aboutsummaryrefslogtreecommitdiff
path: root/cluster/prod/site
diff options
context:
space:
mode:
Diffstat (limited to 'cluster/prod/site')
-rw-r--r--cluster/prod/site/bespin.nix10
-rw-r--r--cluster/prod/site/neptune.nix12
-rw-r--r--cluster/prod/site/orion.nix17
-rw-r--r--cluster/prod/site/scorpio.nix12
4 files changed, 20 insertions, 31 deletions
diff --git a/cluster/prod/site/bespin.nix b/cluster/prod/site/bespin.nix
index de39f85..3c9a668 100644
--- a/cluster/prod/site/bespin.nix
+++ b/cluster/prod/site/bespin.nix
@@ -1,13 +1,9 @@
{ config, pkgs, ... }:
{
- deuxfleurs.site_name = "bespin";
- deuxfleurs.lan_default_gateway = "192.168.5.254";
- deuxfleurs.ipv6_default_gateway = "2a02:a03f:6510:5102::1";
- deuxfleurs.lan_ip_prefix_length = 24;
- deuxfleurs.ipv6_prefix_length = 64;
- deuxfleurs.nameservers = [ "192.168.5.254" ];
- deuxfleurs.cname_target = "bespin.site.deuxfleurs.fr.";
+ deuxfleurs.siteName = "bespin";
+ deuxfleurs.staticIPv4.defaultGateway = "192.168.5.254";
+ deuxfleurs.cnameTarget = "bespin.site.deuxfleurs.fr.";
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
diff --git a/cluster/prod/site/neptune.nix b/cluster/prod/site/neptune.nix
index a4aac6d..81495c6 100644
--- a/cluster/prod/site/neptune.nix
+++ b/cluster/prod/site/neptune.nix
@@ -1,14 +1,10 @@
{ config, pkgs, ... }:
{
- deuxfleurs.site_name = "neptune";
- deuxfleurs.lan_default_gateway = "192.168.1.1";
- deuxfleurs.ipv6_default_gateway = "2001:910:1204:1::1";
- deuxfleurs.lan_ip_prefix_length = 24;
- deuxfleurs.ipv6_prefix_length = 64;
- deuxfleurs.nameservers = [ "192.168.1.1" ];
- deuxfleurs.cname_target = "neptune.site.deuxfleurs.fr.";
- deuxfleurs.public_ipv4 = "77.207.15.215";
+ deuxfleurs.siteName = "neptune";
+ deuxfleurs.staticIPv4.defaultGateway = "192.168.1.1";
+ deuxfleurs.cnameTarget = "neptune.site.deuxfleurs.fr.";
+ deuxfleurs.publicIPv4 = "77.207.15.215";
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
diff --git a/cluster/prod/site/orion.nix b/cluster/prod/site/orion.nix
index fb4ba22..5f6c33e 100644
--- a/cluster/prod/site/orion.nix
+++ b/cluster/prod/site/orion.nix
@@ -1,14 +1,15 @@
{ config, pkgs, ... }:
{
- deuxfleurs.site_name = "orion";
- deuxfleurs.lan_default_gateway = "192.168.1.254";
- deuxfleurs.ipv6_default_gateway = "2a01:e0a:28f:5e60::1";
- deuxfleurs.lan_ip_prefix_length = 24;
- deuxfleurs.ipv6_prefix_length = 64;
- deuxfleurs.nameservers = [ "192.168.1.254" ];
- deuxfleurs.cname_target = "orion.site.deuxfleurs.fr.";
- deuxfleurs.public_ipv4 = "82.66.80.201";
+ deuxfleurs.siteName = "orion";
+ deuxfleurs.staticIPv4.defaultGateway = "192.168.1.254";
+ # Setting an IPv6 default gateway will disable RA for now.
+ # Adding this for now as Orion has the mail servers and we are
+ # not yet confident we can disable this without getting ourselves
+ # banned by sending from unwanted IPs (although it should be ok).
+ deuxfleurs.staticIPv6.defaultGateway = "2a01:e0a:28f:5e60::1";
+ deuxfleurs.cnameTarget = "orion.site.deuxfleurs.fr.";
+ deuxfleurs.publicIPv4 = "82.66.80.201";
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
diff --git a/cluster/prod/site/scorpio.nix b/cluster/prod/site/scorpio.nix
index b58e25c..b1e0f20 100644
--- a/cluster/prod/site/scorpio.nix
+++ b/cluster/prod/site/scorpio.nix
@@ -1,14 +1,10 @@
{ config, pkgs, ... }:
{
- deuxfleurs.site_name = "scorpio";
- deuxfleurs.lan_default_gateway = "192.168.1.254";
- deuxfleurs.ipv6_default_gateway = "2a01:e0a:e4:2dd0::1";
- deuxfleurs.lan_ip_prefix_length = 24;
- deuxfleurs.ipv6_prefix_length = 64;
- deuxfleurs.nameservers = [ "192.168.1.254" ];
- deuxfleurs.cname_target = "scorpio.site.deuxfleurs.fr.";
- deuxfleurs.public_ipv4 = "82.65.41.110";
+ deuxfleurs.siteName = "scorpio";
+ deuxfleurs.staticIPv4.defaultGateway = "192.168.1.254";
+ deuxfleurs.cnameTarget = "scorpio.site.deuxfleurs.fr.";
+ deuxfleurs.publicIPv4 = "82.65.41.110";
networking.firewall.allowedTCPPorts = [ 80 443 ];
}