From c08bc17cc0ca37557a4b43f3ef2e1bcf8a1db2c0 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Wed, 5 Apr 2023 14:06:59 +0200 Subject: Adapt prod config to new parameters --- cluster/prod/site/bespin.nix | 10 +++------- cluster/prod/site/neptune.nix | 12 ++++-------- cluster/prod/site/orion.nix | 17 +++++++++-------- cluster/prod/site/scorpio.nix | 12 ++++-------- 4 files changed, 20 insertions(+), 31 deletions(-) (limited to 'cluster/prod/site') diff --git a/cluster/prod/site/bespin.nix b/cluster/prod/site/bespin.nix index de39f85..3c9a668 100644 --- a/cluster/prod/site/bespin.nix +++ b/cluster/prod/site/bespin.nix @@ -1,13 +1,9 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "bespin"; - deuxfleurs.lan_default_gateway = "192.168.5.254"; - deuxfleurs.ipv6_default_gateway = "2a02:a03f:6510:5102::1"; - deuxfleurs.lan_ip_prefix_length = 24; - deuxfleurs.ipv6_prefix_length = 64; - deuxfleurs.nameservers = [ "192.168.5.254" ]; - deuxfleurs.cname_target = "bespin.site.deuxfleurs.fr."; + deuxfleurs.siteName = "bespin"; + deuxfleurs.staticIPv4.defaultGateway = "192.168.5.254"; + deuxfleurs.cnameTarget = "bespin.site.deuxfleurs.fr."; networking.firewall.allowedTCPPorts = [ 80 443 ]; } diff --git a/cluster/prod/site/neptune.nix b/cluster/prod/site/neptune.nix index a4aac6d..81495c6 100644 --- a/cluster/prod/site/neptune.nix +++ b/cluster/prod/site/neptune.nix @@ -1,14 +1,10 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "neptune"; - deuxfleurs.lan_default_gateway = "192.168.1.1"; - deuxfleurs.ipv6_default_gateway = "2001:910:1204:1::1"; - deuxfleurs.lan_ip_prefix_length = 24; - deuxfleurs.ipv6_prefix_length = 64; - deuxfleurs.nameservers = [ "192.168.1.1" ]; - deuxfleurs.cname_target = "neptune.site.deuxfleurs.fr."; - deuxfleurs.public_ipv4 = "77.207.15.215"; + deuxfleurs.siteName = "neptune"; + deuxfleurs.staticIPv4.defaultGateway = "192.168.1.1"; + deuxfleurs.cnameTarget = "neptune.site.deuxfleurs.fr."; + deuxfleurs.publicIPv4 = "77.207.15.215"; networking.firewall.allowedTCPPorts = [ 80 443 ]; } diff --git a/cluster/prod/site/orion.nix b/cluster/prod/site/orion.nix index fb4ba22..5f6c33e 100644 --- a/cluster/prod/site/orion.nix +++ b/cluster/prod/site/orion.nix @@ -1,14 +1,15 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "orion"; - deuxfleurs.lan_default_gateway = "192.168.1.254"; - deuxfleurs.ipv6_default_gateway = "2a01:e0a:28f:5e60::1"; - deuxfleurs.lan_ip_prefix_length = 24; - deuxfleurs.ipv6_prefix_length = 64; - deuxfleurs.nameservers = [ "192.168.1.254" ]; - deuxfleurs.cname_target = "orion.site.deuxfleurs.fr."; - deuxfleurs.public_ipv4 = "82.66.80.201"; + deuxfleurs.siteName = "orion"; + deuxfleurs.staticIPv4.defaultGateway = "192.168.1.254"; + # Setting an IPv6 default gateway will disable RA for now. + # Adding this for now as Orion has the mail servers and we are + # not yet confident we can disable this without getting ourselves + # banned by sending from unwanted IPs (although it should be ok). + deuxfleurs.staticIPv6.defaultGateway = "2a01:e0a:28f:5e60::1"; + deuxfleurs.cnameTarget = "orion.site.deuxfleurs.fr."; + deuxfleurs.publicIPv4 = "82.66.80.201"; networking.firewall.allowedTCPPorts = [ 80 443 ]; } diff --git a/cluster/prod/site/scorpio.nix b/cluster/prod/site/scorpio.nix index b58e25c..b1e0f20 100644 --- a/cluster/prod/site/scorpio.nix +++ b/cluster/prod/site/scorpio.nix @@ -1,14 +1,10 @@ { config, pkgs, ... }: { - deuxfleurs.site_name = "scorpio"; - deuxfleurs.lan_default_gateway = "192.168.1.254"; - deuxfleurs.ipv6_default_gateway = "2a01:e0a:e4:2dd0::1"; - deuxfleurs.lan_ip_prefix_length = 24; - deuxfleurs.ipv6_prefix_length = 64; - deuxfleurs.nameservers = [ "192.168.1.254" ]; - deuxfleurs.cname_target = "scorpio.site.deuxfleurs.fr."; - deuxfleurs.public_ipv4 = "82.65.41.110"; + deuxfleurs.siteName = "scorpio"; + deuxfleurs.staticIPv4.defaultGateway = "192.168.1.254"; + deuxfleurs.cnameTarget = "scorpio.site.deuxfleurs.fr."; + deuxfleurs.publicIPv4 = "82.65.41.110"; networking.firewall.allowedTCPPorts = [ 80 443 ]; } -- cgit v1.2.3