
|
|
storage = "e4:11:5b:ac:e4:8e";
|
|
internet = "e4:11:5b:ac:e4:8c";
|
|
};
|
|
my.deploy.enable = false;
|
|
|
|
services.ceph = {
|
|
mon.enable = true;
|
|
osd = {
|
|
enable = true;
|
|
daemons = [ "2" ];
|
|
};
|
|
};
|
|
|
|
services.keepalived = {
|
|
enable = true;
|
|
vrrpInstances.mgmtGateway = {
|
|
interface = "br-mgmt";
|
|
state = "MASTER";
|
|
priority = 100;
|
|
virtualIps = [
|
|
{ addr = "10.100.0.1/23"; }
|
|
{ addr = "92.118.28.1/24"; dev = "br-public"; }
|
|
];
|
|
virtualRouterId = 1;
|
|
};
|
|
};
|
|
}
|