aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cluster/staging/site/neptune.nix4
-rw-r--r--nix/deuxfleurs.nix11
2 files changed, 14 insertions, 1 deletions
diff --git a/cluster/staging/site/neptune.nix b/cluster/staging/site/neptune.nix
index 3da3717..506da65 100644
--- a/cluster/staging/site/neptune.nix
+++ b/cluster/staging/site/neptune.nix
@@ -9,6 +9,10 @@
deuxfleurs.nameservers = [ "192.168.1.1" ];
deuxfleurs.cname_target = "neptune.site.staging.deuxfleurs.org.";
+ # no public ipv4 is used for the staging cluster on Neptune,
+ # because the Internet connection is already used for the prod cluster
+ # deuxfleurs.public_ipv4 = "77.207.15.215";
+
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.cron = {
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix
index 28161dc..7c7c6d3 100644
--- a/nix/deuxfleurs.nix
+++ b/nix/deuxfleurs.nix
@@ -90,9 +90,15 @@ in
description = "Site (availability zone) on which this node is deployed";
type = types.str;
};
+ public_ipv4 = mkOption {
+ description = "Public IPv4 through which this node is accessible (possibly after port opening using DiploNAT), for domain names that are updated by D53";
+ type = types.nullOr types.str;
+ default = null;
+ };
cname_target = mkOption {
- description = "DNS CNAME target to use for services hosted in this site, for domain names that are updated by DiploNAT";
+ description = "DNS CNAME target to use for services hosted in this site, for domain names that are updated by D53";
type = types.nullOr types.str;
+ default = null;
};
nameservers = mkOption {
description = "External DNS servers to use";
@@ -133,6 +139,9 @@ in
"site" = cfg.site_name;
"public_ipv6" = cfg.ipv6;
} //
+ (if cfg.public_ipv4 != null
+ then { "public_ipv4" = cfg.public_ipv4; }
+ else {}) //
(if cfg.cname_target != null
then { "cname_target" = cfg.cname_target; }
else {});