bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add hosts file

Browse source
This commit is contained in:
Filippo Berto 2024-01-07 10:31:18 +01:00
parent 032875eec9
commit 3b6cf23db1
No known key found for this signature in database
GPG key ID: FE98AE5EC52B1056
4 changed files with 42 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

26
hosts.nix Normal file
View file

@ -0,0 +1,26 @@
{
public.ipv4 = {
"baldur.bertof.net" = "51.195.90.205";
};
zerotier = {
ipv4 = {
"thor.zto" = "172.23.24.223";
"baldur.zto" = "172.23.171.70";
"x3pro.zto" = "172.23.255.161";
"odin.zto" = "172.23.219.133";
"loki.zto" = "172.23.254.55";
"tiziano.zto" = "172.23.110.109";
"freya.zto" = "172.23.18.147";
};
ipv6 = {
"thor.zto" = "fd80:56c2:e21c:f9c7:5399:9324:3c16:6499";
"baldur.zto" = "fd80:56c2:e21c:f9c7:5399:933b:abd2:a7c9";
"x3pro.zto" = "fd80:56c2:e21c:f9c7:5399:9379:6b02:be97";
"odin.zto" = "fd80:56c2:e21c:f9c7:5399:9379:ef39:0dd3";
"loki.zto" = "fd80:56c2:e21c:f9c7:5399:93b3:aa75:fed1";
"tiziano.zto" = "fd80:56c2:e21c:f9c7:5399:93f3:4bbb:8b38";
"freya.zto" = "fd80:56c2:e21c:f9c7:5399:93f3:ffbc:1355";
};
};
}

5
instances/loki/configuration.nix
View file

@ -1,4 +1,7 @@
{ pkgs, ... }: { pkgs, ... }:
let
hosts = import ../../hosts.nix;
in
{ {
boot = { boot = {
@ -277,7 +280,7 @@
http = { http = {
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = [ "172.23.171.70" "::1" "127.0.0.1" ]; trusted_proxies = [ hosts.zerotier.ipv4."baldur.zto" "::1" "127.0.0.1" ];
}; };
automation = "!include automations.yaml"; automation = "!include automations.yaml";

14
modules/nixos/basics/zerotier.nix
View file

@ -1,15 +1,13 @@
{ lib, ... }:
let
hosts = import ../../../hosts.nix;
zerotier_hosts = lib.attrsets.mapAttrs' (k: v: lib.attrsets.nameValuePair v [ k ]) hosts.zerotier.ipv4;
in
{ {
services.zerotierone = { services.zerotierone = {
enable = true; enable = true;
joinNetworks = [ "8056c2e21cf9c753" ]; joinNetworks = [ "8056c2e21cf9c753" ];
}; };
networking.hosts = { networking.hosts = zerotier_hosts;
"172.23.24.223" = [ "thor.zto" ];
"172.23.255.161" = [ "x3pro.zto" ];
"172.23.219.133" = [ "odin.zto" ];
"172.23.254.55" = [ "loki.zto" ];
"172.23.18.147" = [ "freya.zto" ];
"172.23.171.70" = [ "baldur.zto" ];
};
} }

8
modules/nixos/nextcloud.nix
View file

@ -1,4 +1,8 @@
{ pkgs, config, ... }: { { pkgs, config, ... }:
let
hosts = import ../../hosts.nix;
in
{
age.secrets = { age.secrets = {
nextcloud_admin_secret = { file = ../../secrets/nextcloud_admin_secret.age; owner = "nextcloud"; }; nextcloud_admin_secret = { file = ../../secrets/nextcloud_admin_secret.age; owner = "nextcloud"; };
@ -35,7 +39,7 @@
]; ];
config = { config = {
trustedProxies = [ "172.23.171.70" "baldur.zto" ]; trustedProxies = [ hosts.zerotier.ipv4."baldur.zto" hosts.zerotier.ipv6."baldur.zto" "baldur.zto" ];
extraTrustedDomains = [ config.services.nextcloud.hostName "freya.zto" ]; extraTrustedDomains = [ config.services.nextcloud.hostName "freya.zto" ];
adminpassFile = config.age.secrets.nextcloud_admin_secret.path; adminpassFile = config.age.secrets.nextcloud_admin_secret.path;
overwriteProtocol = "https"; overwriteProtocol = "https";