From c6ca11062ab3a1e2f6903a08ba57bf394bfa05e3 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 28 Oct 2015 15:06:41 +0100 Subject: [PATCH] m 1 gum: prepare stockholm --- krebs/3modules/makefu/default.nix | 3 ++- makefu/1systems/gum.nix | 44 +++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 makefu/1systems/gum.nix diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index e36a083f2..7c0aacbb7 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -214,9 +214,10 @@ with lib; extraZones = { "krebsco.de" = '' - omo IN A ${head nets.internet.addrs4} euer IN A ${head nets.internet.addrs4} + euer.blog IN A ${head nets.internet.addrs4} gum IN A ${head nets.internet.addrs4} + euer.wiki IN A ${head nets.internet.addrs4} ''; }; nets = { diff --git a/makefu/1systems/gum.nix b/makefu/1systems/gum.nix new file mode 100644 index 000000000..c4fa064b3 --- /dev/null +++ b/makefu/1systems/gum.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + external-ip = head config.krebs.build.host.nets.internet.addrs4; + internal-ip = head config.krebs.build.host.nets.retiolum.addrs4; +in { + imports = [ + # TODO: copy this config or move to krebs + ../2configs/base.nix + ../2configs/base-sources.nix + ../2configs/tinc-basic-retiolum.nix + ../2configs/headless.nix + # ../2configs/iodined.nix + + # Reaktor + ../2configs/Reaktor/simpleExtend.nix + ]; + + krebs.build = { + user = config.krebs.users.makefu; + target = "root@gum.krebsco.de"; + host = config.krebs.hosts.gum; + }; + + krebs.Reaktor.enable = true; + + # prepare graphs + krebs.nginx.enable = true; + + networking = { + firewall.allowPing = true; + firewall.allowedTCPPorts = [ 80 443 655 ]; + firewall.allowedUDPPorts = [ 655 ]; + interfaces.enp2s1.ip4 = [{ + address = external-ip; + prefixLength = 24; + }]; + defaultGateway = "195.154.108.1"; + nameservers = [ "8.8.8.8" ]; + }; + + # based on ../../tv/2configs/CAC-Developer-2.nix +}