ipv4 for public-cof

2022-01-25 18:12:54 +01:00 · 2022-01-25 18:12:54 +01:00 · 3670aab583
commit 3670aab583
parent 7e11763d74
2 changed files with 35 additions and 23 deletions
--- a/machines/core-services-01/subZone.nix
+++ b/machines/core-services-01/subZone.nix
@ -3,8 +3,10 @@
 with dns.lib.combinators;
 let
  my = config.my;
-  upstream-v4-proxies = [ "51.15.7.181" ]; # kurisu.dual.lahfa.xyz
-  public-cof-ips = [ "2001:470:1f13:187:c08e:feff:fe4d:f5f5" ];
+  public-cof-ips = {
+    A = [ "45.13.104.27" ];
+    AAAA = [ "2001:470:1f13:187:c08e:feff:fe4d:f5f5" ];
+  };
  delegateACMEDNSChallenge = acme: { _acme-challenge.CNAME = [ acme ]; };

  remoteBuilders = {
@ -52,27 +54,21 @@ dualstack // {
      AAAA = [ my.ipv6.acme ];
    };

-    beta = {
-      AAAA = public-cof-ips;
+    beta = public-cof-ips // {
      subdomains = {
-        nuage.A = upstream-v4-proxies;
-        nuage.AAAA = public-cof-ips;
-        minecraft.AAAA = public-cof-ips;
-        factorio.AAAA = public-cof-ips;
-        home.A = upstream-v4-proxies;
-        home.AAAA = public-cof-ips;
-        pads.AAAA = public-cof-ips;
-        pads.subdomains = {
-          api.AAAA = public-cof-ips;
-          files.AAAA = public-cof-ips;
-          sandbox.AAAA = public-cof-ips;
-        };
-        docs.AAAA = public-cof-ips;
-        docs.A = upstream-v4-proxies;
-        jurisprudens = {
-          AAAA = public-cof-ips;
-          A = upstream-v4-proxies;
+        nuage = public-cof-ips;
+        minecraft = public-cof-ips;
+        factorio = public-cof-ips;
+        home = public-cof-ips;
+        pads = public-cof-ips // {
+          subdomains = {
+            api = public-cof-ips;
+            files = public-cof-ips;
+            sandbox = public-cof-ips;
+          };
        };
+        docs = public-cof-ips;
+        jurisprudens = public-cof-ips;
    };
  };

--- a/machines/public-cof/networking.nix
+++ b/machines/public-cof/networking.nix
@ -1,8 +1,20 @@
-{ ... }:
-{
+{ lib, ... }:
+let mkAddress = addr: let
+    splitted = lib.splitString "/" addr;
+    elemAt = builtins.elemAt splitted;
+  in
+  { address = (elemAt 0); prefixLength = lib.toInt (elemAt 1); };
+in {
  networking = {
    hostName = "public-cof";

+    # Default IPv4 exit route
+    defaultGateway = {
+      address = "";
+      interface = "ens20";
+    };
+    localCommands = "ip route add default dev ens20 metric 10";
+
    useDHCP = false;
    interfaces.ens18 = {
      useDHCP = true;
@ -15,6 +27,10 @@
      useDHCP = true;
    };

+    interfaces.ens20 = {
+      ipv4.addresses = map mkAddress [ "45.13.104.27/32" ];
+    };
+
    firewall.allowedTCPPorts = [ 22 ];
    firewall.enable = true;
  };