diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2024-11-18 20:59:28 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2024-11-18 20:59:28 +0100 |
commit | 25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf (patch) | |
tree | 17a20fe69f6a478c32c7257288fef6f781a44a3b /hosts/sif | |
parent | f805ce37981a699981ae25dfd1943dc3db33b90e (diff) | |
download | nixos-25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf.tar nixos-25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf.tar.gz nixos-25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf.tar.bz2 nixos-25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf.tar.xz nixos-25b28a4ff56c0fc9561b559ad3c2c0b76cc0d4cf.zip |
...
Diffstat (limited to 'hosts/sif')
-rw-r--r-- | hosts/sif/default.nix | 77 | ||||
-rw-r--r-- | hosts/sif/libvirt/default.nix | 2 |
2 files changed, 67 insertions, 12 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index a2eca749..1a2748e9 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix | |||
@@ -182,7 +182,7 @@ in { | |||
182 | netdevConfig = { | 182 | netdevConfig = { |
183 | Name = "wgrz"; | 183 | Name = "wgrz"; |
184 | Kind = "wireguard"; | 184 | Kind = "wireguard"; |
185 | MTUBytes = "1538"; | 185 | MTUBytes = "1558"; |
186 | }; | 186 | }; |
187 | wireguardConfig = { | 187 | wireguardConfig = { |
188 | PrivateKeyFile = "/run/credentials/systemd-networkd.service/wgrz.priv"; | 188 | PrivateKeyFile = "/run/credentials/systemd-networkd.service/wgrz.priv"; |
@@ -204,22 +204,50 @@ in { | |||
204 | MACAddress = "52:54:00:18:85:5b"; | 204 | MACAddress = "52:54:00:18:85:5b"; |
205 | }; | 205 | }; |
206 | }; | 206 | }; |
207 | gre-0971 = { | 207 | rz-gre-1 = { |
208 | netdevConfig = { | 208 | netdevConfig = { |
209 | Name = "gre-0971"; | 209 | Name = "rz-gre-1"; |
210 | Kind = "bridge"; | 210 | Kind = "gretap"; |
211 | MTUBytes = "1520"; | ||
212 | }; | ||
213 | tunnelConfig = { | ||
214 | Local = "10.200.116.128"; | ||
215 | Remote = "10.200.116.1"; | ||
216 | Independent = true; | ||
217 | }; | ||
218 | }; | ||
219 | rz-gre-1-0971 = { | ||
220 | netdevConfig = { | ||
221 | Name = "rz-gre-1-0971"; | ||
222 | Kind = "vlan"; | ||
211 | MTUBytes = "1500"; | 223 | MTUBytes = "1500"; |
212 | }; | 224 | }; |
225 | vlanConfig = { | ||
226 | Id = 971; | ||
227 | }; | ||
213 | }; | 228 | }; |
214 | gre-0971-1 = { | 229 | rz-gre-1-2403 = { |
215 | netdevConfig = { | 230 | netdevConfig = { |
216 | Name = "gre-0971-1"; | 231 | Name = "rz-gre-1-2403"; |
217 | Kind = "gretap"; | 232 | Kind = "vlan"; |
218 | MTUBytes = "1500"; | 233 | MTUBytes = "1500"; |
219 | }; | 234 | }; |
220 | tunnelConfig = { | 235 | vlanConfig = { |
221 | Local = "10.116.200.128"; | 236 | Id = 2403; |
222 | Remote = "10.116.200.1"; | 237 | }; |
238 | }; | ||
239 | rz-0971 = { | ||
240 | netdevConfig = { | ||
241 | Name = "rz-0971"; | ||
242 | Kind = "bridge"; | ||
243 | MTUBytes = "1500"; | ||
244 | }; | ||
245 | }; | ||
246 | rz-2403 = { | ||
247 | netdevConfig = { | ||
248 | Name = "rz-2403"; | ||
249 | Kind = "bridge"; | ||
250 | MTUBytes = "1500"; | ||
223 | }; | 251 | }; |
224 | }; | 252 | }; |
225 | }; | 253 | }; |
@@ -265,7 +293,7 @@ in { | |||
265 | LLMNR = false; | 293 | LLMNR = false; |
266 | MulticastDNS = false; | 294 | MulticastDNS = false; |
267 | DNS = ["10.153.88.9" "129.187.111.202" "10.156.33.53"]; | 295 | DNS = ["10.153.88.9" "129.187.111.202" "10.156.33.53"]; |
268 | Tunnel = "gre-0971-1"; | 296 | # Tunnel = "rz-gre-1"; |
269 | }; | 297 | }; |
270 | }; | 298 | }; |
271 | virbr0 = { | 299 | virbr0 = { |
@@ -280,6 +308,33 @@ in { | |||
280 | MulticastDNS = false; | 308 | MulticastDNS = false; |
281 | }; | 309 | }; |
282 | }; | 310 | }; |
311 | rz-gre-1 = { | ||
312 | name = "rz-gre-1"; | ||
313 | matchConfig = { | ||
314 | Name = "rz-gre-1"; | ||
315 | }; | ||
316 | networkConfig = { | ||
317 | VLAN = [ "rz-gre-1-0971" "rz-gre-1-2403" ]; | ||
318 | }; | ||
319 | }; | ||
320 | rz-gre-1-0971 = { | ||
321 | name = "rz-gre-1-0971"; | ||
322 | matchConfig = { | ||
323 | Name = "rz-gre-1-0971"; | ||
324 | }; | ||
325 | networkConfig = { | ||
326 | Bridge = "rz-0971"; | ||
327 | }; | ||
328 | }; | ||
329 | rz-gre-1-2403 = { | ||
330 | name = "rz-gre-1-2403"; | ||
331 | matchConfig = { | ||
332 | Name = "rz-gre-1-2403"; | ||
333 | }; | ||
334 | networkConfig = { | ||
335 | Bridge = "rz-2403"; | ||
336 | }; | ||
337 | }; | ||
283 | }; | 338 | }; |
284 | config.routeTables.wgrz = 1025; | 339 | config.routeTables.wgrz = 1025; |
285 | }; | 340 | }; |
diff --git a/hosts/sif/libvirt/default.nix b/hosts/sif/libvirt/default.nix index b42fa8fc..d0be7dff 100644 --- a/hosts/sif/libvirt/default.nix +++ b/hosts/sif/libvirt/default.nix | |||
@@ -6,7 +6,7 @@ with flakeInputs.nixVirt.lib; | |||
6 | config = { | 6 | config = { |
7 | virtualisation.libvirtd = { | 7 | virtualisation.libvirtd = { |
8 | qemu.swtpm.enable = true; | 8 | qemu.swtpm.enable = true; |
9 | allowedBridges = ["virbr0" "gre-0971"]; | 9 | allowedBridges = ["virbr0" "rz-0971" "rz-2403"]; |
10 | }; | 10 | }; |
11 | virtualisation.libvirt = { | 11 | virtualisation.libvirt = { |
12 | enable = true; | 12 | enable = true; |