mirrors/mdlayher-homelab
1
0
Fork 0
mirror of https://github.com/mdlayher/homelab.git synced 2024-12-14 11:47:32 +00:00
Code Activity

nixos: factor out servers array in variables

Browse source
This commit is contained in:
Matt Layher 2020-01-24 11:16:23 -05:00
parent 308f2a22bf
commit dd605c4955
4 changed files with 54 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/coredns.nix
View file

@ -62,7 +62,7 @@ in {
lib.concatMapStrings (host: ''
${host.ipv4} ${host.name}.${domain}
${host.ipv6.ula} ${host.name}.${domain}
'') [ vars.hosts.desktop vars.hosts.monitor vars.hosts.server ]
'') vars.hosts.servers
}
192.168.1.2 switch-livingroom01.${domain}

23
nixos/dhcpd4.nix
View file

@ -14,21 +14,6 @@ in {
[ "${lan0.name}" "${guest0.name}" "${iot0.name}" "${lab0.name}" ];
enable = true;
machines = [
{
hostName = "monitnerr-1";
ethernetAddress = "dc:a6:32:1e:66:94";
ipAddress = "${vars.hosts.monitor.ipv4}";
}
{
hostName = "nerr-3";
ethernetAddress = "04:d9:f5:7e:1c:47";
ipAddress = "${vars.hosts.desktop.ipv4}";
}
{
hostName = "servnerr-3";
ethernetAddress = "06:cb:90:4d:a2:59";
ipAddress = "${vars.hosts.server.ipv4}";
}
{
hostName = "switch-livingroom01";
ethernetAddress = "f0:9f:c2:0b:28:ca";
@ -49,7 +34,13 @@ in {
ethernetAddress = "00:18:dd:32:52:c0";
ipAddress = "192.168.1.8";
}
];
] ++ lib.forEach vars.hosts.servers (host:
{
hostName = host.name;
ethernetAddress = host.mac;
ipAddress = host.ipv4;
}
);
extraConfig = ''
ddns-update-style none;

16
nixos/nftables.nix
View file

@ -1,4 +1,4 @@
{ config, ... }:
{ config, lib, ... }:
let
vars = import ./vars.nix;
@ -10,10 +10,6 @@ let
wan0 = vars.interfaces.wan0;
wg0 = vars.interfaces.wg0;
desktop = vars.hosts.desktop;
monitor = vars.hosts.monitor;
server = vars.hosts.server;
ports = {
dns = "53";
dhcp4_server = "67";
@ -267,11 +263,13 @@ in {
# SSH for internal machines.
ip6 daddr {
${desktop.ipv6.gua},
${monitor.ipv6.gua},
${server.ipv6.gua},
${lib.concatMapStrings (host: "${host.ipv6.gua}, ") vars.hosts.servers}
} tcp dport ${ports.ssh} counter accept comment "IPv6 SSH"
# Plex running on server.
ip daddr ${vars.server_ipv4} tcp dport ${ports.plex} counter accept comment "server IPv4 Plex"
ip6 daddr ${vars.server_ipv6} tcp dport ${ports.plex} counter accept comment "server IPv6 Plex"
counter reject
}
@ -294,7 +292,7 @@ in {
chain prerouting_wan0 {
tcp dport {
${ports.plex},
} dnat ${server.ipv4} comment "server TCPv4 DNAT"
} dnat ${vars.server_ipv4} comment "server TCPv4 DNAT"
udp dport {
${ports.dns},

64
nixos/vars.nix
View file

@ -1,31 +1,45 @@
{
# Variables referenced two or more places in the configuration.
let
server_ipv4 = "192.168.1.4";
server_ipv6 = "2600:6c4a:787f:d100:4cb:90ff:fe4d:a259";
# Configuration variables which are used to build out configs elsewhere.
in {
server_ipv4 = server_ipv4;
server_ipv6 = server_ipv6;
cfg = "/home/matt/cfg";
domain = "lan.servnerr.com";
hosts = {
monitor = {
name = "monitnerr-1";
ipv4 = "192.168.1.11";
ipv6 = {
gua = "2600:6c4a:787f:d100:dea6:32ff:fe1e:6694";
ula = "fd9e:1a04:f01d:0:dea6:32ff:fe1e:6694";
};
};
desktop = {
name = "nerr-3";
ipv4 = "192.168.1.9";
ipv6 = {
gua = "2600:6c4a:787f:d100:6d9:f5ff:fe7e:1c47";
ula = "fd9e:1a04:f01d:0:6d9:f5ff:fe7e:1c47";
};
};
server = {
name = "servnerr-3";
ipv4 = "192.168.1.4";
ipv6 = {
gua = "2600:6c4a:787f:d100:4cb:90ff:fe4d:a259";
ula = "fd9e:1a04:f01d:0:4cb:90ff:fe4d:a259";
};
};
# Machines that are remotely accessible and run services.
servers = [
{
name = "monitnerr-1";
ipv4 = "192.168.1.11";
ipv6 = {
gua = "2600:6c4a:787f:d100:dea6:32ff:fe1e:6694";
ula = "fd9e:1a04:f01d:0:dea6:32ff:fe1e:6694";
};
mac = "dc:a6:32:1e:66:94";
}
{
name = "nerr-3";
ipv4 = "192.168.1.9";
ipv6 = {
gua = "2600:6c4a:787f:d100:6d9:f5ff:fe7e:1c47";
ula = "fd9e:1a04:f01d:0:6d9:f5ff:fe7e:1c47";
};
mac = "04:d9:f5:7e:1c:47";
}
{
name = "servnerr-3";
ipv4 = server_ipv4;
ipv6 = {
gua = server_ipv6;
ula = "fd9e:1a04:f01d:0:4cb:90ff:fe4d:a259";
};
mac = "06:cb:90:4d:a2:59";
}
];
};
interfaces = {
wan0 = {