Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

m 1,2 : wry serves as iodine entry point

Browse Source
This commit is contained in:
makefu 2015-10-19 23:46:10 +02:00
parent 8d3ebfc096
commit ded0821d9b
4 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
krebs/3modules/makefu/default.nix
View File

@ -127,7 +127,6 @@ with import ../../4lib { inherit lib; };
"krebsco.de" = '' "krebsco.de" = ''
IN MX 10 mx42 IN MX 10 mx42
euer IN MX 1 aspmx.l.google.com. euer IN MX 1 aspmx.l.google.com.
io IN NS pigstarter.krebsco.de.
pigstarter IN A ${head nets.internet.addrs4} pigstarter IN A ${head nets.internet.addrs4}
gold IN A ${head nets.internet.addrs4} gold IN A ${head nets.internet.addrs4}
boot IN A ${head nets.internet.addrs4}''; boot IN A ${head nets.internet.addrs4}'';
@ -165,6 +164,7 @@ with import ../../4lib { inherit lib; };
extraZones = { extraZones = {
"krebsco.de" = '' "krebsco.de" = ''
wry IN A ${head nets.internet.addrs4} wry IN A ${head nets.internet.addrs4}
io IN NS wry.krebsco.de.
graphs IN A ${head nets.internet.addrs4} graphs IN A ${head nets.internet.addrs4}
tinc IN A ${head nets.internet.addrs4} tinc IN A ${head nets.internet.addrs4}
''; '';

4
makefu/1systems/wry.nix
View File

@ -11,6 +11,8 @@ in {
../2configs/base-sources.nix ../2configs/base-sources.nix
../2configs/tinc-basic-retiolum.nix ../2configs/tinc-basic-retiolum.nix
../2configs/iodined.nix
# Reaktor # Reaktor
../2configs/Reaktor/simpleExtend.nix ../2configs/Reaktor/simpleExtend.nix
]; ];
@ -46,7 +48,7 @@ in {
hostnames_anonymous = [ "graphs.krebsco.de" ]; hostnames_anonymous = [ "graphs.krebsco.de" ];
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 53 80 443 ];
krebs.build = { krebs.build = {
user = config.krebs.users.makefu; user = config.krebs.users.makefu;

6
makefu/2configs/base-sources.nix
View File

@ -3,9 +3,9 @@
{ {
krebs.build.source = { krebs.build.source = {
git.nixpkgs = { git.nixpkgs = {
url = https://github.com/NixOS/nixpkgs; #url = https://github.com/NixOS/nixpkgs;
#url = https://github.com/makefu/nixpkgs; url = https://github.com/makefu/nixpkgs;
rev = "dc18f39bfb2f9d1ba62c7e8ad98544bb15cb26b2"; # nixos-15.09 rev = "78340b042463fd35caa587b0db2e400e5666dbe1"; # nixos-15.09 + cherry-picked iodine
}; };
dir.secrets = { dir.secrets = {

16
makefu/2configs/iodined.nix Normal file
View File

@ -0,0 +1,16 @@
{ services,builtins,environment,pkgs, ... }:
let
# TODO: make this a parameter
domain = "io.krebsco.de";
pw = import <secrets/iodinepw.nix>;
in {
services.iodined = {
enable = true;
domain = domain;
ip = "172.16.10.1/24";
extraConfig = "-P ${pw}";
};
}