pepe.private can connect to sterni.private now
parent
211f241cd1
commit
e399bb3a1d
|
@ -181,9 +181,9 @@
|
|||
|
||||
sterni = { name, nodes, pkgs, ... }: {
|
||||
deployment.allowLocalDeployment = true;
|
||||
#deployment.targetHost = "${name}.private";
|
||||
deployment.targetHost = "${name}.private";
|
||||
#deployment.targetHost = "10.23.42.24";
|
||||
deployment.targetHost = "localhost";
|
||||
#deployment.targetHost = "localhost";
|
||||
deployment.tags = [ "desktop" "online" "private" ];
|
||||
imports = [
|
||||
grocy-scanner.nixosModule
|
||||
|
@ -213,7 +213,8 @@
|
|||
};
|
||||
|
||||
pepe = { name, nodes, pkgs, ... }: {
|
||||
deployment.targetHost = "${name}.private";
|
||||
#deployment.targetHost = "${name}.private";
|
||||
deployment.targetHost = "${name}";
|
||||
deployment.tags = [ "server" "online" "private" ];
|
||||
imports = [
|
||||
grocy-scanner.nixosModule
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
# generated by updateSshKeys.sh
|
||||
{ config, lib, ... }: {
|
||||
|
||||
services.openssh.knownHosts = {
|
||||
|
@ -22,43 +21,5 @@
|
|||
];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2PGX6cZuBUGX4VweMzi0aRh4uQ61yngCzZGcK3w5XV";
|
||||
};
|
||||
#"sternchen.secret" = {
|
||||
# hostNames = [
|
||||
# "sternchen.secret"
|
||||
# config.module.cluster.services.tinc.secret.hosts.sternchen.tincIp
|
||||
# ];
|
||||
# publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILriD/0+65L1mkbjKENwpvB3wUMXz/rEf9J8wuJjJa0q";
|
||||
#};
|
||||
#"sterni.private" = {
|
||||
# hostNames = [
|
||||
# "sterni.private"
|
||||
# "sterni.secret"
|
||||
# config.module.cluster.services.tinc.private.hosts.sterni.tincIp
|
||||
# config.module.cluster.services.tinc.secret.hosts.sterni.tincIp
|
||||
# ];
|
||||
# publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQRH4gzT4vWSx3KN80ePPYhSPZRUae/qSyEym6pJTht";
|
||||
#};
|
||||
#"pepe.private" = {
|
||||
# hostNames = [
|
||||
# "pepe.private"
|
||||
# "pepe.lan"
|
||||
# config.module.cluster.services.tinc.private.hosts.pepe.tincIp
|
||||
# ];
|
||||
# publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJPlva+Vdj8WmQPlbQLN3qicMz5AAsyTzK53BincxtAz";
|
||||
#};
|
||||
#"bobi.private" = {
|
||||
# hostNames = [
|
||||
# "bobi.private"
|
||||
# config.module.cluster.services.tinc.private.hosts.bobi.tincIp
|
||||
# ];
|
||||
# publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK0haepNVEaocfWh6kwVc4QsSg2iqO5k+hjarphBqMVk";
|
||||
#};
|
||||
#"mobi.private" = {
|
||||
# hostNames = [
|
||||
# "mobi.private"
|
||||
# config.module.cluster.services.tinc.private.hosts.mobi.tincIp
|
||||
# ];
|
||||
# publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE3G7TwCoxcVfwhGL0913RtacEeokqKtufhzzkCxpPxk";
|
||||
#};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -22,6 +22,10 @@ in
|
|||
services.tinc.networks = {
|
||||
${network} = {
|
||||
ed25519PrivateKeyFile = config.sops.secrets.tinc_ed25519_key.path;
|
||||
interfaceType = "tap";
|
||||
extraConfig = ''
|
||||
LocalDiscovery = yes
|
||||
'';
|
||||
hostSettings = {
|
||||
mobi = {
|
||||
subnets = [{ address = hosts.mobi; }];
|
||||
|
@ -29,7 +33,7 @@ in
|
|||
};
|
||||
sterni = {
|
||||
subnets = [{ address = hosts.sterni; }];
|
||||
settings.Ed25519PublicKey = "Hm+YwSe6XiRNQD4HfJPgTB8UFVMyVi0vy+3ofMnW6jD";
|
||||
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
|
||||
};
|
||||
bobi = {
|
||||
subnets = [{ address = hosts.bobi; }];
|
||||
|
|
|
@ -23,7 +23,6 @@ in
|
|||
ed25519PrivateKeyFile = config.sops.secrets.tinc_ed25519_key.path;
|
||||
extraConfig = ''
|
||||
LocalDiscovery = yes
|
||||
AutoConnect = yes
|
||||
Port = ${toString port}
|
||||
'';
|
||||
hostSettings = {
|
||||
|
@ -33,7 +32,7 @@ in
|
|||
};
|
||||
sterni = {
|
||||
subnets = [{ address = hosts.sterni; }];
|
||||
settings.Ed25519PublicKey = "Hm+YwSe6XiRNQD4HfJPgTB8UFVMyVi0vy+3ofMnW6jD";
|
||||
settings.Ed25519PublicKey = "r6mRDc814z2YtyG9ev/XXV2SgquqWR8n53V13xNXb7O";
|
||||
};
|
||||
robi = {
|
||||
addresses = [{ address = "144.76.13.147"; port = port; }];
|
||||
|
|
|
@ -53,13 +53,13 @@
|
|||
networking.dhcpcd.allowInterfaces = [ "enp0s25" ];
|
||||
|
||||
# nix-shell -p speedtest_cli --run speedtest
|
||||
configuration.fireqos = {
|
||||
enable = false;
|
||||
interface = "enp0s25";
|
||||
input = 200000;
|
||||
output = 2000;
|
||||
balance = false;
|
||||
};
|
||||
#configuration.fireqos = {
|
||||
# enable = false;
|
||||
# interface = "enp0s25";
|
||||
# input = 200000;
|
||||
# output = 2000;
|
||||
# balance = false;
|
||||
#};
|
||||
|
||||
services.printing.enable = false;
|
||||
services.smartd.enable = true;
|
||||
|
|
|
@ -1,23 +1,6 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
module.cluster.services.tinc = {
|
||||
"private" = {
|
||||
enable = true;
|
||||
openPort = true;
|
||||
connectTo = [ "robi" ];
|
||||
};
|
||||
"retiolum" = {
|
||||
enable = true;
|
||||
openPort = true;
|
||||
};
|
||||
};
|
||||
|
||||
sops.secrets.tinc_retiolum_ed25519_key = { };
|
||||
sops.secrets.tinc_retiolum_rsa_key = { };
|
||||
tinc.private.enable = true;
|
||||
tinc.private.ipv4 = "10.23.42.26";
|
||||
|
||||
users.users."tinc.retiolum".group = "tinc.retiolum";
|
||||
users.groups."tinc.retiolum" = { };
|
||||
}
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
|
||||
tinc.private.enable = true;
|
||||
|
|
Loading…
Reference in New Issue