Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-04-03 10:40:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

update ipv6

Browse source
This commit is contained in:
Julien Malka 2023-10-25 21:30:42 +02:00
parent f30142d8e5
commit c99126b67e
Signed by: Luj
GPG key ID: 6FC74C847011FD83
2 changed files with 89 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
lib/luj.nix
View file

@ -67,7 +67,7 @@ inputs: lib: with lib; let
nixpkgs_version = inputs.nixpkgs; nixpkgs_version = inputs.nixpkgs;
hm_version = inputs.home-manager; hm_version = inputs.home-manager;
ipv4 = { public = "82.67.34.230"; local = "192.168.0.103"; vpn = "100.100.45.9"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.0.103"; vpn = "100.100.45.9"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:8ec7:b5d2:f663:a67a"; vpn = "fd7a:115c:a1e0::9"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:8ec7:b5d2:f663:a67a"; vpn = "fd7a:115c:a1e0::9"; };
}; };
@ -77,7 +77,7 @@ inputs: lib: with lib; let
nixpkgs_version = inputs.nixpkgs; nixpkgs_version = inputs.nixpkgs;
hm_version = inputs.home-manager; hm_version = inputs.home-manager;
ipv4 = { public = "82.67.34.230"; local = "192.168.0.175"; vpn = "100.100.45.14"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.0.175"; vpn = "100.100.45.14"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:40f0:8cff:fe31:3e94"; vpn = "fd7a:115c:a1e0::e"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:40f0:8cff:fe31:3e94"; vpn = "fd7a:115c:a1e0::e"; };
}; };
@ -85,34 +85,34 @@ inputs: lib: with lib; let
inherit tld; inherit tld;
subdomains = [ "nuage.malka.family" ]; subdomains = [ "nuage.malka.family" ];
ipv4 = { public = "82.67.34.230"; local = "192.168.0.101"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.0.101"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:4ab8:c3d0:a0fe:525f"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:4ab8:c3d0:a0fe:525f"; };
}; };
doma-backups = { doma-backups = {
inherit tld; inherit tld;
subdomains = [ "doma-backups.julienmalka.me" ]; subdomains = [ "doma-backups.julienmalka.me" ];
ipv4 = { public = "82.67.34.230"; local = "192.168.0.250"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.0.250"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:6b86:c2c:2141:6702"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:6b86:c2c:2141:6702"; };
}; };
doma-zulip = { doma-zulip = {
inherit tld; inherit tld;
subdomains = [ "zulip.julienmalka.me" ]; subdomains = [ "zulip.julienmalka.me" ];
ipv4 = { public = "82.67.34.230"; local = "192.168.0.187"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.0.187"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:6830:ddff:fe52:a444"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:6830:ddff:fe52:a444"; };
}; };
pve1 = { pve1 = {
inherit tld; inherit tld;
ipv4 = { public = "82.67.34.230"; local = "192.168.1.1"; vpn = "100.100.45.3"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.1.1"; vpn = "100.100.45.3"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:d250:99ff:fefa:b62"; vpn = "fd7a:115c:a1e0::3"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:d250:99ff:fefa:b62"; vpn = "fd7a:115c:a1e0::3"; };
sshPort = 22; sshPort = 22;
sshUser = "root"; sshUser = "root";
}; };
pve2 = { pve2 = {
inherit tld; inherit tld;
ipv4 = { public = "82.67.34.230"; local = "192.168.1.2"; vpn = "100.100.45.15"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.1.2"; vpn = "100.100.45.15"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:aaa1:59ff:fec7:1d6"; vpn = "fd7a:115c:a1e0::f"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:aaa1:59ff:fec7:1d6"; vpn = "fd7a:115c:a1e0::f"; };
sshPort = 22; sshPort = 22;
sshUser = "root"; sshUser = "root";
@ -120,14 +120,14 @@ inputs: lib: with lib; let
pve3 = { pve3 = {
inherit tld; inherit tld;
ipv4 = { public = "82.67.34.230"; local = "192.168.1.3"; vpn = "100.100.45.16"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.1.3"; vpn = "100.100.45.16"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:aaa1:59ff:fec1:aa10"; vpn = "fd7a:115c:a1e0::10"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:aaa1:59ff:fec1:aa10"; vpn = "fd7a:115c:a1e0::10"; };
sshPort = 22; sshPort = 22;
sshUser = "root"; sshUser = "root";
}; };
pve4 = { pve4 = {
inherit tld; inherit tld;
ipv4 = { public = "82.67.34.230"; local = "192.168.1.4"; vpn = "100.100.45.17"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.1.4"; vpn = "100.100.45.17"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:d250:99ff:fefa:b76"; vpn = "fd7a:115c:a1e0::11"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:d250:99ff:fefa:b76"; vpn = "fd7a:115c:a1e0::11"; };
sshPort = 22; sshPort = 22;
sshUser = "root"; sshUser = "root";
}; };
@ -135,7 +135,7 @@ inputs: lib: with lib; let
inherit tld; inherit tld;
subdomains = [ "saves-paris.luj" ]; subdomains = [ "saves-paris.luj" ];
ipv4 = { public = "82.67.34.230"; local = "192.168.4.5"; vpn = "100.100.45.4"; }; ipv4 = { public = "82.67.34.230"; local = "192.168.4.5"; vpn = "100.100.45.4"; };
ipv6 = { public = "2a01:e0a:de4:a0e0:3af3:abff:fe6a:1f54"; vpn = "fd7a:115c:a1e0::4"; }; ipv6 = { public = "2a01:e0a:de4:a0e1:3af3:abff:fe6a:1f54"; vpn = "fd7a:115c:a1e0::4"; };
sshPort = 22; sshPort = 22;
sshUser = "root"; sshUser = "root";
}; };

79
modules/ferretdb/default.nix Normal file
View file

@ -0,0 +1,79 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.ferretdb;
in
{
meta.maintainers = with lib.maintainers; [ julienmalka camillemndn ];
options = {
services.ferretdb = {
enable = mkEnableOption "FerretDB, an Open Source MongoDB alternative.";
package = mkOption {
type = types.package;
example = literalExpression "pkgs.ferretdb";
default = pkgs.ferretdb;
defaultText = "pkgs.ferretdb";
description = "FerretDB package to use.";
};
settings = lib.mkOption {
type =
lib.types.submodule { freeformType = with lib.types; attrsOf str; };
example = {
FERRETDB_LOG_LEVEL = "warn";
FERRETDB_MODE = "normal";
};
description = ''
Additional configuration for FerretDB, see
<https://docs.ferretdb.io/flags/>
for supported values.
'';
};
};
};
config = mkIf cfg.enable
{
services.ferretdb.settings = {
FERRETDB_HANDLER = lib.mkDefault "sqlite";
FERRETDB_SQLITE_URL = lib.mkDefault "file:/var/lib/ferretdb/";
};
systemd.services.ferretdb = {
description = "FerretDB";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = cfg.settings;
serviceConfig = {
Type = "simple";
StateDirectory = "ferretdb";
WorkingDirectory = "/var/lib/ferretdb";
ExecStart = "${cfg.package}/bin/ferretdb";
Restart = "on-failure";
ProtectHome = true;
ProtectSystem = "strict";
PrivateTmp = true;
PrivateDevices = true;
ProtectHostname = true;
ProtectClock = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectKernelLogs = true;
ProtectControlGroups = true;
NoNewPrivileges = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RemoveIPC = true;
PrivateMounts = true;
DynamicUser = true;
};
};
};
}