From 178107af0ce6df62d36004cdcb3f3a8414f6a6a5 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Mon, 9 May 2022 00:20:02 +0200 Subject: [PATCH] Network configuration updates --- cluster/prod/node/celeri.nix | 2 +- cluster/prod/node/concombre.nix | 2 +- cluster/prod/node/courgette.nix | 2 +- cluster/prod/ssh_config | 6 ++--- cluster/staging/node/carcajou.nix | 2 +- cluster/staging/node/cariacou.nix | 2 +- cluster/staging/node/caribou.nix | 2 +- cluster/staging/ssh_config | 6 ++--- deploy_nixos | 2 +- nix/deuxfleurs.nix | 37 ++++++++++++++++++------------- ssh_known_hosts | 9 +++----- 11 files changed, 37 insertions(+), 35 deletions(-) diff --git a/cluster/prod/node/celeri.nix b/cluster/prod/node/celeri.nix index 9317de4..a018f1b 100644 --- a/cluster/prod/node/celeri.nix +++ b/cluster/prod/node/celeri.nix @@ -12,7 +12,7 @@ deuxfleurs.network_interface = "eno1"; deuxfleurs.lan_ip = "192.168.1.33"; - deuxfleurs.ipv6 = "2a01:e0a:c:a720::33"; + deuxfleurs.ipv6 = "2a06:a004:3025:1::33"; deuxfleurs.cluster_ip = "10.83.12.147"; deuxfleurs.is_raft_server = true; diff --git a/cluster/prod/node/concombre.nix b/cluster/prod/node/concombre.nix index c38e89d..782e7e7 100644 --- a/cluster/prod/node/concombre.nix +++ b/cluster/prod/node/concombre.nix @@ -12,7 +12,7 @@ deuxfleurs.network_interface = "eno1"; deuxfleurs.lan_ip = "192.168.1.31"; - deuxfleurs.ipv6 = "2a01:e0a:c:a720::31"; + deuxfleurs.ipv6 = "2a06:a004:3025:1::31"; deuxfleurs.cluster_ip = "10.83.101.43"; deuxfleurs.is_raft_server = true; diff --git a/cluster/prod/node/courgette.nix b/cluster/prod/node/courgette.nix index d31af77..0dd8208 100644 --- a/cluster/prod/node/courgette.nix +++ b/cluster/prod/node/courgette.nix @@ -12,7 +12,7 @@ deuxfleurs.network_interface = "eno1"; deuxfleurs.lan_ip = "192.168.1.32"; - deuxfleurs.ipv6 = "2a01:e0a:c:a720::32"; + deuxfleurs.ipv6 = "2a06:a004:3025:1::32"; deuxfleurs.cluster_ip = "10.83.66.147"; deuxfleurs.is_raft_server = true; diff --git a/cluster/prod/ssh_config b/cluster/prod/ssh_config index d05e5c6..4736d0b 100644 --- a/cluster/prod/ssh_config +++ b/cluster/prod/ssh_config @@ -1,13 +1,13 @@ UserKnownHostsFile ./ssh_known_hosts Host concombre - #HostName 2a01:e0a:c:a720::31 + #HostName 2a06:a004:3025:1::31 HostName 192.168.1.31 Host courgette - #HostName 2a01:e0a:c:a720::32 + #HostName 2a06:a004:3025:1::32 HostName 192.168.1.32 Host celeri - #HostName 2a01:e0a:c:a720::33 + #HostName 2a06:a004:3025:1::33 HostName 192.168.1.33 diff --git a/cluster/staging/node/carcajou.nix b/cluster/staging/node/carcajou.nix index dbcc5ec..2607cdd 100644 --- a/cluster/staging/node/carcajou.nix +++ b/cluster/staging/node/carcajou.nix @@ -17,7 +17,7 @@ deuxfleurs.network_interface = "eno1"; deuxfleurs.lan_ip = "192.168.1.22"; - deuxfleurs.ipv6 = "2a01:e0a:c:a720::22"; + deuxfleurs.ipv6 = "2a06:a004:3025:1::22"; deuxfleurs.cluster_ip = "10.14.252.121"; deuxfleurs.is_raft_server = true; diff --git a/cluster/staging/node/cariacou.nix b/cluster/staging/node/cariacou.nix index 14d1842..aafdf6e 100644 --- a/cluster/staging/node/cariacou.nix +++ b/cluster/staging/node/cariacou.nix @@ -17,7 +17,7 @@ deuxfleurs.network_interface = "eno1"; deuxfleurs.lan_ip = "192.168.1.21"; - deuxfleurs.ipv6 = "2a01:e0a:c:a720::21"; + deuxfleurs.ipv6 = "2a06:a004:3025:1::21"; deuxfleurs.cluster_ip = "10.14.179.56"; deuxfleurs.is_raft_server = true; diff --git a/cluster/staging/node/caribou.nix b/cluster/staging/node/caribou.nix index 3b41972..062cc0a 100644 --- a/cluster/staging/node/caribou.nix +++ b/cluster/staging/node/caribou.nix @@ -17,7 +17,7 @@ deuxfleurs.network_interface = "eno1"; deuxfleurs.lan_ip = "192.168.1.23"; - deuxfleurs.ipv6 = "2a01:e0a:c:a720::23"; + deuxfleurs.ipv6 = "2a06:a004:3025:1::23"; deuxfleurs.cluster_ip = "10.14.181.82"; deuxfleurs.is_raft_server = true; diff --git a/cluster/staging/ssh_config b/cluster/staging/ssh_config index 3360725..d3ebeeb 100644 --- a/cluster/staging/ssh_config +++ b/cluster/staging/ssh_config @@ -1,15 +1,15 @@ UserKnownHostsFile ./ssh_known_hosts Host caribou - #HostName 2a01:e0a:c:a720::23 + #HostName 2a06:a004:3025:1::23 HostName 192.168.1.23 Host carcajou - #HostName 2a01:e0a:c:a720::22 + #HostName 2a06:a004:3025:1::22 HostName 192.168.1.22 Host cariacou - #HostName 2a01:e0a:c:a720::21 + #HostName 2a06:a004:3025:1::21 HostName 192.168.1.21 Host spoutnik diff --git a/deploy_nixos b/deploy_nixos index 484bead..30691e0 100755 --- a/deploy_nixos +++ b/deploy_nixos @@ -9,4 +9,4 @@ copy cluster/$CLUSTER/cluster.nix /etc/nixos/cluster.nix copy cluster/$CLUSTER/node/$NIXHOST.nix /etc/nixos/node.nix copy cluster/$CLUSTER/node/$NIXHOST.site.nix /etc/nixos/site.nix -cmd nixos-rebuild switch +cmd nixos-rebuild switch --show-trace diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index 09ba526..ae472ab 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -6,7 +6,7 @@ in with builtins; with pkgs.lib; { - options.deuxfleurs = + options.deuxfleurs = { # Parameters for individual nodes network_interface = mkOption { @@ -81,21 +81,26 @@ in }) cfg.admin_accounts; # Configure network interfaces - networking.interfaces = attrsets.setAttrByPath [ cfg.network_interface ] { - useDHCP = false; - ipv4.addresses = [ - { - address = cfg.lan_ip; - prefixLength = cfg.lan_ip_prefix_length; - } - ]; - ipv6.addresses = [ - { - address = cfg.ipv6; - prefixLength = cfg.ipv6_prefix_length; - } - ]; - }; + networking.interfaces = + let ip4config = { + useDHCP = false; + ipv4.addresses = [ + { + address = cfg.lan_ip; + prefixLength = cfg.lan_ip_prefix_length; + } + ]; + }; + ip6config = { + ipv6.addresses = [ + { + address = cfg.ipv6; + prefixLength = cfg.ipv6_prefix_length; + } + ]; + }; + in + (attrsets.setAttrByPath [ cfg.network_interface ] (ip4config // ip6config)); networking.defaultGateway = { address = cfg.lan_default_gateway; interface = cfg.network_interface; diff --git a/ssh_known_hosts b/ssh_known_hosts index 8150174..68894da 100644 --- a/ssh_known_hosts +++ b/ssh_known_hosts @@ -6,15 +6,12 @@ 10.42.2.21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXTUrXRFhudJBESCqjHCOttzqYPyIzpPOMkI8+SwLRx 10.42.2.22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMf/ioVSSb19Slu+HZLgKt4f1/XsL+K9uMxazSWb/+nQ 10.42.2.23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDsYD1gNmGyb6c9wjGR6tC69fHP6+FpPHTBT6laPTHeD -2a01:e0a:c:a720::22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMf/ioVSSb19Slu+HZLgKt4f1/XsL+K9uMxazSWb/+nQ -2a01:e0a:c:a720::21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXTUrXRFhudJBESCqjHCOttzqYPyIzpPOMkI8+SwLRx -2a01:e0a:c:a720::23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDsYD1gNmGyb6c9wjGR6tC69fHP6+FpPHTBT6laPTHeD -2a01:e0a:c:a720::33 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOuY1CvhxBP9BtKkTlmOUu6Hhy8OQTB3R8OCFXbHA/RA -2a01:e0a:c:a720::31 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3N0QOFNGkCpVLuOHFdpnBaxIFH925KpdIHV/3F9+BR -2a01:e0a:c:a720::32 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPCXJeo6yeQeTN7D7OZwLd8zbyU1jWywlhQ29yyk7x+G 192.168.1.22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMf/ioVSSb19Slu+HZLgKt4f1/XsL+K9uMxazSWb/+nQ 192.168.1.21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXTUrXRFhudJBESCqjHCOttzqYPyIzpPOMkI8+SwLRx 192.168.1.23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDsYD1gNmGyb6c9wjGR6tC69fHP6+FpPHTBT6laPTHeD 192.168.1.33 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOuY1CvhxBP9BtKkTlmOUu6Hhy8OQTB3R8OCFXbHA/RA 192.168.1.31 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3N0QOFNGkCpVLuOHFdpnBaxIFH925KpdIHV/3F9+BR 192.168.1.32 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPCXJeo6yeQeTN7D7OZwLd8zbyU1jWywlhQ29yyk7x+G +2a06:a004:3024::22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMf/ioVSSb19Slu+HZLgKt4f1/XsL+K9uMxazSWb/+nQ +2a06:a004:3024::21 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXTUrXRFhudJBESCqjHCOttzqYPyIzpPOMkI8+SwLRx +2a06:a004:3024::23 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDsYD1gNmGyb6c9wjGR6tC69fHP6+FpPHTBT6laPTHeD