6fffa8eb13
All checks were successful
Check meta / check_dns (pull_request) Successful in 15s
Check meta / check_meta (pull_request) Successful in 15s
Check workflows / check_workflows (pull_request) Successful in 16s
Run pre-commit on all files / pre-commit (push) Successful in 23s
Build all the nodes / netcore02 (pull_request) Successful in 21s
Build the shell / build-shell (pull_request) Successful in 24s
Build all the nodes / ap01 (pull_request) Successful in 1m15s
Run pre-commit on all files / pre-commit (pull_request) Successful in 23s
Build all the nodes / geo02 (pull_request) Successful in 1m25s
Build all the nodes / bridge01 (pull_request) Successful in 2m28s
Build all the nodes / geo01 (pull_request) Successful in 2m48s
Build all the nodes / compute01 (pull_request) Successful in 2m57s
Build all the nodes / storage01 (pull_request) Successful in 2m44s
Build all the nodes / web02 (pull_request) Successful in 2m42s
Build all the nodes / tower01 (pull_request) Successful in 2m45s
Build all the nodes / build01 (pull_request) Successful in 3m3s
Build all the nodes / hypervisor02 (pull_request) Successful in 2m53s
Build all the nodes / hypervisor01 (pull_request) Successful in 2m55s
Build all the nodes / web03 (pull_request) Successful in 2m49s
Build all the nodes / rescue01 (pull_request) Successful in 3m4s
Build all the nodes / vault01 (pull_request) Successful in 3m8s
Build all the nodes / hypervisor03 (pull_request) Successful in 3m23s
Build all the nodes / web01 (pull_request) Successful in 3m32s
Else we would need to change the switch config when rebuilding the AP
68 lines
2.1 KiB
Nix
68 lines
2.1 KiB
Nix
# SPDX-FileCopyrightText: 2024 Ryan Lahfa <ryan.lahfa@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{
|
|
config,
|
|
pkgs,
|
|
modulesPath,
|
|
...
|
|
}:
|
|
let
|
|
svc = config.system.service;
|
|
parentConfig = config;
|
|
in
|
|
{
|
|
defaultProfile.packages = [
|
|
# Levitate enable us to mass-reinstall the system on the fly.
|
|
# TODO: Test levitation
|
|
(pkgs.levitate.override {
|
|
config = {
|
|
imports = [
|
|
"${modulesPath}/network"
|
|
"${modulesPath}/ssh"
|
|
"${modulesPath}/hardware.nix"
|
|
"${modulesPath}/kernel"
|
|
"${modulesPath}/outputs/tftpboot.nix"
|
|
"${modulesPath}/outputs.nix"
|
|
# FIXME: DHCP has a hidden deps on this, shoud be done in a more intelligent way upstream
|
|
"${modulesPath}/iproute2.nix"
|
|
(
|
|
{ config, ... }:
|
|
{
|
|
# FIXME: DHCP has a hidden deps on this, shoud be done in a more intelligent way upstream
|
|
programs.iproute2.enable = true;
|
|
services = {
|
|
# In this situation, we fallback to the appro VLAN but keep admin vlan.
|
|
# Simplest DHCPv4 we can find.
|
|
dhcpv4 = svc.network.dhcp.client.build {
|
|
interface = parentConfig.hardware.networkInterfaces.lan;
|
|
};
|
|
inherit (parentConfig.services)
|
|
sshd
|
|
admin-vlan
|
|
admin-dhcpv4
|
|
admin-defaultroute4
|
|
;
|
|
defaultroute4 = svc.network.route.build {
|
|
via = "$(output ${config.services.dhcpv4} router)";
|
|
target = "default";
|
|
dependencies = [ config.services.dhcpv4 ];
|
|
};
|
|
};
|
|
}
|
|
)
|
|
];
|
|
hostname = "${parentConfig.hostname}-live";
|
|
nixpkgs.buildPlatform = builtins.currentSystem;
|
|
|
|
defaultProfile.packages = with pkgs; [
|
|
mtdutils
|
|
zyxel-bootconfig
|
|
];
|
|
# Only keep root, which should inherit from DGN access control's root permissions.
|
|
users.root = config.users.root;
|
|
};
|
|
})
|
|
];
|
|
}
|