diff options
author | tv <tv@krebsco.de> | 2016-04-08 03:53:34 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2016-04-08 03:53:34 +0200 |
commit | 46e818ebbc5446b4215ad9524089d9b2dc91cbd3 (patch) | |
tree | 13d7021f55991559d17f3eb51e7ffb8957d093e5 /krebs | |
parent | 827f1790803bda906ed71c56138cfdbf108ee730 (diff) |
retiolum: don't hardcode routing prefixes
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/3modules/lass/default.nix | 46 | ||||
-rw-r--r-- | krebs/3modules/makefu/default.nix | 126 | ||||
-rw-r--r-- | krebs/3modules/miefda/default.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/mv/default.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/retiolum.nix | 83 | ||||
-rw-r--r-- | krebs/3modules/shared/default.nix | 10 | ||||
-rw-r--r-- | krebs/3modules/tv/default.nix | 74 | ||||
-rw-r--r-- | krebs/4lib/types.nix | 48 |
8 files changed, 199 insertions, 196 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix index 3d54900e4..b4686894e 100644 --- a/krebs/3modules/lass/default.nix +++ b/krebs/3modules/lass/default.nix @@ -8,15 +8,15 @@ with config.krebs.lib; cores = 4; nets = rec { internet = { - addrs4 = ["144.76.172.188"]; + ip4.addr = "144.76.172.188"; aliases = [ "dishfire.internet" ]; }; retiolum = { via = internet; - addrs4 = ["10.243.133.99"]; - addrs6 = ["42:0000:0000:0000:0000:0000:d15f:1233"]; + ip4.addr = "10.243.133.99"; + ip6.addr = "42:0000:0000:0000:0000:0000:d15f:1233"; aliases = [ "dishfire.retiolum" "dishfire.r" @@ -40,15 +40,15 @@ with config.krebs.lib; cores = 2; nets = rec { internet = { - addrs4 = ["162.252.241.33"]; + ip4.addr = "162.252.241.33"; aliases = [ "echelon.internet" ]; }; retiolum = { via = internet; - addrs4 = ["10.243.206.103"]; - addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f763"]; + ip4.addr = "10.243.206.103"; + ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f763"; aliases = [ "echelon.retiolum" "echelon.r" @@ -75,15 +75,15 @@ with config.krebs.lib; cores = 4; nets = rec { internet = { - addrs4 = ["213.239.205.240"]; + ip4.addr = "213.239.205.240"; aliases = [ "prism.internet" ]; }; retiolum = { via = internet; - addrs4 = ["10.243.0.103"]; - addrs6 = ["42:0000:0000:0000:0000:0000:0000:15ab"]; + ip4.addr = "10.243.0.103"; + ip6.addr = "42:0000:0000:0000:0000:0000:0000:15ab"; aliases = [ "prism.retiolum" "prism.r" @@ -107,15 +107,15 @@ with config.krebs.lib; fastpoke = { nets = rec { internet = { - addrs4 = ["193.22.164.36"]; + ip4.addr = "193.22.164.36"; aliases = [ "fastpoke.internet" ]; }; retiolum = { via = internet; - addrs4 = ["10.243.253.152"]; - addrs6 = ["42:422a:194f:ff3b:e196:2f82:5cf5:bc00"]; + ip4.addr = "10.243.253.152"; + ip6.addr = "42:422a:194f:ff3b:e196:2f82:5cf5:bc00"; aliases = [ "fastpoke.retiolum" "fastpoke.r" @@ -139,15 +139,15 @@ with config.krebs.lib; cores = 1; nets = rec { internet = { - addrs4 = ["104.167.113.104"]; + ip4.addr = "104.167.113.104"; aliases = [ "cloudkrebs.internet" ]; }; retiolum = { via = internet; - addrs4 = ["10.243.206.102"]; - addrs6 = ["42:941e:2816:35f4:5c5e:206b:3f0b:f762"]; + ip4.addr = "10.243.206.102"; + ip6.addr = "42:941e:2816:35f4:5c5e:206b:3f0b:f762"; aliases = [ "cloudkrebs.retiolum" "cloudkrebs.r" @@ -172,12 +172,12 @@ with config.krebs.lib; cores = 1; nets = { gg23 = { - addrs4 = ["10.23.1.12"]; + ip4.addr = "10.23.1.12"; aliases = ["uriel.gg23"]; }; retiolum = { - addrs4 = ["10.243.81.176"]; - addrs6 = ["42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"]; + ip4.addr = "10.243.81.176"; + ip6.addr = "42:dc25:60cf:94ef:759b:d2b6:98a9:2e56"; aliases = [ "uriel.retiolum" "uriel.r" @@ -203,12 +203,12 @@ with config.krebs.lib; cores = 2; nets = { gg23 = { - addrs4 = ["10.23.1.11"]; + ip4.addr = "10.23.1.11"; aliases = ["mors.gg23"]; }; retiolum = { - addrs4 = ["10.243.0.2"]; - addrs6 = ["42:0:0:0:0:0:0:dea7"]; + ip4.addr = "10.243.0.2"; + ip6.addr = "42:0:0:0:0:0:0:dea7"; aliases = [ "mors.retiolum" "mors.r" @@ -234,8 +234,8 @@ with config.krebs.lib; cores = 2; nets = { retiolum = { - addrs4 = ["10.243.0.3"]; - addrs6 = ["42:0:0:0:0:0:0:7105"]; + ip4.addr = "10.243.0.3"; + ip6.addr = "42:0:0:0:0:0:0:7105"; aliases = [ "helios.retiolum" "helios.r" diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index bd7c0db48..b93b34d24 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -8,8 +8,8 @@ with config.krebs.lib; cores = 1; nets = { retiolum = { - addrs4 = ["10.243.0.210"]; - addrs6 = ["42:f9f1:0000:0000:0000:0000:0000:0001"]; + ip4.addr = "10.243.0.210"; + ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0001"; aliases = [ "pnp.retiolum" "cgit.pnp.retiolum" @@ -31,8 +31,8 @@ with config.krebs.lib; cores = 4; nets = { retiolum = { - addrs4 = ["10.243.0.84"]; - addrs6 = ["42:ff6b:5f0b:460d:2cee:4d05:73f7:5566"]; + ip4.addr = "10.243.0.84"; + ip6.addr = "42:ff6b:5f0b:460d:2cee:4d05:73f7:5566"; aliases = [ "darth.retiolum" "darth.r" @@ -54,8 +54,8 @@ with config.krebs.lib; cores = 1; nets = { retiolum = { - addrs4 = ["10.243.0.212"]; - addrs6 = ["42:f9f1:0000:0000:0000:0000:0000:0002"]; + ip4.addr = "10.243.0.212"; + ip6.addr = "42:f9f1:0000:0000:0000:0000:0000:0002"; aliases = [ "tsp.retiolum" ]; @@ -81,8 +81,8 @@ with config.krebs.lib; cores = 2; nets = { retiolum = { - addrs4 = ["10.243.0.91"]; - addrs6 = ["42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"]; + ip4.addr = "10.243.0.91"; + ip6.addr = "42:0b2c:d90e:e717:03dc:9ac1:7c30:a4db"; aliases = [ "pornocauster.retiolum" "pornocauster.r" @@ -108,8 +108,8 @@ with config.krebs.lib; cores = 2; nets = { retiolum = { - addrs4 = ["10.243.1.91"]; - addrs6 = ["42:0b2c:d90e:e717:03dd:9ac1:0000:a400"]; + ip4.addr = "10.243.1.91"; + ip6.addr = "42:0b2c:d90e:e717:03dd:9ac1:0000:a400"; aliases = [ "vbob.retiolum" ]; @@ -135,22 +135,22 @@ with config.krebs.lib; extraZones = { "krebsco.de" = '' euer IN MX 1 aspmx.l.google.com. - pigstarter IN A ${head nets.internet.addrs4} - gold IN A ${head nets.internet.addrs4} - boot IN A ${head nets.internet.addrs4} + pigstarter IN A ${nets.internet.ip4.addr} + gold IN A ${nets.internet.ip4.addr} + boot IN A ${nets.internet.ip4.addr} ''; }; nets = { internet = { - addrs4 = ["192.40.56.122"]; - addrs6 = ["2604:2880::841f:72c"]; + ip4.addr = "192.40.56.122"; + ip6.addr = "2604:2880::841f:72c"; aliases = [ "pigstarter.internet" ]; }; retiolum = { - addrs4 = ["10.243.0.153"]; - addrs6 = ["42:9143:b4c0:f981:6030:7aa2:8bc5:4110"]; + ip4.addr = "10.243.0.153"; + ip6.addr = "42:9143:b4c0:f981:6030:7aa2:8bc5:4110"; aliases = [ "pigstarter.retiolum" ]; @@ -171,18 +171,18 @@ with config.krebs.lib; cores = 1; extraZones = { "krebsco.de" = '' - euer IN A ${head nets.internet.addrs4} - wiki.euer IN A ${head nets.internet.addrs4} - wry IN A ${head nets.internet.addrs4} + euer IN A ${nets.internet.ip4.addr} + wiki.euer IN A ${nets.internet.ip4.addr} + wry IN A ${nets.internet.ip4.addr} io IN NS wry.krebsco.de. - graphs IN A ${head nets.internet.addrs4} - paste 60 IN A ${head nets.internet.addrs4} - tinc IN A ${head nets.internet.addrs4} + graphs IN A ${nets.internet.ip4.addr} + paste 60 IN A ${nets.internet.ip4.addr} + tinc IN A ${nets.internet.ip4.addr} ''; }; nets = rec { internet = { - addrs4 = ["104.233.87.86"]; + ip4.addr = "104.233.87.86"; aliases = [ "wry.internet" "paste.internet" @@ -190,8 +190,8 @@ with config.krebs.lib; }; retiolum = { via = internet; - addrs4 = ["10.243.29.169"]; - addrs6 = ["42:6e1e:cc8a:7cef:827:f938:8c64:baad"]; + ip4.addr = "10.243.29.169"; + ip6.addr = "42:6e1e:cc8a:7cef:827:f938:8c64:baad"; aliases = [ "graphs.wry.retiolum" "graphs.retiolum" @@ -228,8 +228,8 @@ with config.krebs.lib; nets = { retiolum = { - addrs4 = ["10.243.153.102"]; - addrs6 = ["42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"]; + ip4.addr = "10.243.153.102"; + ip6.addr = "42:4b0b:d990:55ba:8da8:630f:dc0e:aae0"; aliases = [ "filepimp.retiolum" ]; @@ -252,8 +252,8 @@ with config.krebs.lib; nets = { retiolum = { - addrs4 = ["10.243.0.89"]; - addrs6 = ["42:f9f0::10"]; + ip4.addr = "10.243.0.89"; + ip6.addr = "42:f9f0::10"; aliases = [ "omo.retiolum" "omo.r" @@ -277,8 +277,8 @@ with config.krebs.lib; cores = 1; nets = { retiolum = { - addrs4 = ["10.243.214.15"]; - addrs6 = ["42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"]; + ip4.addr = "10.243.214.15"; + ip6.addr = "42:5a02:2c30:c1b1:3f2e:7c19:2496:a732"; aliases = [ "wbob.retiolum" ]; @@ -301,24 +301,24 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB extraZones = { "krebsco.de" = '' - share.euer IN A ${head nets.internet.addrs4} - mattermost.euer IN A ${head nets.internet.addrs4} - git.euer IN A ${head nets.internet.addrs4} - gum IN A ${head nets.internet.addrs4} - cgit.euer IN A ${head nets.internet.addrs4} + share.euer IN A ${nets.internet.ip4.addr} + mattermost.euer IN A ${nets.internet.ip4.addr} + git.euer IN A ${nets.internet.ip4.addr} + gum IN A ${nets.internet.ip4.addr} + cgit.euer IN A ${nets.internet.ip4.addr} ''; }; nets = rec { internet = { - addrs4 = ["195.154.108.70"]; + ip4.addr = "195.154.108.70"; aliases = [ "gum.internet" ]; }; retiolum = { via = internet; - addrs4 = ["10.243.0.211"]; - addrs6 = ["42:f9f0:0000:0000:0000:0000:0000:70d2"]; + ip4.addr = "10.243.0.211"; + ip6.addr = "42:f9f0:0000:0000:0000:0000:0000:70d2"; aliases = [ "gum.r" "gum.retiolum" @@ -346,20 +346,20 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; extraZones = { "krebsco.de" = '' - mediengewitter IN A ${head nets.internet.addrs4} - flap IN A ${head nets.internet.addrs4} + mediengewitter IN A ${nets.internet.ip4.addr} + flap IN A ${nets.internet.ip4.addr} ''; }; nets = { internet = { - addrs4 = ["162.248.11.162"]; + ip4.addr = "162.248.11.162"; aliases = [ "flap.internet" ]; }; retiolum = { - addrs4 = ["10.243.211.172"]; - addrs6 = ["42:472a:3d01:bbe4:4425:567e:592b:065d"]; + ip4.addr = "10.243.211.172"; + ip6.addr = "42:472a:3d01:bbe4:4425:567e:592b:065d"; aliases = [ "flap.retiolum" "flap.r" @@ -382,8 +382,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { retiolum = { - addrs4 = ["10.243.231.219"]; - addrs6 = ["42:f7bf:178d:4b68:1c1b:42e8:6b27:6a72"]; + ip4.addr = "10.243.231.219"; + ip6.addr = "42:f7bf:178d:4b68:1c1b:42e8:6b27:6a72"; aliases = [ "nukular.r" ]; @@ -405,8 +405,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { retiolum = { - addrs4 = ["10.243.124.21"]; - addrs6 = ["42:9898:a8be:ce56:0ee3:b99c:42c5:109e"]; + ip4.addr = "10.243.124.21"; + ip6.addr = "42:9898:a8be:ce56:0ee3:b99c:42c5:109e"; aliases = [ "heidi.r" ]; @@ -428,7 +428,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { retiolum = { - addrs4 = ["10.243.69.184"]; + ip4.addr = "10.243.69.184"; aliases = [ "soundflower.r" ]; @@ -450,7 +450,7 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { retiolum = { - addrs4 = ["10.243.120.19"]; + ip4.addr = "10.243.120.19"; aliases = [ "falk.r" ]; @@ -472,8 +472,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 4; nets = { retiolum = { - addrs4 = ["10.243.189.130"]; - addrs6 = ["42:c64e:011f:9755:31e1:c3e6:73c0:af2d"]; + ip4.addr = "10.243.189.130"; + ip6.addr = "42:c64e:011f:9755:31e1:c3e6:73c0:af2d"; aliases = [ "filebitch.r" ]; @@ -495,8 +495,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { retiolum = { - addrs4 = ["10.243.26.29"]; - addrs6 = ["42:927a:3d59:1cb3:29d6:1a08:78d3:812e"]; + ip4.addr = "10.243.26.29"; + ip6.addr = "42:927a:3d59:1cb3:29d6:1a08:78d3:812e"; aliases = [ "excobridge.r" ]; @@ -518,14 +518,14 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { internet = { - addrs4 = ["148.251.47.69"]; + ip4.addr = "148.251.47.69"; aliases = [ "wooki.internet" ]; }; retiolum = { - addrs4 = ["10.243.57.85"]; - addrs6 = ["42:2f06:b899:a3b5:1dcf:51a4:a02b:8731"]; + ip4.addr = "10.243.57.85"; + ip6.addr = "42:2f06:b899:a3b5:1dcf:51a4:a02b:8731"; aliases = [ "wooki.r" ]; @@ -547,8 +547,8 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 2; nets = { retiolum = { - addrs4 = ["10.243.0.163"]; - addrs6 = ["42:b67b:5752:a730:5f28:d80d:6b37:5bda/128"]; + ip4.addr = "10.243.0.163"; + ip6.addr = "42:b67b:5752:a730:5f28:d80d:6b37:5bda/128"; aliases = [ "senderechner.r" ]; @@ -570,14 +570,14 @@ TNs2RYfwDy/r6H/hDeB/BSngPouedEVcPwIDAQAB cores = 1; nets = { internet = { - addrs4 = ["217.160.206.154"]; + ip4.addr = "217.160.206.154"; aliases = [ "muhbaasu.internet" ]; }; retiolum = { - addrs4 = ["10.243.139.184"]; - addrs6 = ["42:d568:6106:ba30:753b:0f2a:8225:b1fb"]; + ip4.addr = "10.243.139.184"; + ip6.addr = "42:d568:6106:ba30:753b:0f2a:8225:b1fb"; aliases = [ "muhbaasu.r" ]; diff --git a/krebs/3modules/miefda/default.nix b/krebs/3modules/miefda/default.nix index 9a5866294..a03f7ff4d 100644 --- a/krebs/3modules/miefda/default.nix +++ b/krebs/3modules/miefda/default.nix @@ -8,8 +8,8 @@ with config.krebs.lib; cores = 4; nets = { retiolum = { - addrs4 = ["10.243.111.112"]; - addrs6 = ["42:0:0:0:0:0:111:112"]; + ip4.addr = "10.243.111.112"; + ip6.addr = "42:0:0:0:0:0:111:112"; aliases = [ "bobby.retiolum" "cgit.bobby.retiolum" diff --git a/krebs/3modules/mv/default.nix b/krebs/3modules/mv/default.nix index 3b4001e7a..20118c61f 100644 --- a/krebs/3modules/mv/default.nix +++ b/krebs/3modules/mv/default.nix @@ -8,8 +8,8 @@ with config.krebs.lib; cores = 4; nets = { retiolum = { - addrs4 = ["10.243.111.111"]; - addrs6 = ["42:0:0:0:0:0:111:111"]; + ip4.addr = "10.243.111.111"; + ip6.addr = "42:0:0:0:0:0:111:111"; aliases = [ "stro.retiolum" "cgit.stro.retiolum" diff --git a/krebs/3modules/retiolum.nix b/krebs/3modules/retiolum.nix index 61b4473e1..fe4dbd50c 100644 --- a/krebs/3modules/retiolum.nix +++ b/krebs/3modules/retiolum.nix @@ -11,26 +11,13 @@ let api = { enable = mkEnableOption "krebs.retiolum"; - name = mkOption { - type = types.str; - default = config.networking.hostName; - # Description stolen from tinc.conf(5). - description = '' - This is the name which identifies this tinc daemon. It must - be unique for the virtual private network this daemon will - connect to. The Name may only consist of alphanumeric and - underscore characters. If Name starts with a $, then the - contents of the environment variable that follows will be - used. In that case, invalid characters will be converted to - underscores. If Name is $HOST, but no such environment - variable exist, the hostname will be read using the - gethostnname() system call This is the name which identifies - the this tinc daemon. - ''; + host = mkOption { + type = types.host; + default = config.krebs.build.host; }; netname = mkOption { - type = types.str; + type = types.hostname; default = "retiolum"; description = '' The tinc network name. @@ -157,46 +144,34 @@ let uid = genid name; }; + net = cfg.host.nets.${cfg.netname}; + tinc = cfg.tincPackage; iproute = cfg.iproutePackage; - confDir = pkgs.runCommand "retiolum" { - # TODO text - executable = true; - preferLocalBuild = true; - } '' - set -euf - - mkdir -p $out - - ln -s ${cfg.hostsPackage} $out/hosts - - cat > $out/tinc.conf <<EOF - Name = ${cfg.name} - Device = /dev/net/tun - Interface = ${cfg.netname} - ${concatStrings (map (c : "ConnectTo = " + c + "\n") cfg.connectTo)} - PrivateKeyFile = /tmp/retiolum-rsa_key.priv - ${cfg.extraConfig} - EOF - - # source: krebscode/painload/retiolum/scripts/tinc_setup/tinc-up - cat > $out/tinc-up <<EOF - host=$out/hosts/${cfg.name} - ${iproute}/sbin/ip link set \$INTERFACE up - - addr4=\$(sed -n 's|^ *Subnet *= *\(10[.][^ ]*\) *$|\1|p' \$host) - if [ -n "\$addr4" ];then - ${iproute}/sbin/ip -4 addr add \$addr4 dev \$INTERFACE - ${iproute}/sbin/ip -4 route add 10.243.0.0/16 dev \$INTERFACE - fi - addr6=\$(sed -n 's|^ *Subnet *= *\(42[:][^ ]*\) *$|\1|p' \$host) - ${iproute}/sbin/ip -6 addr add \$addr6 dev \$INTERFACE - ${iproute}/sbin/ip -6 route add 42::/16 dev \$INTERFACE - EOF - - chmod +x $out/tinc-up - ''; + confDir = let + namePathPair = name: path: { inherit name path; }; + in pkgs.linkFarm "${cfg.netname}-etc-tinc" (mapAttrsToList namePathPair { + "hosts" = cfg.hostsPackage; + "tinc.conf" = pkgs.writeText "${cfg.netname}-tinc.conf" '' + Name = ${cfg.host.name} + Interface = ${cfg.netname} + ${concatStrings (map (c: "ConnectTo = ${c}\n") cfg.connectTo)} + PrivateKeyFile = /tmp/retiolum-rsa_key.priv + ${cfg.extraConfig} + ''; + "tinc-up" = pkgs.writeScript "${cfg.netname}-tinc-up" '' + ${iproute}/sbin/ip link set ${cfg.netname} up + ${optionalString (net.ip4 != null) '' + ${iproute}/sbin/ip -4 addr add ${net.ip4.addr} dev ${cfg.netname} + ${iproute}/sbin/ip -4 route add ${net.ip4.prefix} dev ${cfg.netname} + ''} + ${optionalString (net.ip6 != null) '' + ${iproute}/sbin/ip -6 addr add ${net.ip6.addr} dev ${cfg.netname} + ${iproute}/sbin/ip -6 route add ${net.ip6.prefix} dev ${cfg.netname} + ''} + ''; + }); in out diff --git a/krebs/3modules/shared/default.nix b/krebs/3modules/shared/default.nix index ccd15b569..47767d370 100644 --- a/krebs/3modules/shared/default.nix +++ b/krebs/3modules/shared/default.nix @@ -12,8 +12,8 @@ let cores = 1; nets = { retiolum = { - addrs4 = ["10.243.111.111"]; - addrs6 = ["42:0:0:0:0:0:0:7357"]; + ip4.addr = "10.243.111.111"; + ip6.addr = "42:0:0:0:0:0:0:7357"; aliases = [ "test.r" "test.retiolum" @@ -36,7 +36,7 @@ in { wolf = { nets = { shack = { - addrs4 = [ "10.42.2.150" ]; + ip4.addr = "10.42.2.150" ; aliases = [ "wolf.shack" "graphite.shack" @@ -45,8 +45,8 @@ in { ]; }; retiolum = { - addrs4 = ["10.243.77.1"]; - addrs6 = ["42:0:0:0:0:0:77:1"]; + ip4.addr = "10.243.77.1"; + ip6.addr = "42:0:0:0:0:0:77:1"; aliases = [ "wolf.retiolum" "cgit.wolf.retiolum" diff --git a/krebs/3modules/tv/default.nix b/krebs/3modules/tv/default.nix index f0f0c5e79..b0f0ce547 100644 --- a/krebs/3modules/tv/default.nix +++ b/krebs/3modules/tv/default.nix @@ -13,15 +13,15 @@ with config.krebs.lib; # TODO generate krebsco.de zone from nets and don't use extraZones at all "krebsco.de" = '' krebsco.de. 60 IN MX 5 mx23 - mx23 60 IN A ${elemAt nets.internet.addrs4 0} - cd 60 IN A ${elemAt nets.internet.addrs4 0} - cgit 60 IN A ${elemAt nets.internet.addrs4 0} - cgit.cd 60 IN A ${elemAt nets.internet.addrs4 0} + mx23 60 IN A ${nets.internet.ip4.addr} + cd 60 IN A ${nets.internet.ip4.addr} + cgit 60 IN A ${nets.internet.ip4.addr} + cgit.cd 60 IN A ${nets.internet.ip4.addr} ''; }; nets = rec { internet = { - addrs4 = ["162.219.7.216"]; + ip4.addr = "162.219.7.216"; aliases = [ "cd.i" "cd.internet" @@ -34,8 +34,8 @@ with config.krebs.lib; }; retiolum = { via = internet; - addrs4 = ["10.243.113.222"]; - addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af3"]; + ip4.addr = "10.243.113.222"; + ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af3"; aliases = [ "cd.r" "cd.retiolum" @@ -66,7 +66,7 @@ with config.krebs.lib; cores = 2; nets = rec { internet = { - addrs4 = ["45.62.237.203"]; + ip4.addr = "45.62.237.203"; aliases = [ "doppelbock.i" "doppelbock.internet" @@ -74,8 +74,8 @@ with config.krebs.lib; }; retiolum = { via = internet; - addrs4 = ["10.243.113.224"]; - addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af5"]; + ip4.addr = "10.243.113.224"; + ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af5"; aliases = [ "doppelbock.r" "doppelbock.retiolum" @@ -101,7 +101,7 @@ with config.krebs.lib; cores = 1; nets = rec { internet = { - addrs4 = ["104.167.114.142"]; + ip4.addr = "104.167.114.142"; aliases = [ "mkdir.i" "mkdir.internet" @@ -109,8 +109,8 @@ with config.krebs.lib; }; retiolum = { via = internet; - addrs4 = ["10.243.113.223"]; - addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af4"]; + ip4.addr = "10.243.113.223"; + ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af4"; aliases = [ "mkdir.r" "mkdir.retiolum" @@ -136,12 +136,12 @@ with config.krebs.lib; extraZones = { # TODO generate krebsco.de zone from nets and don't use extraZones at all "krebsco.de" = '' - ire 60 IN A ${elemAt nets.internet.addrs4 0} + ire 60 IN A ${nets.internet.ip4.addr} ''; }; nets = rec { internet = { - addrs4 = ["198.147.22.115"]; + ip4.addr = "198.147.22.115"; aliases = [ "ire.i" "ire.internet" @@ -151,8 +151,8 @@ with config.krebs.lib; }; retiolum = { via = internet; - addrs4 = ["10.243.231.66"]; - addrs6 = ["42:b912:0f42:a82d:0d27:8610:e89b:490c"]; + ip4.addr = "10.243.231.66"; + ip6.addr = "42:b912:0f42:a82d:0d27:8610:e89b:490c"; aliases = [ "ire.r" "ire.retiolum" @@ -175,7 +175,7 @@ with config.krebs.lib; kaepsele = { nets = { internet = { - addrs4 = ["92.222.10.169"]; + ip4.addr = "92.222.10.169"; aliases = [ "kaepsele.i" "kaepsele.internet" @@ -183,8 +183,8 @@ with config.krebs.lib; ]; }; retiolum = { - addrs4 = ["10.243.166.2"]; - addrs6 = ["42:0b9d:6660:d07c:2bb7:4e91:1a01:2e7d"]; + ip4.addr = "10.243.166.2"; + ip6.addr = "42:0b9d:6660:d07c:2bb7:4e91:1a01:2e7d"; aliases = [ "kaepsele.r" "kaepsele.retiolum" @@ -207,8 +207,8 @@ with config.krebs.lib; cores = 2; nets = { retiolum = { - addrs4 = ["10.243.20.1"]; - addrs6 = ["42:0:0:0:0:0:0:2001"]; + ip4.addr = "10.243.20.1"; + ip6.addr = "42:0:0:0:0:0:0:2001"; aliases = [ "mu.r" "mu.retiolum" @@ -232,13 +232,13 @@ with config.krebs.lib; cores = 2; nets = rec { gg23 = { - addrs4 = ["10.23.1.110"]; + ip4.addr = "10.23.1.110"; aliases = ["nomic.gg23"]; ssh.port = 11423; }; retiolum = { - addrs4 = ["10.243.0.110"]; - addrs6 = ["42:02d5:733f:d6da:c0f5:2bb7:2b18:09ec"]; + ip4.addr = "10.243.0.110"; + ip6.addr = "42:02d5:733f:d6da:c0f5:2bb7:2b18:09ec"; aliases = [ "nomic.r" "nomic.retiolum" @@ -264,7 +264,7 @@ with config.krebs.lib; ok = { nets = { gg23 = { - addrs4 = ["10.23.1.1"]; + ip4.addr = "10.23.1.1"; aliases = ["ok.gg23"]; }; }; @@ -273,7 +273,7 @@ with config.krebs.lib; cores = 1; nets = rec { internet = { - addrs4 = ["167.88.34.182"]; + ip4.addr = "167.88.34.182"; aliases = [ "rmdir.i" "rmdir.internet" @@ -281,8 +281,8 @@ with config.krebs.lib; }; retiolum = { via = internet; - addrs4 = ["10.243.113.224"]; - addrs6 = ["42:4522:25f8:36bb:8ccb:0150:231a:2af5"]; + ip4.addr = "10.243.113.224"; + ip6.addr = "42:4522:25f8:36bb:8ccb:0150:231a:2af5"; aliases = [ "rmdir.r" "rmdir.retiolum" @@ -307,7 +307,7 @@ with config.krebs.lib; schnabeldrucker = { nets = { gg23 = { - addrs4 = ["10.23.1.21"]; + ip4.addr = "10.23.1.21"; aliases = ["schnabeldrucker.gg23"]; }; }; @@ -315,7 +315,7 @@ with config.krebs.lib; schnabelscanner = { nets = { gg23 = { - addrs4 = ["10.23.1.22"]; + ip4.addr = "10.23.1.22"; aliases = ["schnabelscanner.gg23"]; }; }; @@ -324,7 +324,7 @@ with config.krebs.lib; cores = 4; nets = { gg23 = { - addrs4 = ["10.23.1.37"]; + ip4.addr = "10.23.1.37"; aliases = [ "wu.gg23" "cache.wu.gg23" @@ -332,8 +332,8 @@ with config.krebs.lib; ssh.port = 11423; }; retiolum = { - addrs4 = ["10.243.13.37"]; - addrs6 = ["42:0:0:0:0:0:0:1337"]; + ip4.addr = "10.243.13.37"; + ip6.addr = "42:0:0:0:0:0:0:1337"; aliases = [ "wu.r" "wu.retiolum" @@ -360,13 +360,13 @@ with config.krebs.lib; cores = 4; nets = { gg23 = { - addrs4 = ["10.23.1.38"]; + ip4.addr = "10.23.1.38"; aliases = ["xu.gg23"]; ssh.port = 11423; }; retiolum = { - addrs4 = ["10.243.13.38"]; - addrs6 = ["42:0:0:0:0:0:0:1338"]; + ip4.addr = "10.243.13.38"; + ip6.addr = "42:0:0:0:0:0:0:1338"; aliases = [ "xu.r" "xu.retiolum" diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix index 7255dc3e1..24b4e14b1 100644 --- a/krebs/4lib/types.nix +++ b/krebs/4lib/types.nix @@ -63,28 +63,56 @@ types // rec { net = submodule ({ config, ... }: { options = { + name = mkOption { + type = label; + default = config._module.args.name; + }; via = mkOption { type = nullOr net; default = null; }; addrs = mkOption { type = listOf addr; - default = config.addrs4 ++ config.addrs6; - # TODO only default addrs make sense - }; - addrs4 = mkOption { - type = listOf addr4; - default = []; - }; - addrs6 = mkOption { - type = listOf addr6; - default = []; + default = + optional (config.ip4 != null) config.ip4.addr ++ + optional (config.ip6 != null) config.ip6.addr; + readOnly = true; }; aliases = mkOption { # TODO nonEmptyListOf hostname type = listOf hostname; default = []; }; + ip4 = mkOption { + type = nullOr (submodule { + options = { + addr = mkOption { + type = addr4; + }; + prefix = mkOption ({ + type = str; # TODO routing prefix (CIDR) + } // optionalAttrs (config.name == "retiolum") { + default = "10.243.0.0/16"; + }); + }; + }); + default = null; + }; + ip6 = mkOption { + type = nullOr (submodule { + options = { + addr = mkOption { + type = addr6 |