Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

retiolum: don't hardcode routing prefixes

Browse Source
This commit is contained in:
tv 2016-04-08 03:53:34 +02:00
parent 827f179080
commit 46e818ebbc
28 changed files with 228 additions and 247 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
krebs/3modules/lass/default.nix
View File

@ -8,15 +8,15 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["144.76.172.188"]; ip4.addr = "144.76.172.188";
aliases = [ aliases = [
"dishfire.internet" "dishfire.internet"
]; ];
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.133.99"]; ip4.addr = "10.243.133.99";
addrs6 = ["42:0000:0000:0000:0000:0000:d15f:1233"]; ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1233";
aliases = [ aliases = [
"dishfire.retiolum" "dishfire.retiolum"
"dishfire.r" "dishfire.r"
@ -40,15 +40,15 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["162.252.241.33"]; ip4.addr = "162.252.241.33";
aliases = [ aliases = [
"echelon.internet" "echelon.internet"
]; ];
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.206.103"]; ip4.addr = "10.243.206.103";
addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f763"]; ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f763";
aliases = [ aliases = [
"echelon.retiolum" "echelon.retiolum"
"echelon.r" "echelon.r"
@ -75,15 +75,15 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["213.239.205.240"]; ip4.addr = "213.239.205.240";
aliases = [ aliases = [
"prism.internet" "prism.internet"
]; ];
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.0.103"]; ip4.addr = "10.243.0.103";
addrs6 = ["42:0000:0000:0000:0000:0000:0000:15ab"]; ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab";
aliases = [ aliases = [
"prism.retiolum" "prism.retiolum"
"prism.r" "prism.r"
@ -107,15 +107,15 @@ with config.krebs.lib;
fastpoke = { fastpoke = {
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["193.22.164.36"]; ip4.addr = "193.22.164.36";
aliases = [ aliases = [
"fastpoke.internet" "fastpoke.internet"
]; ];
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.253.152"]; ip4.addr = "10.243.253.152";
addrs6 = ["42:422a:194f:ff3b:e196:2f82:5cf5:bc00"]; ip6.addr = "42:422a:194f:ff3b:e196:2f82:5cf5:bc00";
aliases = [ aliases = [
"fastpoke.retiolum" "fastpoke.retiolum"
"fastpoke.r" "fastpoke.r"
@ -139,15 +139,15 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["104.167.113.104"]; ip4.addr = "104.167.113.104";
aliases = [ aliases = [
"cloudkrebs.internet" "cloudkrebs.internet"
]; ];
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.206.102"]; ip4.addr = "10.243.206.102";
addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f762"]; ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f762";
aliases = [ aliases = [
"cloudkrebs.retiolum" "cloudkrebs.retiolum"
"cloudkrebs.r" "cloudkrebs.r"
@ -172,12 +172,12 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.12"]; ip4.addr = "10.23.1.12";
aliases = ["uriel.gg23"]; aliases = ["uriel.gg23"];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.81.176"]; ip4.addr = "10.243.81.176";
addrs6 = ["42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"]; ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56";
aliases = [ aliases = [
"uriel.retiolum" "uriel.retiolum"
"uriel.r" "uriel.r"
@ -203,12 +203,12 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.11"]; ip4.addr = "10.23.1.11";
aliases = ["mors.gg23"]; aliases = ["mors.gg23"];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.0.2"]; ip4.addr = "10.243.0.2";
addrs6 = ["42:0:0:0:0:0:0:dea7"]; ip6.addr = "42:0:0:0:0:0:0:dea7";
aliases = [ aliases = [
"mors.retiolum" "mors.retiolum"
"mors.r" "mors.r"
@ -234,8 +234,8 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.3"]; ip4.addr = "10.243.0.3";
addrs6 = ["42:0:0:0:0:0:0:7105"]; ip6.addr = "42:0:0:0:0:0:0:7105";
aliases = [ aliases = [
"helios.retiolum" "helios.retiolum"
"helios.r" "helios.r"

126
krebs/3modules/makefu/default.nix
View File

@ -8,8 +8,8 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.210"]; ip4.addr = "10.243.0.210";
addrs6 = ["42:f9f1:0000:0000:0000:0000:0000:0001"]; ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0001";
aliases = [ aliases = [
"pnp.retiolum" "pnp.retiolum"
"cgit.pnp.retiolum" "cgit.pnp.retiolum"
@ -31,8 +31,8 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.84"]; ip4.addr = "10.243.0.84";
addrs6 = ["42:ff6b:5f0b:460d:2cee:4d05:73f7:5566"]; ip6.addr = "42:ff6b:5f0b:460d:2cee:4d05:73f7:5566";
aliases = [ aliases = [
"darth.retiolum" "darth.retiolum"
"darth.r" "darth.r"
@ -54,8 +54,8 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.212"]; ip4.addr = "10.243.0.212";
addrs6 = ["42:f9f1:0000:0000:0000:0000:0000:0002"]; ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0002";
aliases = [ aliases = [
"tsp.retiolum" "tsp.retiolum"
]; ];
@ -81,8 +81,8 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.91"]; ip4.addr = "10.243.0.91";
addrs6 = ["42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"]; ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db";
aliases = [ aliases = [
"pornocauster.retiolum" "pornocauster.retiolum"
"pornocauster.r" "pornocauster.r"
@ -108,8 +108,8 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.1.91"]; ip4.addr = "10.243.1.91";
addrs6 = ["42:0b2c:d90e:e717:03dd:9ac1:0000:a400"]; ip6.addr = "42:0b2c:d90e:e717:03dd:9ac1:0000:a400";
aliases = [ aliases = [
"vbob.retiolum" "vbob.retiolum"
]; ];
@ -135,22 +135,22 @@ with config.krebs.lib;
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
euer IN MX 1 aspmx.l.google.com. euer IN MX 1 aspmx.l.google.com.
pigstarter IN A ${head nets.internet.addrs4} pigstarter IN A ${nets.internet.ip4.addr}
gold IN A ${head nets.internet.addrs4} gold IN A ${nets.internet.ip4.addr}
boot IN A ${head nets.internet.addrs4} boot IN A ${nets.internet.ip4.addr}
''; '';
}; };
nets = { nets = {
internet = { internet = {
addrs4 = ["192.40.56.122"]; ip4.addr = "192.40.56.122";
addrs6 = ["2604:2880::841f:72c"]; ip6.addr = "2604:2880::841f:72c";
aliases = [ aliases = [
"pigstarter.internet" "pigstarter.internet"
]; ];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.0.153"]; ip4.addr = "10.243.0.153";
addrs6 = ["42:9143:b4c0:f981:6030:7aa2:8bc5:4110"]; ip6.addr = "42:9143:b4c0:f981:6030:7aa2:8bc5:4110";
aliases = [ aliases = [
"pigstarter.retiolum" "pigstarter.retiolum"
]; ];
@ -171,18 +171,18 @@ with config.krebs.lib;
cores = 1; cores = 1;
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
euer IN A ${head nets.internet.addrs4} euer IN A ${nets.internet.ip4.addr}
wiki.euer IN A ${head nets.internet.addrs4} wiki.euer IN A ${nets.internet.ip4.addr}
wry IN A ${head nets.internet.addrs4} wry IN A ${nets.internet.ip4.addr}
io IN NS wry.krebsco.de. io IN NS wry.krebsco.de.
graphs IN A ${head nets.internet.addrs4} graphs IN A ${nets.internet.ip4.addr}
paste 60 IN A ${head nets.internet.addrs4} paste 60 IN A ${nets.internet.ip4.addr}
tinc IN A ${head nets.internet.addrs4} tinc IN A ${nets.internet.ip4.addr}
''; '';
}; };
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["104.233.87.86"]; ip4.addr = "104.233.87.86";
aliases = [ aliases = [
"wry.internet" "wry.internet"
"paste.internet" "paste.internet"
@ -190,8 +190,8 @@ with config.krebs.lib;
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.29.169"]; ip4.addr = "10.243.29.169";
addrs6 = ["42:6e1e:cc8a:7cef:827:f938:8c64:baad"]; ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad";
aliases = [ aliases = [
"graphs.wry.retiolum" "graphs.wry.retiolum"
"graphs.retiolum" "graphs.retiolum"
@ -228,8 +228,8 @@ with config.krebs.lib;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.153.102"]; ip4.addr = "10.243.153.102";
addrs6 = ["42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"]; ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0";
aliases = [ aliases = [
"filepimp.retiolum" "filepimp.retiolum"
]; ];
@ -252,8 +252,8 @@ with config.krebs.lib;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.89"]; ip4.addr = "10.243.0.89";
addrs6 = ["42:f9f0::10"]; ip6.addr = "42:f9f0::10";
aliases = [ aliases = [
"omo.retiolum" "omo.retiolum"
"omo.r" "omo.r"
@ -277,8 +277,8 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.214.15"]; ip4.addr = "10.243.214.15";
addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"]; ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732";
aliases = [ aliases = [
"wbob.retiolum" "wbob.retiolum"
]; ];
@ -301,24 +301,24 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
share.euer IN A ${head nets.internet.addrs4} share.euer IN A ${nets.internet.ip4.addr}
mattermost.euer IN A ${head nets.internet.addrs4} mattermost.euer IN A ${nets.internet.ip4.addr}
git.euer IN A ${head nets.internet.addrs4} git.euer IN A ${nets.internet.ip4.addr}
gum IN A ${head nets.internet.addrs4} gum IN A ${nets.internet.ip4.addr}
cgit.euer IN A ${head nets.internet.addrs4} cgit.euer IN A ${nets.internet.ip4.addr}
''; '';
}; };
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["195.154.108.70"]; ip4.addr = "195.154.108.70";
aliases = [ aliases = [
"gum.internet" "gum.internet"
]; ];
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.0.211"]; ip4.addr = "10.243.0.211";
addrs6 = ["42:f9f0:0000:0000:0000:0000:0000:70d2"]; ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2";
aliases = [ aliases = [
"gum.r" "gum.r"
"gum.retiolum" "gum.retiolum"
@ -346,20 +346,20 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
mediengewitter IN A ${head nets.internet.addrs4} mediengewitter IN A ${nets.internet.ip4.addr}
flap IN A ${head nets.internet.addrs4} flap IN A ${nets.internet.ip4.addr}
''; '';
}; };
nets = { nets = {
internet = { internet = {
addrs4 = ["162.248.11.162"]; ip4.addr = "162.248.11.162";
aliases = [ aliases = [
"flap.internet" "flap.internet"
]; ];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.211.172"]; ip4.addr = "10.243.211.172";
addrs6 = ["42:472a:3d01:bbe4:4425:567e:592b:065d"]; ip6.addr = "42:472a:3d01:bbe4:4425:567e:592b:065d";
aliases = [ aliases = [
"flap.retiolum" "flap.retiolum"
"flap.r" "flap.r"
@ -382,8 +382,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.231.219"]; ip4.addr = "10.243.231.219";
addrs6 = ["42:f7bf:178d:4b68:1c1b:42e8:6b27:6a72"]; ip6.addr = "42:f7bf:178d:4b68:1c1b:42e8:6b27:6a72";
aliases = [ aliases = [
"nukular.r" "nukular.r"
]; ];
@ -405,8 +405,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.124.21"]; ip4.addr = "10.243.124.21";
addrs6 = ["42:9898:a8be:ce56:0ee3:b99c:42c5:109e"]; ip6.addr = "42:9898:a8be:ce56:0ee3:b99c:42c5:109e";
aliases = [ aliases = [
"heidi.r" "heidi.r"
]; ];
@ -428,7 +428,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.69.184"]; ip4.addr = "10.243.69.184";
aliases = [ aliases = [
"soundflower.r" "soundflower.r"
]; ];
@ -450,7 +450,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.120.19"]; ip4.addr = "10.243.120.19";
aliases = [ aliases = [
"falk.r" "falk.r"
]; ];
@ -472,8 +472,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 4; cores = 4;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.189.130"]; ip4.addr = "10.243.189.130";
addrs6 = ["42:c64e:011f:9755:31e1:c3e6:73c0:af2d"]; ip6.addr = "42:c64e:011f:9755:31e1:c3e6:73c0:af2d";
aliases = [ aliases = [
"filebitch.r" "filebitch.r"
]; ];
@ -495,8 +495,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.26.29"]; ip4.addr = "10.243.26.29";
addrs6 = ["42:927a:3d59:1cb3:29d6:1a08:78d3:812e"]; ip6.addr = "42:927a:3d59:1cb3:29d6:1a08:78d3:812e";
aliases = [ aliases = [
"excobridge.r" "excobridge.r"
]; ];
@ -518,14 +518,14 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
internet = { internet = {
addrs4 = ["148.251.47.69"]; ip4.addr = "148.251.47.69";
aliases = [ aliases = [
"wooki.internet" "wooki.internet"
]; ];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.57.85"]; ip4.addr = "10.243.57.85";
addrs6 = ["42:2f06:b899:a3b5:1dcf:51a4:a02b:8731"]; ip6.addr = "42:2f06:b899:a3b5:1dcf:51a4:a02b:8731";
aliases = [ aliases = [
"wooki.r" "wooki.r"
]; ];
@ -547,8 +547,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 2; cores = 2;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.0.163"]; ip4.addr = "10.243.0.163";
addrs6 = ["42:b67b:5752:a730:5f28:d80d:6b37:5bda/128"]; ip6.addr = "42:b67b:5752:a730:5f28:d80d:6b37:5bda/128";
aliases = [ aliases = [
"senderechner.r" "senderechner.r"
]; ];
@ -570,14 +570,14 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB
cores = 1; cores = 1;
nets = { nets = {
internet = { internet = {
addrs4 = ["217.160.206.154"]; ip4.addr = "217.160.206.154";
aliases = [ aliases = [
"muhbaasu.internet" "muhbaasu.internet"
]; ];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.139.184"]; ip4.addr = "10.243.139.184";
addrs6 = ["42:d568:6106:ba30:753b:0f2a:8225:b1fb"]; ip6.addr = "42:d568:6106:ba30:753b:0f2a:8225:b1fb";
aliases = [ aliases = [
"muhbaasu.r" "muhbaasu.r"
]; ];

4
krebs/3modules/miefda/default.nix
View File

@ -8,8 +8,8 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.111.112"]; ip4.addr = "10.243.111.112";
addrs6 = ["42:0:0:0:0:0:111:112"]; ip6.addr = "42:0:0:0:0:0:111:112";
aliases = [ aliases = [
"bobby.retiolum" "bobby.retiolum"
"cgit.bobby.retiolum" "cgit.bobby.retiolum"

4
krebs/3modules/mv/default.nix
View File

@ -8,8 +8,8 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.111.111"]; ip4.addr = "10.243.111.111";
addrs6 = ["42:0:0:0:0:0:111:111"]; ip6.addr = "42:0:0:0:0:0:111:111";
aliases = [ aliases = [
"stro.retiolum" "stro.retiolum"
"cgit.stro.retiolum" "cgit.stro.retiolum"

83
krebs/3modules/retiolum.nix
View File

@ -11,26 +11,13 @@ let
api = { api = {
enable = mkEnableOption "krebs.retiolum"; enable = mkEnableOption "krebs.retiolum";
name = mkOption { host = mkOption {
type = types.str; type = types.host;
default = config.networking.hostName; default = config.krebs.build.host;
# Description stolen from tinc.conf(5).
description = ''
This is the name which identifies this tinc daemon. It must
be unique for the virtual private network this daemon will
connect to. The Name may only consist of alphanumeric and
underscore characters. If Name starts with a $, then the
contents of the environment variable that follows will be
used. In that case, invalid characters will be converted to
underscores. If Name is $HOST, but no such environment
variable exist, the hostname will be read using the
gethostnname() system call This is the name which identifies
the this tinc daemon.
'';
}; };
netname = mkOption { netname = mkOption {
type = types.str; type = types.hostname;
default = "retiolum"; default = "retiolum";
description = '' description = ''
The tinc network name. The tinc network name.
@ -157,46 +144,34 @@ let
uid = genid name; uid = genid name;
}; };
net = cfg.host.nets.${cfg.netname};
tinc = cfg.tincPackage; tinc = cfg.tincPackage;
iproute = cfg.iproutePackage; iproute = cfg.iproutePackage;
confDir = pkgs.runCommand "retiolum" { confDir = let
# TODO text namePathPair = name: path: { inherit name path; };
executable = true; in pkgs.linkFarm "${cfg.netname}-etc-tinc" (mapAttrsToList namePathPair {
preferLocalBuild = true; "hosts" = cfg.hostsPackage;
} '' "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" ''
set -euf Name = ${cfg.host.name}
Interface = ${cfg.netname}
mkdir -p $out ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)}
PrivateKeyFile = /tmp/retiolum-rsa_key.priv
ln -s ${cfg.hostsPackage} $out/hosts ${cfg.extraConfig}
'';
cat > $out/tinc.conf <<EOF "tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" ''
Name = ${cfg.name} ${iproute}/sbin/ip link set ${cfg.netname} up
Device = /dev/net/tun ${optionalString (net.ip4 != null) ''
Interface = ${cfg.netname} ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname}
${concatStrings (map (c : "ConnectTo = " + c + "\n") cfg.connectTo)} ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname}
PrivateKeyFile = /tmp/retiolum-rsa_key.priv ''}
${cfg.extraConfig} ${optionalString (net.ip6 != null) ''
EOF ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname}
${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname}
# source: krebscode/painload/retiolum/scripts/tinc_setup/tinc-up ''}
cat > $out/tinc-up <<EOF '';
host=$out/hosts/${cfg.name} });
${iproute}/sbin/ip link set \$INTERFACE up
addr4=\$(sed -n 's|^ *Subnet *= *\(10[.][^ ]*\) *$|\1|p' \$host)
if [ -n "\$addr4" ];then
${iproute}/sbin/ip -4 addr add \$addr4 dev \$INTERFACE
${iproute}/sbin/ip -4 route add 10.243.0.0/16 dev \$INTERFACE
fi
addr6=\$(sed -n 's|^ *Subnet *= *\(42[:][^ ]*\) *$|\1|p' \$host)
${iproute}/sbin/ip -6 addr add \$addr6 dev \$INTERFACE
${iproute}/sbin/ip -6 route add 42::/16 dev \$INTERFACE
EOF
chmod +x $out/tinc-up
'';
in out in out

10
krebs/3modules/shared/default.nix
View File

@ -12,8 +12,8 @@ let
cores = 1; cores = 1;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.111.111"]; ip4.addr = "10.243.111.111";
addrs6 = ["42:0:0:0:0:0:0:7357"]; ip6.addr = "42:0:0:0:0:0:0:7357";
aliases = [ aliases = [
"test.r" "test.r"
"test.retiolum" "test.retiolum"
@ -36,7 +36,7 @@ in {
wolf = { wolf = {
nets = { nets = {
shack = { shack = {
addrs4 = [ "10.42.2.150" ]; ip4.addr = "10.42.2.150" ;
aliases = [ aliases = [
"wolf.shack" "wolf.shack"
"graphite.shack" "graphite.shack"
@ -45,8 +45,8 @@ in {
]; ];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.77.1"]; ip4.addr = "10.243.77.1";
addrs6 = ["42:0:0:0:0:0:77:1"]; ip6.addr = "42:0:0:0:0:0:77:1";
aliases = [ aliases = [
"wolf.retiolum" "wolf.retiolum"
"cgit.wolf.retiolum" "cgit.wolf.retiolum"

74
krebs/3modules/tv/default.nix
View File

@ -13,15 +13,15 @@ with config.krebs.lib;
# TODO generate krebsco.de zone from nets and don't use extraZones at all # TODO generate krebsco.de zone from nets and don't use extraZones at all
"krebsco.de" = '' "krebsco.de" = ''
krebsco.de. 60 IN MX 5 mx23 krebsco.de. 60 IN MX 5 mx23
mx23 60 IN A ${elemAt nets.internet.addrs4 0} mx23 60 IN A ${nets.internet.ip4.addr}
cd 60 IN A ${elemAt nets.internet.addrs4 0} cd 60 IN A ${nets.internet.ip4.addr}
cgit 60 IN A ${elemAt nets.internet.addrs4 0} cgit 60 IN A ${nets.internet.ip4.addr}
cgit.cd 60 IN A ${elemAt nets.internet.addrs4 0} cgit.cd 60 IN A ${nets.internet.ip4.addr}
''; '';
}; };
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["162.219.7.216"]; ip4.addr = "162.219.7.216";
aliases = [ aliases = [
"cd.i" "cd.i"
"cd.internet" "cd.internet"
@ -34,8 +34,8 @@ with config.krebs.lib;
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.113.222"]; ip4.addr = "10.243.113.222";
addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af3"]; ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af3";
aliases = [ aliases = [
"cd.r" "cd.r"
"cd.retiolum" "cd.retiolum"
@ -66,7 +66,7 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["45.62.237.203"]; ip4.addr = "45.62.237.203";
aliases = [ aliases = [
"doppelbock.i" "doppelbock.i"
"doppelbock.internet" "doppelbock.internet"
@ -74,8 +74,8 @@ with config.krebs.lib;
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.113.224"]; ip4.addr = "10.243.113.224";
addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af5"]; ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af5";
aliases = [ aliases = [
"doppelbock.r" "doppelbock.r"
"doppelbock.retiolum" "doppelbock.retiolum"
@ -101,7 +101,7 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["104.167.114.142"]; ip4.addr = "104.167.114.142";
aliases = [ aliases = [
"mkdir.i" "mkdir.i"
"mkdir.internet" "mkdir.internet"
@ -109,8 +109,8 @@ with config.krebs.lib;
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.113.223"]; ip4.addr = "10.243.113.223";
addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af4"]; ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af4";
aliases = [ aliases = [
"mkdir.r" "mkdir.r"
"mkdir.retiolum" "mkdir.retiolum"
@ -136,12 +136,12 @@ with config.krebs.lib;
extraZones = { extraZones = {
# TODO generate krebsco.de zone from nets and don't use extraZones at all # TODO generate krebsco.de zone from nets and don't use extraZones at all
"krebsco.de" = '' "krebsco.de" = ''
ire 60 IN A ${elemAt nets.internet.addrs4 0} ire 60 IN A ${nets.internet.ip4.addr}
''; '';
}; };
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["198.147.22.115"]; ip4.addr = "198.147.22.115";
aliases = [ aliases = [
"ire.i" "ire.i"
"ire.internet" "ire.internet"
@ -151,8 +151,8 @@ with config.krebs.lib;
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.231.66"]; ip4.addr = "10.243.231.66";
addrs6 = ["42:b912:0f42:a82d:0d27:8610:e89b:490c"]; ip6.addr = "42:b912:0f42:a82d:0d27:8610:e89b:490c";
aliases = [ aliases = [
"ire.r" "ire.r"
"ire.retiolum" "ire.retiolum"
@ -175,7 +175,7 @@ with config.krebs.lib;
kaepsele = { kaepsele = {
nets = { nets = {
internet = { internet = {
addrs4 = ["92.222.10.169"]; ip4.addr = "92.222.10.169";
aliases = [ aliases = [
"kaepsele.i" "kaepsele.i"
"kaepsele.internet" "kaepsele.internet"
@ -183,8 +183,8 @@ with config.krebs.lib;
]; ];
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.166.2"]; ip4.addr = "10.243.166.2";
addrs6 = ["42:0b9d:6660:d07c:2bb7:4e91:1a01:2e7d"]; ip6.addr = "42:0b9d:6660:d07c:2bb7:4e91:1a01:2e7d";
aliases = [ aliases = [
"kaepsele.r" "kaepsele.r"
"kaepsele.retiolum" "kaepsele.retiolum"
@ -207,8 +207,8 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = { nets = {
retiolum = { retiolum = {
addrs4 = ["10.243.20.1"]; ip4.addr = "10.243.20.1";
addrs6 = ["42:0:0:0:0:0:0:2001"]; ip6.addr = "42:0:0:0:0:0:0:2001";
aliases = [ aliases = [
"mu.r" "mu.r"
"mu.retiolum" "mu.retiolum"
@ -232,13 +232,13 @@ with config.krebs.lib;
cores = 2; cores = 2;
nets = rec { nets = rec {
gg23 = { gg23 = {
addrs4 = ["10.23.1.110"]; ip4.addr = "10.23.1.110";
aliases = ["nomic.gg23"]; aliases = ["nomic.gg23"];
ssh.port = 11423; ssh.port = 11423;
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.0.110"]; ip4.addr = "10.243.0.110";
addrs6 = ["42:02d5:733f:d6da:c0f5:2bb7:2b18:09ec"]; ip6.addr = "42:02d5:733f:d6da:c0f5:2bb7:2b18:09ec";
aliases = [ aliases = [
"nomic.r" "nomic.r"
"nomic.retiolum" "nomic.retiolum"
@ -264,7 +264,7 @@ with config.krebs.lib;
ok = { ok = {
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.1"]; ip4.addr = "10.23.1.1";
aliases = ["ok.gg23"]; aliases = ["ok.gg23"];
}; };
}; };
@ -273,7 +273,7 @@ with config.krebs.lib;
cores = 1; cores = 1;
nets = rec { nets = rec {
internet = { internet = {
addrs4 = ["167.88.34.182"]; ip4.addr = "167.88.34.182";
aliases = [ aliases = [
"rmdir.i" "rmdir.i"
"rmdir.internet" "rmdir.internet"
@ -281,8 +281,8 @@ with config.krebs.lib;
}; };
retiolum = { retiolum = {
via = internet; via = internet;
addrs4 = ["10.243.113.224"]; ip4.addr = "10.243.113.224";
addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af5"]; ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af5";
aliases = [ aliases = [
"rmdir.r" "rmdir.r"
"rmdir.retiolum" "rmdir.retiolum"
@ -307,7 +307,7 @@ with config.krebs.lib;
schnabeldrucker = { schnabeldrucker = {
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.21"]; ip4.addr = "10.23.1.21";
aliases = ["schnabeldrucker.gg23"]; aliases = ["schnabeldrucker.gg23"];
}; };
}; };
@ -315,7 +315,7 @@ with config.krebs.lib;
schnabelscanner = { schnabelscanner = {
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.22"]; ip4.addr = "10.23.1.22";
aliases = ["schnabelscanner.gg23"]; aliases = ["schnabelscanner.gg23"];
}; };
}; };
@ -324,7 +324,7 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.37"]; ip4.addr = "10.23.1.37";
aliases = [ aliases = [
"wu.gg23" "wu.gg23"
"cache.wu.gg23" "cache.wu.gg23"
@ -332,8 +332,8 @@ with config.krebs.lib;
ssh.port = 11423; ssh.port = 11423;
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.13.37"]; ip4.addr = "10.243.13.37";
addrs6 = ["42:0:0:0:0:0:0:1337"]; ip6.addr = "42:0:0:0:0:0:0:1337";
aliases = [ aliases = [
"wu.r" "wu.r"
"wu.retiolum" "wu.retiolum"
@ -360,13 +360,13 @@ with config.krebs.lib;
cores = 4; cores = 4;
nets = { nets = {
gg23 = { gg23 = {
addrs4 = ["10.23.1.38"]; ip4.addr = "10.23.1.38";
aliases = ["xu.gg23"]; aliases = ["xu.gg23"];
ssh.port = 11423; ssh.port = 11423;
}; };
retiolum = { retiolum = {
addrs4 = ["10.243.13.38"]; ip4.addr = "10.243.13.38";
addrs6 = ["42:0:0:0:0:0:0:1338"]; ip6.addr = "42:0:0:0:0:0:0:1338";
aliases = [ aliases = [
"xu.r" "xu.r"
"xu.retiolum" "xu.retiolum"

48
krebs/4lib/types.nix
View File

@ -63,28 +63,56 @@ types // rec {
net = submodule ({ config, ... }: { net = submodule ({ config, ... }: {
options = { options = {
name = mkOption {
type = label;
default = config._module.args.name;
};
via = mkOption { via = mkOption {
type = nullOr net; type = nullOr net;
default = null; default = null;
}; };
addrs = mkOption { addrs = mkOption {
type = listOf addr; type = listOf addr;
default = config.addrs4 ++ config.addrs6; default =
# TODO only default addrs make sense optional (config.ip4 != null) config.ip4.addr ++
}; optional (config.ip6 != null) config.ip6.addr;
addrs4 = mkOption { readOnly = true;
type = listOf addr4;
default = [];
};
addrs6 = mkOption {
type = listOf addr6;
default = [];
}; };
aliases = mkOption { aliases = mkOption {
# TODO nonEmptyListOf hostname # TODO nonEmptyListOf hostname
type = listOf hostname; type = listOf hostname;
default = []; default = [];
}; };
ip4 = mkOption {
type = nullOr (submodule {
options = {
addr = mkOption {
type = addr4;
};
prefix = mkOption ({
type = str; # TODO routing prefix (CIDR)
} // optionalAttrs (config.name == "retiolum") {
default = "10.243.0.0/16";
});
};
});
default = null;
};
ip6 = mkOption {
type = nullOr (submodule {
options = {
addr = mkOption {
type = addr6;
};
prefix = mkOption ({
type = str; # TODO routing prefix (CIDR)
} // optionalAttrs (config.name == "retiolum") {
default = "42::/16";
});
};
});
default = null;
};
ssh = mkOption { ssh = mkOption {
type = submodule { type = submodule {
options = { options = {

3
lass/1systems/cloudkrebs.nix
View File

@ -2,9 +2,8 @@
let let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
ip = (head config.krebs.build.host.nets.internet.addrs4); ip = config.krebs.build.host.nets.internet.ip4.addr;
in { in {
imports = [ imports = [
../. ../.

3
lass/1systems/echelon.nix
View File

@ -2,9 +2,8 @@
let let
inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway; inherit (import ../4lib { inherit pkgs lib; }) getDefaultGateway;
inherit (lib) head;
ip = (head config.krebs.build.host.nets.internet.addrs4); ip = config.krebs.build.host.nets.internet.ip4.addr;
in { in {
imports = [ imports = [
../. ../.

4
lass/1systems/prism.nix
View File

@ -1,9 +1,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
inherit (lib) head; ip = config.krebs.build.host.nets.internet.ip4.addr;
ip = (head config.krebs.build.host.nets.internet.addrs4);
in { in {
imports = [ imports = [
../. ../.

3
lass/2configs/privoxy-retiolum.nix
View File

@ -1,8 +1,7 @@
{ config, lib, ... }: { config, lib, ... }:
let let
r_ip = (head config.krebs.build.host.nets.retiolum.addrs4); r_ip = config.krebs.build.host.nets.retiolum.ip4.addr;
inherit (lib) head;
in { in {
imports = [ imports = [

2
lass/3modules/static_nginx.nix
View File

@ -54,7 +54,7 @@ let
user = config.services.nginx.user; user = config.services.nginx.user;
group = config.services.nginx.group; group = config.services.nginx.group;
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
imp = { imp = {
krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ssl, ... }: { krebs.nginx.servers = flip mapAttrs cfg ( name: { domain, folder, ssl, ... }: {

4
makefu/1systems/gum.nix
View File

@ -2,8 +2,8 @@
with config.krebs.lib; with config.krebs.lib;
let let
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in { in {
imports = [ imports = [
../. ../.

4
makefu/1systems/wry.nix
View File

@ -3,8 +3,8 @@
with config.krebs.lib; with config.krebs.lib;
let let
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in { in {
imports = [ imports = [
../. ../.

2
makefu/2configs/deployment/mycube.connector.one.nix
View File

@ -3,7 +3,7 @@
with config.krebs.lib; with config.krebs.lib;
let let
hostname = config.krebs.build.host.name; hostname = config.krebs.build.host.name;
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock"; wsgi-sock = "${config.services.uwsgi.runDir}/uwsgi.sock";
in { in {
services.redis.enable = true; services.redis.enable = true;

2
makefu/2configs/iodined.nix
View File

@ -10,7 +10,7 @@ in {
enable = true; enable = true;
domain = domain; domain = domain;
ip = "172.16.10.1/24"; ip = "172.16.10.1/24";
extraConfig = "-P ${pw} -l ${pkgs.lib.head config.krebs.build.host.nets.internet.addrs4}"; extraConfig = "-P ${pw} -l ${config.krebs.build.host.nets.internet.ip4.addr}";
}; };
} }

4
makefu/2configs/nginx/euer.blog.nix
View File

@ -8,8 +8,8 @@ let
hostname = config.krebs.build.host.name; hostname = config.krebs.build.host.name;
user = config.services.nginx.user; user = config.services.nginx.user;
group = config.services.nginx.group; group = config.services.nginx.group;
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
base-dir = "/var/www/blog.euer"; base-dir = "/var/www/blog.euer";
in { in {
# Prepare Blog directory # Prepare Blog directory

4
makefu/2configs/nginx/euer.test.nix
View File

@ -5,8 +5,8 @@ let
hostname = config.krebs.build.host.name; hostname = config.krebs.build.host.name;
user = config.services.nginx.user; user = config.services.nginx.user;
group = config.services.nginx.group; group = config.services.nginx.group;
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in { in {
krebs.nginx = { krebs.nginx = {
enable = mkDefault true; enable = mkDefault true;

4
makefu/2configs/nginx/euer.wiki.nix
View File

@ -18,8 +18,8 @@ let
# user1 = pass1 # user1 = pass1
# userN = passN # userN = passN
tw-pass-file = "${sec}/tw-pass.ini"; tw-pass-file = "${sec}/tw-pass.ini";
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in { in {
services.phpfpm = { services.phpfpm = {
# phpfpm does not have an enable option # phpfpm does not have an enable option

2
makefu/2configs/nginx/update.connector.one.nix
View File

@ -3,7 +3,7 @@
with config.krebs.lib; with config.krebs.lib;
let let
hostname = config.krebs.build.host.name; hostname = config.krebs.build.host.name;
external-ip = head config.krebs.build.host.nets.internet.addrs4; external-ip = config.krebs.build.host.nets.internet.ip4.addr;
in { in {
krebs.nginx = { krebs.nginx = {
enable = mkDefault true; enable = mkDefault true;

2
makefu/2configs/omo-share.nix
View File

@ -5,7 +5,7 @@ let
hostname = config.krebs.build.host.name; hostname = config.krebs.build.host.name;
# TODO local-ip from the nets config # TODO local-ip from the nets config
local-ip = "192.168.1.11"; local-ip = "192.168.1.11";
# local-ip = head config.krebs.build.host.nets.retiolum.addrs4; # local-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in { in {
krebs.nginx = { krebs.nginx = {
enable = mkDefault true; enable = mkDefault true;

4
shared/1systems/wolf.nix
View File

@ -1,8 +1,8 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
shack-ip = lib.head config.krebs.build.host.nets.shack.addrs4; shack-ip = config.krebs.build.host.nets.shack.ip4.addr;
internal-ip = lib.head config.krebs.build.host.nets.retiolum.addrs4; internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
in in
{ {
imports = [ imports = [

4
tv/1systems/doppelbock.nix
View File

@ -13,8 +13,8 @@ with config.krebs.lib;
networking = { networking = {
interfaces.enp2s1.ip4 = singleton { interfaces.enp2s1.ip4 = singleton {
address = let address = let
addr4 = "45.62.237.203"; addr = "45.62.237.203";
in assert config.krebs.build.host.nets.internet.addrs4 == [addr4]; addr4; in assert config.krebs.build.host.nets.internet.ip4.addr == addr; addr;
prefixLength = 24; prefixLength = 24;
}; };
defaultGateway = "45.62.237.1"; defaultGateway = "45.62.237.1";

11
tv/1systems/mkdir.nix
View File

@ -7,12 +7,7 @@ let
getDefaultGateway = ip: getDefaultGateway = ip:
concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]); concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]);
primary-addr4 = config.krebs.build.host.nets.internet.ip4.addr;
primary-addr4 =
builtins.elemAt config.krebs.build.host.nets.internet.addrs4 0;
#secondary-addr4 =
# builtins.elemAt config.krebs.build.host.nets.internet.addrs4 1;
in in
{ {
@ -55,10 +50,6 @@ in
address = primary-addr4; address = primary-addr4;
prefixLength = 24; prefixLength = 24;
} }
#{
# address = secondary-addr4;
# prefixLength = 24;
#}
]; ];
# TODO define gateway in krebs/3modules/default.nix # TODO define gateway in krebs/3modules/default.nix

7
tv/1systems/rmdir.nix
View File

@ -7,12 +7,7 @@ let
getDefaultGateway = ip: getDefaultGateway = ip:
concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]); concatStringsSep "." (take 3 (splitString "." ip) ++ ["1"]);
primary-addr4 = config.krebs.build.host.nets.internet.ip4.addr;
primary-addr4 =
builtins.elemAt config.krebs.build.host.nets.internet.addrs4 0;
#secondary-addr4 =
# builtins.elemAt config.krebs.build.host.nets.internet.addrs4 1;
in in
{ {

2
tv/2configs/exim-smarthost.nix
View File

@ -13,7 +13,7 @@ with config.krebs.lib;
"shackspace.de" "shackspace.de"
"viljetic.de" "viljetic.de"
]; ];
relay_from_hosts = concatMap (host: host.nets.retiolum.addrs4) [ relay_from_hosts = concatMap (host: host.nets.retiolum.ip4.addr) [
config.krebs.hosts.nomic config.krebs.hosts.nomic
config.krebs.hosts.wu config.krebs.hosts.wu
config.krebs.hosts.xu config.krebs.hosts.xu

9
tv/3modules/charybdis/config.nix
View File

@ -56,9 +56,9 @@ in toFile "charybdis.conf" ''
/* On multi-homed hosts you may need the following. These define /* On multi-homed hosts you may need the following. These define
* the addresses we connect from to other servers. */ * the addresses we connect from to other servers. */
/* for IPv4 */ /* for IPv4 */
vhost = ${concatMapStringsSep ", " toJSON config.krebs.build.host.nets.retiolum.addrs4}; vhost = ${toJSON config.krebs.build.host.nets.retiolum.ip4.addr};
/* for IPv6 */ /* for IPv6 */
vhost6 = ${concatMapStringsSep ", " toJSON config.krebs.build.host.nets.retiolum.addrs6}; vhost6 = ${toJSON config.krebs.build.host.nets.retiolum.ip6.addr};
/* ssl_private_key: our ssl private key */ /* ssl_private_key: our ssl private key */
ssl_private_key = ${toJSON cfg.ssl_private_key.path}; ssl_private_key = ${toJSON cfg.ssl_private_key.path};
@ -160,10 +160,7 @@ in toFile "charybdis.conf" ''
/* If you want to listen on a specific IP only, specify host. /* If you want to listen on a specific IP only, specify host.
* host definitions apply only to the following port line. * host definitions apply only to the following port line.
*/ */
# XXX This is stupid because only one host is allowed[?] #host = ${toJSON config.krebs.build.host.nets.retiolum.ip4.addr};
#host = ''${concatMapStringsSep ", " toJSON (
# config.krebs.build.host.nets.retiolum.addrs
#)};
port = ${toString cfg.port}; port = ${toString cfg.port};
sslport = ${toString cfg.sslport}; sslport = ${toString cfg.sslport};
}; };