DGNum/lab-infra
8
1
Fork 1
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

chore: rebase branch on main
Some checks failed
Check meta / check_meta (push) Failing after 19s
Details
lint / check (push) Successful in 25s
Details

Browse source
This commit is contained in:
Constantin Gierczak--Galle 2024-12-07 10:37:15 +01:00
commit 4c98694080
No known key found for this signature in database
9 changed files with 124 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
REGISTRY.md
View file

@ -22,7 +22,7 @@ Routé via SIIT sur le vlan mwan-siit (2520)
| IP | Attribution | Mainteneur |
|----|-------------|------------|
| `.25` | `labcore01` | Maurice |
| `.26` | | |
| `.26` | `dns01` | cst1 |
| `.27` | | |
| `.28` | | |
| `.29` | | |

25
machines/dns01/_configuration.nix
View file

@ -10,30 +10,7 @@ lib.extra.mkConfig {
"nsd"
];
extraConfig = {
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrijwPlb7KQkYPLznMPVzPPT69cLzhEsJzZi9tmxzTh cst1@x270"
];
systemd.network = {
config.routeTables = {
he = 100;
mwan = 110;
};
networks = {
"10-ens18" = {
name = "ens18";
networkConfig = {
Description = "ENS uplink";
Address = [ "129.199.146.102/24" ];
Gateway = "129.199.146.254";
LLDP = true;
};
};
};
};
};
extraConfig = { };
root = ./.;
}

24
machines/homebox01/_configuration.nix Normal file
View file

@ -0,0 +1,24 @@
{ lib, ... }:
lib.extra.mkConfig {
enabledModules = [
# List of modules to enable
];
enabledServices = [
# List of services to enable
"homebox"
"nginx"
];
extraConfig = {
networking = {
firewall.allowedTCPPorts = [
80
443
];
};
};
root = ./.;
}

34
machines/homebox01/_hardware-configuration.nix Normal file
View file

@ -0,0 +1,34 @@
{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot = {
loader.systemd-boot.enable = true;
initrd.kernelModules = [ ];
kernelModules = [ ];
extraModulePackages = [ ];
initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
};
fileSystems."/" = {
device = "/dev/disk/by-partlabel/disk-sda-root";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/disk-sda-ESP";
fsType = "vfat";
};
networking.useDHCP = lib.mkDefault false;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

14
machines/homebox01/homebox.nix Normal file
View file

@ -0,0 +1,14 @@
{
services.homebox = {
enable = true;
settings = {
HBOX_OPTIONS_ALLOW_REGISTRATION = "false";
};
};
services.nginx.virtualHosts."homebox.cgiga.fr" = {
enableACME = true;
forceSSL = true;
serverAliases = [ ];
locations."/".proxyPass = "http://localhost:7745/";
};
}

10
machines/homebox01/nginx.nix Normal file
View file

@ -0,0 +1,10 @@
{
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
clientMaxBodySize = "500m";
};
}

3
machines/homebox01/secrets/secrets.nix Normal file
View file

@ -0,0 +1,3 @@
(import ../../../keys).mkSecrets [ "homebox01" ] [
# List of secrets for router02
]

31
meta/network.nix
View file

@ -1,11 +1,38 @@
{
dns01 = {
interfaces = { };
interfaces = {
ens18 = {
ipv6 = [
{
address = "2a0e:e701:1120:1000:ffff::45.13.104.26";
prefixLength = 64;
}
];
addresses.ipv4 = [ "129.199.146.102" ];
gateways = [ "2a0e:e701:1120:1000::1" ];
dns = [ "2a0e:e701:1120:1000::f:1" ];
};
};
hostId = "1758233d";
};
homebox01 = {
interfaces = {
ens18 = {
ipv4 = [
{
address = "129.199.146.102";
prefixLength = 24;
}
];
gateways = [ "129.199.146.254" ];
enableDefaultDNS = true;
};
};
hostId = "ef3bd5c0";
};
krz01 = {
interfaces = {
vmbr0 = {

8
meta/nodes.nix
View file

@ -36,6 +36,14 @@
stateVersion = "24.05";
nixpkgs = "unstable";
};
homebox01 = {
site = "pav01";
hashedPassword = "$y$j9T$eNZQgDN.J5y7KTG2hXgat1$J1i5tjx5dnSZu.C9B7swXi5zMFIkUnmRrnmyLHFAt8/";
stateVersion = "24.05";
nixpkgs = "unstable";
};
labcore01 = {
site = "pav01";