Restructure values file to separate hosts from services

This commit is contained in:
h7x4 2023-01-21 19:51:10 +01:00
parent cb403a7aeb
commit ad75cb0c88
No known key found for this signature in database
GPG Key ID: 9F2F7D8250F35146
6 changed files with 37 additions and 33 deletions

View File

@ -10,7 +10,7 @@
networking.search = [ "pvv.ntnu.no" "pvv.org" ];
networking.nameservers = lib.mkDefault [ "129.241.0.200" "129.241.0.201" ];
networking.tempAddresses = lib.mkDefault "disabled";
networking.defaultGateway = values.gateway;
networking.defaultGateway = values.hosts.gateway;
services.resolved = {
enable = true;

View File

@ -25,7 +25,7 @@
networking.interfaces.ens18.ipv4 = {
addresses = [
{
address = values.ildkule.ipv4;
address = values.hosts.ildkule.ipv4;
prefixLength = 25;
}
];
@ -33,7 +33,7 @@
networking.interfaces.ens18.ipv6 = {
addresses = [
{
address = values.ildkule.ipv6;
address = values.hosts.ildkule.ipv6;
prefixLength = 64;
}
];

View File

@ -29,11 +29,11 @@
networking.interfaces.ens18.ipv4 = {
addresses = [
{
address = values.jokum.ipv4;
address = values.hosts.jokum.ipv4;
prefixLength = 25;
}
{
address = values.turn.ipv4;
address = values.services.turn.ipv4;
prefixLength = 25;
}
];
@ -41,11 +41,11 @@
networking.interfaces.ens18.ipv6 = {
addresses = [
{
address = values.jokum.ipv6;
address = values.hosts.jokum.ipv6;
prefixLength = 64;
}
{
address = values.turn.ipv6;
address = values.services.turn.ipv6;
prefixLength = 64;
}
];

View File

@ -183,8 +183,8 @@ in {
(metricsPath v) ({
proxyPass = proxyPath v;
extraConfig = ''
allow ${values.ildkule.ipv4};
allow ${values.ildkule.ipv6};
allow ${values.hosts.ildkule.ipv4};
allow ${values.hosts.ildkule.ipv6};
deny all;
'';
}))
@ -194,8 +194,8 @@ in {
locations."/metrics/master/1" = {
proxyPass = "http://127.0.0.1:9000/_synapse/metrics";
extraConfig = ''
allow ${values.ildkule.ipv4};
allow ${values.ildkule.ipv6};
allow ${values.hosts.ildkule.ipv4};
allow ${values.hosts.ildkule.ipv6};
deny all;
'';
};

View File

@ -10,8 +10,8 @@
systemd.services.prometheus-node-exporter.serviceConfig = {
IPAddressDeny = "any";
IPAddressAllow = [
values.ildkule.ipv4
values.ildkule.ipv6
values.hosts.ildkule.ipv4
values.hosts.ildkule.ipv6
];
};

View File

@ -1,25 +1,29 @@
# Feel free to change the structure of this file
rec {
gateway = "129.241.210.129";
jokum = {
ipv4 = "129.241.210.169";
ipv6 = "2001:700:300:1900::169";
};
let
pvv-ipv4 = suffix: "129.241.210.${toString suffix}";
pvv-ipv6 = suffix: "2001:700:300:1900::${toString suffix}";
in rec {
services = {
matrix = {
ipv4 = jokum.ipv4;
ipv6 = jokum.ipv6;
ipv4 = hosts.jokum.ipv4;
ipv6 = hosts.jokum.ipv6;
};
# Also on jokum
turn = {
ipv4 = "129.241.210.213";
ipv6 = "2001:700:300:1900::213";
ipv4 = pvv-ipv4 213;
ipv6 = pvv-ipv6 213;
};
};
hosts = {
gateway = pvv-ipv4 129;
jokum = {
ipv4 = pvv-ipv4 169;
ipv6 = pvv-ipv6 169;
};
ildkule = {
ipv4 = "129.241.210.187";
ipv6 = "2001:700:300:1900::1:187";
ipv4 = pvv-ipv4 187;
ipv6 = pvv-ipv6 "1:187";
};
};
}