voronind/nix
0
0
Fork 0
Code Issues 43 Pull requests Packages Projects Releases Wiki Activity

Move home ip and ula to const.

Browse source
This commit is contained in:
Dmitry Voronin 2025-01-28 14:19:37 +03:00
parent 99d0191e7f
commit c02949e403
Signed by: voronind
SSH key fingerprint: SHA256:3kBb4iV2ahufEBNq+vFbUe4QYfHt98DHQjN7QaptY9k
11 changed files with 26 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/RemoteBuild.nix
View file

@ -89,7 +89,7 @@ in
};
services.openssh.knownHosts.nixbuilder = {
publicKey = serverSshPublicKey;
extraHostNames = [ "[fd09:8d46:b26:0:8079:82ff:fe1a:916a]:22143" ];
extraHostNames = [ "[${config.module.const.home}]:22143" ];
};
})
];

2
home/file/ssh/config
View file

@ -4,7 +4,7 @@ Host *
ControlPersist yes
Host dasha
HostName dasha.local
HostName fd09:8d46:b26:0:29b3:d9b5:d1e9:220f
User root
Port 22143

4
host/x86_64-linux/dasha/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }:
{ config, ... }:
{
networking = {
firewall.extraCommands = ''
# Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
'';
};
}

4
host/x86_64-linux/desktop/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }:
{ config, ... }:
{
networking = {
firewall.extraCommands = ''
# Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
'';
};
}

6
host/x86_64-linux/home/Blocky.nix
View file

@ -1,4 +1,4 @@
{ ... }:
{ config, ... }:
{
services.blocky = {
enable = true;
@ -84,10 +84,10 @@
};
customDNS.mapping =
let
block = host: { ${host} = "0.0.0.0"; };
block = host: { ${host} = "0.0.0.0,::"; };
in
{
"voronind.com" = "10.0.0.1,fd09:8d46:b26:0:8079:82ff:fe1a:916a";
"voronind.com" = "10.0.0.1,${config.module.const.home}";
"dasha.local" = "fd09:8d46:b26:0:29b3:d9b5:d1e9:220f";
"desktop.local" = "fd09:8d46:b26:0:2ef8:c58a:c1ac:6cd8";
"home.local" = "fd09:8d46:b26:0:8079:82ff:fe1a:916a";

4
host/x86_64-linux/home/Const.nix
View file

@ -1,4 +1,4 @@
{ ... }:
{ config, ... }:
{
config.module.const.host = {
data = "/storage/hot_2/data";
@ -12,7 +12,7 @@
sslCertificateKey = "/etc/letsencrypt/live/voronind.com/privkey.pem";
allowLocal = ''
allow 10.0.0.0/8;
allow fd09:8d46:b26::/48;
allow ${config.module.const.ula};
allow 127.0.0.1/32;
allow ::1/128;
deny all;

2
host/x86_64-linux/home/Network.nix
View file

@ -9,7 +9,7 @@
}:
let
internal = "10.0.0.1"; # Lan host IP address.
internal6 = "fd09:8d46:b26:0:8079:82ff:fe1a:916a"; # Lan host IP6 address.
internal6 = config.module.const.home; # Lan host IP6 address.
lan = "br0"; # Lan interface.
wan = "enp8s0"; # Wan interface.

4
host/x86_64-linux/max/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }:
{ config, ... }:
{
networking = {
firewall.extraCommands = ''
# Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
'';
};
}

4
host/x86_64-linux/msi/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }:
{ config, ... }:
{
networking = {
firewall.extraCommands = ''
# Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
'';
};
}

4
host/x86_64-linux/thinkpad/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }:
{ config, ... }:
{
networking = {
firewall.extraCommands = ''
# Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48
ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
'';
};
}

8
option/Const.nix
View file

@ -17,6 +17,14 @@
default = "https://git.voronind.com/voronind/nix.git";
type = lib.types.str;
};
home = lib.mkOption {
default = "fd09:8d46:b26:0:8079:82ff:fe1a:916a";
type = lib.types.str;
};
ula = lib.mkOption {
default = "fd09:8d46:b26::/48";
type = lib.types.str;
};
host = lib.mkOption {
default = { };
type = lib.types.attrs;