bgpwtf: edge01: bump nixpkgs, use networkd

Change-Id: I038f9518e090aecc90f464475f29c5b3c1570eff
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1339
Reviewed-by: implr <implr@hackerspace.pl>
This commit is contained in:
q3k 2022-06-12 12:26:02 +02:00 committed by q3k
parent d635dc85ce
commit 957d91180a
5 changed files with 16 additions and 25 deletions

View file

@ -6,6 +6,8 @@
networking.interfaces.bootstrap.ipv4.addresses = [
{ address = "185.236.240.18"; prefixLength = 32; }
];
systemd.network.networks."40-bootstrap".networkConfig.IgnoreCarrierLoss = true;
systemd.network.networks."40-bootstrap".networkConfig.ConfigureWithoutCarrier = true;
services.atftpd = {
enable = true;
root = (let

View file

@ -41,22 +41,28 @@ in {
config.boot.kernelModules = [ "fou" ];
config.systemd.services = mapAttrs' (name: value: nameValuePair "${name}-gretap" {
wants = [
wants = if config.networking.useNetworkd then [
"systemd-networkd.service"
] else [
"${name}-netdev.service"
"network-addresses-${value.parent}.service"
];
after = [
after = if config.networking.useNetworkd then [
"systemd-networkd.service"
] else [
"network-addresses-${value.parent}.service"
];
before = [
before = if config.networking.useNetworkd then [] else [
"network-addresses-${name}.service"
];
wantedBy = [
wantedBy = if config.networking.useNetworkd then [
"network-online.target"
] else [
"network-addresses-${name}.service"
];
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.iproute}/bin/ip link add name ${name} type gretap remote ${value.remoteV4} local ${value.localV4} key ${toString value.id}";
ExecStart = "${pkgs.iproute2}/bin/ip link add name ${name} type gretap remote ${value.remoteV4} local ${value.localV4} key ${toString value.id}";
};
}) cfg.interfaces;
}

View file

@ -16,10 +16,11 @@ rec {
environment.systemPackages = with pkgs; [
tcpdump htop dstat file strace gdb mtr
vim wget curl htop dstat whois bind
rxvt_unicode.terminfo dhcpcd efibootmgr
rxvt-unicode-unwrapped.terminfo dhcpcd efibootmgr
];
networking.useDHCP = false;
networking.firewall.enable = false;
networking.useNetworkd = true;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
boot.kernel.sysctl."net.ipv4.conf.*.accept_redirects" = 0;
boot.kernel.sysctl."net.ipv4.conf.*.send_redirects" = 0;

View file

@ -42,24 +42,6 @@ let
];
};
# edge01 still lives on an old nixpkgs checkout.
#
# TODO(b/3): unpin and deploy.
nixpkgsBgpwtf = import (pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs-channels";
rev = "c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38";
sha256 = "1ak7jqx94fjhc68xh1lh35kh3w3ndbadprrb762qgvcfb8351x8v";
}) {};
# customs.hackerspace.pl migration temporary checkout
nixpkgsCustoms = import (pkgs.fetchFromGitHub {
owner = "nixos";
repo = "nixpkgs";
rev = "d12178b1c4a6ef1232c8c677573ba9db204e66ff";
sha256 = "0p7df7yzi35kblxr5ks0rxxp9cfh269g88xpj60sdhdjvfnn6cp7";
}) {};
# mkMachine builds NixOS modules into a NixOS derivation.
# It:
# 1) injects passthru.hscloud.provision which deploys that configuration
@ -144,7 +126,7 @@ let
"dcr01s22.hswaw.net" = mkClusterMachine self ../cluster/machines/dcr01s22.hswaw.net.nix;
"dcr01s24.hswaw.net" = mkClusterMachine self ../cluster/machines/dcr01s24.hswaw.net.nix;
"edge01.waw.bgp.wtf" = mkMachine self nixpkgsBgpwtf [
"edge01.waw.bgp.wtf" = mkMachine self pkgs [
../bgpwtf/machines/edge01.waw.bgp.wtf.nix
../bgpwtf/machines/edge01.waw.bgp.wtf-hardware.nix
];