diff --git a/hive.nix b/hive.nix index 59e8140..bf0531b 100644 --- a/hive.nix +++ b/hive.nix @@ -64,6 +64,7 @@ in { networking.hostName = name; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" ]; }; diff --git a/machines/kat-r86s/configuration.nix b/machines/kat-r86s/configuration.nix index 0f26da6..77b2c80 100644 --- a/machines/kat-r86s/configuration.nix +++ b/machines/kat-r86s/configuration.nix @@ -101,6 +101,20 @@ programs.virt-manager.enable = true; virtualisation.libvirtd.enable = true; + services.nginx = { + enable = true; + virtualHosts."degette.katvayor.net".locations."/" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.122.2/"; + }; + streamConfig = '' + server { + listen 22000; + proxy_pass 192.168.122.2:22; + } + ''; + }; + # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 22 53 80 443 22000 ]; networking.firewall.allowedUDPPorts = [ 67 ]; diff --git a/machines/kat-virt/configuration.nix b/machines/kat-virt/configuration.nix index 771ae48..129341f 100644 --- a/machines/kat-virt/configuration.nix +++ b/machines/kat-virt/configuration.nix @@ -13,9 +13,26 @@ boot.supportedFilesystems = [ "bcachefs" ]; boot.kernelPackages = pkgs.linuxPackages_latest; - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. time.timeZone = "Europe/Paris"; + networking = { + interfaces."enp1s0" = { + useDHCP = false; + ipv4.addresses = [ + { address = "192.168.122.2"; prefixLength = 24; } + ]; + ipv6.addresses = [ + { address = "fe80::2"; prefixLength = 64; } + ]; + }; + defaultGateway = "192.168.122.1"; + defaultGateway6 = { address = "fe80::1"; interface = "enp1s0"; }; + nameservers = [ + "192.168.122.1" + "fe80::1%enp1s0" + ]; + }; + # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; @@ -70,15 +87,20 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; - services.netbird.enable = true; - virtualisation.docker.enable = true; + services.nginx = { + enable = true; + virtualHosts."degette.katvayor.net".locations."/" = { + recommendedProxySettings = true; + proxyPass = "http://localhost:8000/"; + }; + }; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. - # networking.firewall.enable = false; + networking.firewall.enable = false; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you diff --git a/modules/ssh.nix b/modules/ssh.nix index 971c225..847eed0 100644 --- a/modules/ssh.nix +++ b/modules/ssh.nix @@ -24,7 +24,8 @@ "virt.kat" = { user = "root"; - hostname = "100.102.157.122"; + hostname = "fe80::2%%virbr0"; + proxyJump = "r86s.kat"; }; "sas.ens" = {