voronind/nix
0
0
Fork 0
Code Issues 43 Pull requests Packages Projects Releases Wiki Activity

Move home ip and ula to const.

Browse source
This commit is contained in:
Dmitry Voronin 2025-01-28 14:19:37 +03:00
parent 99d0191e7f
commit c02949e403
Signed by: voronind
SSH key fingerprint: SHA256:3kBb4iV2ahufEBNq+vFbUe4QYfHt98DHQjN7QaptY9k
11 changed files with 26 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/RemoteBuild.nix
View file

@ -89,7 +89,7 @@ in
}; };
services.openssh.knownHosts.nixbuilder = { services.openssh.knownHosts.nixbuilder = {
publicKey = serverSshPublicKey; publicKey = serverSshPublicKey;
extraHostNames = [ "[fd09:8d46:b26:0:8079:82ff:fe1a:916a]:22143" ]; extraHostNames = [ "[${config.module.const.home}]:22143" ];
}; };
}) })
]; ];

2
home/file/ssh/config
View file

@ -4,7 +4,7 @@ Host *
ControlPersist yes ControlPersist yes
Host dasha Host dasha
HostName dasha.local HostName fd09:8d46:b26:0:29b3:d9b5:d1e9:220f
User root User root
Port 22143 Port 22143

4
host/x86_64-linux/dasha/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }: { config, ... }:
{ {
networking = { networking = {
firewall.extraCommands = '' firewall.extraCommands = ''
# Local access. # Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
''; '';
}; };
} }

4
host/x86_64-linux/desktop/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }: { config, ... }:
{ {
networking = { networking = {
firewall.extraCommands = '' firewall.extraCommands = ''
# Local access. # Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
''; '';
}; };
} }

6
host/x86_64-linux/home/Blocky.nix
View file

@ -1,4 +1,4 @@
{ ... }: { config, ... }:
{ {
services.blocky = { services.blocky = {
enable = true; enable = true;
@ -84,10 +84,10 @@
}; };
customDNS.mapping = customDNS.mapping =
let let
block = host: { ${host} = "0.0.0.0"; }; block = host: { ${host} = "0.0.0.0,::"; };
in in
{ {
"voronind.com" = "10.0.0.1,fd09:8d46:b26:0:8079:82ff:fe1a:916a"; "voronind.com" = "10.0.0.1,${config.module.const.home}";
"dasha.local" = "fd09:8d46:b26:0:29b3:d9b5:d1e9:220f"; "dasha.local" = "fd09:8d46:b26:0:29b3:d9b5:d1e9:220f";
"desktop.local" = "fd09:8d46:b26:0:2ef8:c58a:c1ac:6cd8"; "desktop.local" = "fd09:8d46:b26:0:2ef8:c58a:c1ac:6cd8";
"home.local" = "fd09:8d46:b26:0:8079:82ff:fe1a:916a"; "home.local" = "fd09:8d46:b26:0:8079:82ff:fe1a:916a";

4
host/x86_64-linux/home/Const.nix
View file

@ -1,4 +1,4 @@
{ ... }: { config, ... }:
{ {
config.module.const.host = { config.module.const.host = {
data = "/storage/hot_2/data"; data = "/storage/hot_2/data";
@ -12,7 +12,7 @@
sslCertificateKey = "/etc/letsencrypt/live/voronind.com/privkey.pem"; sslCertificateKey = "/etc/letsencrypt/live/voronind.com/privkey.pem";
allowLocal = '' allowLocal = ''
allow 10.0.0.0/8; allow 10.0.0.0/8;
allow fd09:8d46:b26::/48; allow ${config.module.const.ula};
allow 127.0.0.1/32; allow 127.0.0.1/32;
allow ::1/128; allow ::1/128;
deny all; deny all;

2
host/x86_64-linux/home/Network.nix
View file

@ -9,7 +9,7 @@
}: }:
let let
internal = "10.0.0.1"; # Lan host IP address. internal = "10.0.0.1"; # Lan host IP address.
internal6 = "fd09:8d46:b26:0:8079:82ff:fe1a:916a"; # Lan host IP6 address. internal6 = config.module.const.home; # Lan host IP6 address.
lan = "br0"; # Lan interface. lan = "br0"; # Lan interface.
wan = "enp8s0"; # Wan interface. wan = "enp8s0"; # Wan interface.

4
host/x86_64-linux/max/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }: { config, ... }:
{ {
networking = { networking = {
firewall.extraCommands = '' firewall.extraCommands = ''
# Local access. # Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
''; '';
}; };
} }

4
host/x86_64-linux/msi/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }: { config, ... }:
{ {
networking = { networking = {
firewall.extraCommands = '' firewall.extraCommands = ''
# Local access. # Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
''; '';
}; };
} }

4
host/x86_64-linux/thinkpad/Network.nix
View file

@ -1,9 +1,9 @@
{ ... }: { config, ... }:
{ {
networking = { networking = {
firewall.extraCommands = '' firewall.extraCommands = ''
# Local access. # Local access.
ip6tables -I INPUT -j ACCEPT -s fd09:8d46:0b26::/48 ip6tables -I INPUT -j ACCEPT -s ${config.module.const.ula}
''; '';
}; };
} }

8
option/Const.nix
View file

@ -17,6 +17,14 @@
default = "https://git.voronind.com/voronind/nix.git"; default = "https://git.voronind.com/voronind/nix.git";
type = lib.types.str; type = lib.types.str;
}; };
home = lib.mkOption {
default = "fd09:8d46:b26:0:8079:82ff:fe1a:916a";
type = lib.types.str;
};
ula = lib.mkOption {
default = "fd09:8d46:b26::/48";
type = lib.types.str;
};
host = lib.mkOption { host = lib.mkOption {
default = { }; default = { };
type = lib.types.attrs; type = lib.types.attrs;