forked from Deuxfleurs/nixcfg
make specifying an ipv6 fully optionnal
This commit is contained in:
parent
c4598bd84f
commit
607add3161
5 changed files with 22 additions and 14 deletions
|
@ -6,8 +6,10 @@ db_engine = "lmdb"
|
|||
|
||||
replication_mode = "3"
|
||||
|
||||
rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3901"
|
||||
rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3901"
|
||||
{{ with $a := env "attr.unique.hostname" | printf "diplonat/autodiscovery/ipv6/%s" | key | parseJSON }}
|
||||
rpc_bind_addr = "[{{ $a.address }}]:3901"
|
||||
rpc_public_addr = "[{{ $a.address }}]:3901"
|
||||
{{ end }}
|
||||
rpc_secret = "{{ key "secrets/garage/rpc_secret" | trimSpace }}"
|
||||
|
||||
[consul_discovery]
|
||||
|
|
|
@ -11,7 +11,7 @@ job "core:d53" {
|
|||
|
||||
config {
|
||||
packages = [
|
||||
"git+https://git.deuxfleurs.fr/lx/D53.git?ref=diplonat-autodiscovery&rev=d906a6ebb5d977f44340b157a520477849ced161"
|
||||
"git+https://git.deuxfleurs.fr/lx/D53.git?ref=diplonat-autodiscovery&rev=49d94dae1d753c1f3349be7ea9bc7e7978c0af15"
|
||||
]
|
||||
command = "d53"
|
||||
}
|
||||
|
@ -52,7 +52,7 @@ D53_CONSUL_CLIENT_KEY=/etc/tricot/consul-client.key
|
|||
D53_PROVIDERS=deuxfleurs.org:gandi
|
||||
D53_GANDI_API_KEY={{ key "secrets/d53/gandi_api_key" }}
|
||||
D53_ALLOWED_DOMAINS=staging.deuxfleurs.org
|
||||
RUST_LOG=d53=info
|
||||
RUST_LOG=d53=debug
|
||||
EOH
|
||||
destination = "secrets/env"
|
||||
env = true
|
||||
|
|
|
@ -6,8 +6,10 @@ db_engine = "lmdb"
|
|||
|
||||
replication_mode = "3"
|
||||
|
||||
rpc_bind_addr = "[{{ env "meta.public_ipv6" }}]:3991"
|
||||
rpc_public_addr = "[{{ env "meta.public_ipv6" }}]:3991"
|
||||
{{ with $a := env "attr.unique.hostname" | printf "diplonat/autodiscovery/ipv6/%s" | key | parseJSON }}
|
||||
rpc_bind_addr = "[{{ $a.address }}]:3991"
|
||||
rpc_public_addr = "[{{ $a.address }}]:3991"
|
||||
{{ end }}
|
||||
rpc_secret = "{{ key "secrets/garage-staging/rpc_secret" | trimSpace }}"
|
||||
|
||||
bootstrap_peers = []
|
||||
|
|
|
@ -25,6 +25,7 @@ job "garage-staging" {
|
|||
config {
|
||||
packages = [
|
||||
"#bash", # so that we can enter a shell inside container
|
||||
"#coreutils",
|
||||
"git+https://git.deuxfleurs.fr/Deuxfleurs/garage.git?ref=main&rev=0d0906b066eb76111f3b427dce1c50eac083366c",
|
||||
]
|
||||
command = "garage"
|
||||
|
|
|
@ -19,7 +19,7 @@ in
|
|||
};
|
||||
staticIPv6.address = mkOption {
|
||||
description = "Static public IPv6 address of this node";
|
||||
type = str;
|
||||
type = nullOr str;
|
||||
};
|
||||
isRaftServer = mkOption {
|
||||
description = "Make this node a RAFT server for the Nomad and Consul deployments";
|
||||
|
@ -129,8 +129,10 @@ in
|
|||
clusterAddress = clusterNodeCfg.address;
|
||||
node_meta = {
|
||||
"site" = cfg.siteName;
|
||||
"public_ipv6" = cfg.staticIPv6.address;
|
||||
} //
|
||||
(if cfg.staticIPv6.address != null
|
||||
then { "public_ipv6" = cfg.staticIPv6.address; }
|
||||
else {}) //
|
||||
(if cfg.publicIPv4 != null
|
||||
then { "public_ipv4" = cfg.publicIPv4; }
|
||||
else {}) //
|
||||
|
@ -156,11 +158,12 @@ in
|
|||
# IPv4 configuration is obtained by DHCP by default,
|
||||
# unless a static v4 address and default gateway are given
|
||||
noDHCP = cfg.staticIPv4.address != null && cfg.staticIPv4.defaultGateway != null;
|
||||
# IPv6 configuration is obtained through router advertisements
|
||||
# (RA), using a static token to ensure a static IPv6,
|
||||
# unless defaultGateway is specified, in which case RAs are
|
||||
# disabled entirely
|
||||
noRA = cfg.staticIPv6.defaultGateway != null;
|
||||
# IPv6 configuration is obtained through router advertisements (RA),
|
||||
# possibly using a static token to ensure a static IPv6,
|
||||
# unless a static v6 address and default gateway are given,
|
||||
# in which case RAs are disabled entirely
|
||||
noRA = cfg.staticIPv6.address != null && cfg.staticIPv6.defaultGateway != null;
|
||||
staticV6 = cfg.staticIPv6.address != null;
|
||||
in
|
||||
{
|
||||
matchConfig.Name = "en* eth*";
|
||||
|
@ -189,7 +192,7 @@ in
|
|||
|
||||
# Dynamic IPv6: only fetch default route, use static
|
||||
# address and no DNS servers
|
||||
ipv6AcceptRAConfig.Token = mkIf (!noRA) "static:${cfg.staticIPv6.address}";
|
||||
ipv6AcceptRAConfig.Token = mkIf (!noRA && staticV6) "static:${cfg.staticIPv6.address}";
|
||||
ipv6AcceptRAConfig.UseDNS = mkIf (!noRA) false;
|
||||
|
||||
# Static IPv6: disable all router advertisements and
|
||||
|
|
Loading…
Reference in a new issue