forked from hswaw/hscloud
bgpwtf: edge01: bump nixpkgs, use networkd
Change-Id: I038f9518e090aecc90f464475f29c5b3c1570eff Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1339 Reviewed-by: implr <implr@hackerspace.pl>
This commit is contained in:
parent
d635dc85ce
commit
957d91180a
5 changed files with 16 additions and 25 deletions
|
@ -6,6 +6,8 @@
|
||||||
networking.interfaces.bootstrap.ipv4.addresses = [
|
networking.interfaces.bootstrap.ipv4.addresses = [
|
||||||
{ address = "185.236.240.18"; prefixLength = 32; }
|
{ address = "185.236.240.18"; prefixLength = 32; }
|
||||||
];
|
];
|
||||||
|
systemd.network.networks."40-bootstrap".networkConfig.IgnoreCarrierLoss = true;
|
||||||
|
systemd.network.networks."40-bootstrap".networkConfig.ConfigureWithoutCarrier = true;
|
||||||
services.atftpd = {
|
services.atftpd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
root = (let
|
root = (let
|
||||||
|
|
|
@ -41,22 +41,28 @@ in {
|
||||||
|
|
||||||
config.boot.kernelModules = [ "fou" ];
|
config.boot.kernelModules = [ "fou" ];
|
||||||
config.systemd.services = mapAttrs' (name: value: nameValuePair "${name}-gretap" {
|
config.systemd.services = mapAttrs' (name: value: nameValuePair "${name}-gretap" {
|
||||||
wants = [
|
wants = if config.networking.useNetworkd then [
|
||||||
|
"systemd-networkd.service"
|
||||||
|
] else [
|
||||||
"${name}-netdev.service"
|
"${name}-netdev.service"
|
||||||
"network-addresses-${value.parent}.service"
|
"network-addresses-${value.parent}.service"
|
||||||
];
|
];
|
||||||
after = [
|
after = if config.networking.useNetworkd then [
|
||||||
|
"systemd-networkd.service"
|
||||||
|
] else [
|
||||||
"network-addresses-${value.parent}.service"
|
"network-addresses-${value.parent}.service"
|
||||||
];
|
];
|
||||||
before = [
|
before = if config.networking.useNetworkd then [] else [
|
||||||
"network-addresses-${name}.service"
|
"network-addresses-${name}.service"
|
||||||
];
|
];
|
||||||
wantedBy = [
|
wantedBy = if config.networking.useNetworkd then [
|
||||||
|
"network-online.target"
|
||||||
|
] else [
|
||||||
"network-addresses-${name}.service"
|
"network-addresses-${name}.service"
|
||||||
];
|
];
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
ExecStart = "${pkgs.iproute}/bin/ip link add name ${name} type gretap remote ${value.remoteV4} local ${value.localV4} key ${toString value.id}";
|
ExecStart = "${pkgs.iproute2}/bin/ip link add name ${name} type gretap remote ${value.remoteV4} local ${value.localV4} key ${toString value.id}";
|
||||||
};
|
};
|
||||||
}) cfg.interfaces;
|
}) cfg.interfaces;
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,10 +16,11 @@ rec {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
tcpdump htop dstat file strace gdb mtr
|
tcpdump htop dstat file strace gdb mtr
|
||||||
vim wget curl htop dstat whois bind
|
vim wget curl htop dstat whois bind
|
||||||
rxvt_unicode.terminfo dhcpcd efibootmgr
|
rxvt-unicode-unwrapped.terminfo dhcpcd efibootmgr
|
||||||
];
|
];
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
networking.firewall.enable = false;
|
networking.firewall.enable = false;
|
||||||
|
networking.useNetworkd = true;
|
||||||
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||||||
boot.kernel.sysctl."net.ipv4.conf.*.accept_redirects" = 0;
|
boot.kernel.sysctl."net.ipv4.conf.*.accept_redirects" = 0;
|
||||||
boot.kernel.sysctl."net.ipv4.conf.*.send_redirects" = 0;
|
boot.kernel.sysctl."net.ipv4.conf.*.send_redirects" = 0;
|
||||||
|
|
|
@ -42,24 +42,6 @@ let
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# edge01 still lives on an old nixpkgs checkout.
|
|
||||||
#
|
|
||||||
# TODO(b/3): unpin and deploy.
|
|
||||||
nixpkgsBgpwtf = import (pkgs.fetchFromGitHub {
|
|
||||||
owner = "nixos";
|
|
||||||
repo = "nixpkgs-channels";
|
|
||||||
rev = "c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38";
|
|
||||||
sha256 = "1ak7jqx94fjhc68xh1lh35kh3w3ndbadprrb762qgvcfb8351x8v";
|
|
||||||
}) {};
|
|
||||||
|
|
||||||
# customs.hackerspace.pl migration temporary checkout
|
|
||||||
nixpkgsCustoms = import (pkgs.fetchFromGitHub {
|
|
||||||
owner = "nixos";
|
|
||||||
repo = "nixpkgs";
|
|
||||||
rev = "d12178b1c4a6ef1232c8c677573ba9db204e66ff";
|
|
||||||
sha256 = "0p7df7yzi35kblxr5ks0rxxp9cfh269g88xpj60sdhdjvfnn6cp7";
|
|
||||||
}) {};
|
|
||||||
|
|
||||||
# mkMachine builds NixOS modules into a NixOS derivation.
|
# mkMachine builds NixOS modules into a NixOS derivation.
|
||||||
# It:
|
# It:
|
||||||
# 1) injects passthru.hscloud.provision which deploys that configuration
|
# 1) injects passthru.hscloud.provision which deploys that configuration
|
||||||
|
@ -144,7 +126,7 @@ let
|
||||||
"dcr01s22.hswaw.net" = mkClusterMachine self ../cluster/machines/dcr01s22.hswaw.net.nix;
|
"dcr01s22.hswaw.net" = mkClusterMachine self ../cluster/machines/dcr01s22.hswaw.net.nix;
|
||||||
"dcr01s24.hswaw.net" = mkClusterMachine self ../cluster/machines/dcr01s24.hswaw.net.nix;
|
"dcr01s24.hswaw.net" = mkClusterMachine self ../cluster/machines/dcr01s24.hswaw.net.nix;
|
||||||
|
|
||||||
"edge01.waw.bgp.wtf" = mkMachine self nixpkgsBgpwtf [
|
"edge01.waw.bgp.wtf" = mkMachine self pkgs [
|
||||||
../bgpwtf/machines/edge01.waw.bgp.wtf.nix
|
../bgpwtf/machines/edge01.waw.bgp.wtf.nix
|
||||||
../bgpwtf/machines/edge01.waw.bgp.wtf-hardware.nix
|
../bgpwtf/machines/edge01.waw.bgp.wtf-hardware.nix
|
||||||
];
|
];
|
||||||
|
|
Loading…
Reference in a new issue