From 6dc92812997e99e12ae5fcab3bda65f056a74edb Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 25 Feb 2022 17:52:17 +0100 Subject: Add remote LUKS unlocking configuration --- cluster/prod/node/celeri.nix | 10 +++------- cluster/prod/node/concombre.nix | 10 +++------- cluster/prod/node/courgette.nix | 10 +++------- cluster/prod/site/neptune.nix | 10 ++++------ cluster/staging/node/carcajou.nix | 10 +++------- cluster/staging/node/cariacou.nix | 10 +++------- cluster/staging/node/caribou.nix | 15 ++++++++------- cluster/staging/site/neptune.nix | 10 ++++------ 8 files changed, 31 insertions(+), 54 deletions(-) (limited to 'cluster') diff --git a/cluster/prod/node/celeri.nix b/cluster/prod/node/celeri.nix index 09de302..02a33c9 100644 --- a/cluster/prod/node/celeri.nix +++ b/cluster/prod/node/celeri.nix @@ -10,13 +10,9 @@ networking.hostName = "celeri"; - networking.interfaces.eno1.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "192.168.1.33"; - prefixLength = 24; - } - ]; + deuxfleurs.network_interface = "eno1"; + deuxfleurs.lan_ip = "192.168.1.33"; + networking.interfaces.eno1.ipv6.addresses = [ { address = "2a01:e0a:c:a720::33"; diff --git a/cluster/prod/node/concombre.nix b/cluster/prod/node/concombre.nix index f06e387..517dcf8 100644 --- a/cluster/prod/node/concombre.nix +++ b/cluster/prod/node/concombre.nix @@ -10,13 +10,9 @@ networking.hostName = "concombre"; - networking.interfaces.eno1.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "192.168.1.31"; - prefixLength = 24; - } - ]; + deuxfleurs.network_interface = "eno1"; + deuxfleurs.lan_ip = "192.168.1.31"; + networking.interfaces.eno1.ipv6.addresses = [ { address = "2a01:e0a:c:a720::31"; diff --git a/cluster/prod/node/courgette.nix b/cluster/prod/node/courgette.nix index e540de1..d34e7a5 100644 --- a/cluster/prod/node/courgette.nix +++ b/cluster/prod/node/courgette.nix @@ -10,13 +10,9 @@ networking.hostName = "courgette"; - networking.interfaces.eno1.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "192.168.1.32"; - prefixLength = 24; - } - ]; + deuxfleurs.network_interface = "eno1"; + deuxfleurs.lan_ip = "192.168.1.32"; + networking.interfaces.eno1.ipv6.addresses = [ { address = "2a01:e0a:c:a720::32"; diff --git a/cluster/prod/site/neptune.nix b/cluster/prod/site/neptune.nix index c0eb39e..900ddf0 100644 --- a/cluster/prod/site/neptune.nix +++ b/cluster/prod/site/neptune.nix @@ -1,11 +1,9 @@ { config, pkgs, ... }: { - networking.defaultGateway = { - address = "192.168.1.254"; - interface = "eno1"; - }; - networking.nameservers = [ "192.168.1.254" ]; - deuxfleurs.site_name = "neptune"; + deuxfleurs.lan_default_gateway = "192.168.1.254"; + deuxfleurs.lan_ip_prefix_length = 24; + + networking.nameservers = [ "192.168.1.254" ]; } diff --git a/cluster/staging/node/carcajou.nix b/cluster/staging/node/carcajou.nix index 82cd8f9..beff6a7 100644 --- a/cluster/staging/node/carcajou.nix +++ b/cluster/staging/node/carcajou.nix @@ -10,13 +10,9 @@ networking.hostName = "carcajou"; - networking.interfaces.eno1.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "192.168.1.22"; - prefixLength = 24; - } - ]; + deuxfleurs.network_interface = "eno1"; + deuxfleurs.lan_ip = "192.168.1.22"; + networking.interfaces.eno1.ipv6.addresses = [ { address = "2a01:e0a:c:a720::22"; diff --git a/cluster/staging/node/cariacou.nix b/cluster/staging/node/cariacou.nix index d9dbc93..430996c 100644 --- a/cluster/staging/node/cariacou.nix +++ b/cluster/staging/node/cariacou.nix @@ -10,13 +10,9 @@ networking.hostName = "cariacou"; - networking.interfaces.eno1.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "192.168.1.21"; - prefixLength = 24; - } - ]; + deuxfleurs.network_interface = "eno1"; + deuxfleurs.lan_ip = "192.168.1.21"; + networking.interfaces.eno1.ipv6.addresses = [ { address = "2a01:e0a:c:a720::21"; diff --git a/cluster/staging/node/caribou.nix b/cluster/staging/node/caribou.nix index 3be3cdc..7b785ef 100644 --- a/cluster/staging/node/caribou.nix +++ b/cluster/staging/node/caribou.nix @@ -3,6 +3,11 @@ { config, pkgs, ... }: { + imports = + [ + ./remote-unlock.nix + ]; + # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.timeout = 20; @@ -10,13 +15,9 @@ networking.hostName = "caribou"; - networking.interfaces.eno1.useDHCP = false; - networking.interfaces.eno1.ipv4.addresses = [ - { - address = "192.168.1.23"; - prefixLength = 24; - } - ]; + deuxfleurs.network_interface = "eno1"; + deuxfleurs.lan_ip = "192.168.1.23"; + networking.interfaces.eno1.ipv6.addresses = [ { address = "2a01:e0a:c:a720::23"; diff --git a/cluster/staging/site/neptune.nix b/cluster/staging/site/neptune.nix index ec8b052..5fed713 100644 --- a/cluster/staging/site/neptune.nix +++ b/cluster/staging/site/neptune.nix @@ -1,13 +1,11 @@ { config, pkgs, ... }: { - networking.defaultGateway = { - address = "192.168.1.254"; - interface = "eno1"; - }; - networking.nameservers = [ "192.168.1.254" ]; - deuxfleurs.site_name = "neptune"; + deuxfleurs.lan_default_gateway = "192.168.1.254"; + deuxfleurs.lan_ip_prefix_length = 24; + + networking.nameservers = [ "192.168.1.254" ]; networking.firewall.allowedTCPPorts = [ 80 443 ]; -- cgit v1.2.3