nixos/machines/skynet.nix

/*

  Name:     https://en.wikipedia.org/wiki/Skynet_(Terminator)
  Why:      Skynet is eternal
  Type:     VM
  Hardware: -
  From:     2023
  Role:     Webserver and member linux box
  Notes:    Does not host offical sites

*/

{ pkgs, lib, nodes, inputs,  ... }:
let
  name      = "skynet";
  # DMZ that ITD provided
  ip_pub    = "193.1.96.165";
  hostname  = "${name}.skynet.ie";

in {
  imports = [
    #../applications/skynet.ie.nix
  ];

  deployment = {
    targetHost = ip_pub;
    targetPort = 22;
    targetUser = "root";

    tags = [ "active-core" ];
  };

  # it has two network devices so two
  skynet_dns.records = [
    {record=name;   r_type="A";   value=ip_pub;  server=true;}
    {record=ip_pub; r_type="PTR"; value=hostname;}
  ];

  services.skynet_backup.host = {
    ip = ip_pub;
    name = name;
  };

  # allow more than admins access
  services.skynet_ldap_client = {
    groups = [
      "skynet-admins-linux"
      "skynet-users-linux"
    ];
  };

  proxmoxLXC.manageNetwork = true;
  networking = {
    hostName = name;
    # needed to use the dmz first
    defaultGateway = lib.mkForce "193.1.96.161";

    interfaces.eth1.ipv4.addresses = [
      {
        address = ip_pub;
        prefixLength = 28;
      }
    ];
  };

#  services.skynet = {
#    host = {
#      # website is still hosted on the internal IP
#      ip = ip_priv;
#      name = name;
#    };
#  };
}
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`/*`

			`Name: https://en.wikipedia.org/wiki/Skynet_(Terminator)`
			`Why: Skynet is eternal`
			`Type: VM`
			`Hardware: -`
			`From: 2023`
			`Role: Webserver and member linux box`
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`Notes: Does not host offical sites`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00
			`*/`

skynet: website working again 2023-07-21 20:27:01 +00:00			`{ pkgs, lib, nodes, inputs, ... }:`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`let`
			`name = "skynet";`
			`# DMZ that ITD provided`
			`ip_pub = "193.1.96.165";`
			`hostname = "${name}.skynet.ie";`

			`in {`
skynet: got the main site "working" 2023-07-21 01:03:04 +00:00			`imports = [`
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`#../applications/skynet.ie.nix`
skynet: got the main site "working" 2023-07-21 01:03:04 +00:00			`];`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00
			`deployment = {`
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`targetHost = ip_pub;`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`targetPort = 22;`
			`targetUser = "root";`

ci: split up how many run each time 2023-07-26 22:53:26 +00:00			`tags = [ "active-core" ];`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`};`

			`# it has two network devices so two`
			`skynet_dns.records = [`
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`{record=name; r_type="A"; value=ip_pub; server=true;}`
			`{record=ip_pub; r_type="PTR"; value=hostname;}`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`];`

feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`services.skynet_backup.host = {`
			`ip = ip_pub;`
			`name = name;`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`};`

			`# allow more than admins access`
			`services.skynet_ldap_client = {`
			`groups = [`
			`"skynet-admins-linux"`
			`"skynet-users-linux"`
			`];`
			`};`

skynet: got the main site "working" 2023-07-21 01:03:04 +00:00			`proxmoxLXC.manageNetwork = true;`
[no ci] feat: now got ssh access to skynet.skynet.ie 2023-09-05 14:02:02 +00:00			`networking = {`
			`hostName = name;`
			`# needed to use the dmz first`
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`defaultGateway = lib.mkForce "193.1.96.161";`
[no ci] feat: now got ssh access to skynet.skynet.ie 2023-09-05 14:02:02 +00:00
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`interfaces.eth1.ipv4.addresses = [`
			`{`
			`address = ip_pub;`
			`prefixLength = 28;`
			`}`
			`];`
feat: networking for externally accessable IP set up. However its currently only accessable on vpn. ext.skynet.ie is a temp domain for testing 2023-09-04 17:03:48 +00:00			`};`
skynet: got the main site "working" 2023-07-21 01:03:04 +00:00
feat: splitting up the user side of skynet and the main websites 2023-09-15 19:36:07 +00:00			`# services.skynet = {`
			`# host = {`
			`# # website is still hosted on the internal IP`
			`# ip = ip_priv;`
			`# name = name;`
			`# };`
			`# };`
skynet: finally setting up skynet 2023-07-20 21:05:46 +00:00			`}`