feat(vault01): CRI uplink is now connected to internet

2024-03-27 15:38:46 +01:00 · 2024-03-27 15:38:46 +01:00 · ce05bee635
commit ce05bee635
parent 9cbe1b828f
2 changed files with 33 additions and 9 deletions
--- a/machines/vault01/networking.nix
+++ b/machines/vault01/networking.nix
@ -1,10 +1,19 @@
 let
  vlanName = "vlan-uplink-cri";
  linkIp = "10.120.33.250";
  linkPrefix = "30";
  upstreamRouterIp = "10.120.33.249";
  publicIp = "129.199.195.129"; # sync with meta
  linkPrefixedIp = "${linkIp}/${linkPrefix}";
 in
 {
  systemd.network = {
    networks = {
-      "10-sfp-right" = {
+      "10-enp67s0f0np0" = {
        name = "enp67s0f0np0";
        networkConfig = {
          VLAN = [ vlanName ];
@ -16,16 +25,21 @@ in
          IPv6SendRA = false;
        };
      };
-      "20-vlan-uplink-cri" = {
+      "10-${vlanName}" = {
        name = vlanName;
-        address = [ "10.120.33.250/30" ];
+        address = [ linkPrefixedIp ];
-        networkConfig = {
+        routes = [
-          Gateway = "10.120.33.249";
+          {
            routeConfig = {
              PreferredSource = publicIp;
              Gateway = upstreamRouterIp;
            };
          }
        ];
      };
    };
    netdevs = {
-      "20-vlan-uplink-cri" = {
+      "10-vlan-uplink-cri" = {
        netdevConfig = {
          Name = vlanName;
          Kind = "vlan";
--- a/meta/network.nix
+++ b/meta/network.nix
@ -89,6 +89,17 @@
  vault01 = {
    interfaces = {
      vlan-uplink-cri = {
        ipv4 = [
          {
            # see also machines/vault01/networking.nix
            address = "129.199.195.129";
            prefixLength = 27;
          }
        ];
        gateways = [ ];
        enableDefaultDNS = true;
      };
      enp130s0f0 = {
        ipv4 = [
          {
@ -96,8 +107,7 @@
            prefixLength = 24;
          }
        ];
-
+        gateways = [ ];
        gateways = [ "192.168.42.1" ];
        enableDefaultDNS = true;
      };
    };