nixos/machines/agentjones.nix

{ pkgs, lib, nodes, ... }: {
  imports = [
    # applications for this particular server
    ../applications/firewall.nix
  ];

  deployment = {
    #targetHost = "agentjones.skynet.ie";
    # wont have dns to start with
    #targetHost = "193.1.99.72";
    targetHost = "192.168.1.157";
    targetPort = 22;
    targetUser = "root";
  };

  # this server is teh firewall
  skynet_firewall = {
    # always good to know oneself
    #own_ip = "193.1.99.72";
    own_ip = "192.168.1.157";

    own_ports = [
      # ssh
      22
      # dns
      53
      # wireguard
      51820
    ];

    enable = true;

    # gonna have to get all the
    forward = builtins.concatLists (
      # using this function "(key: value: value.config.skynet_firewall.forward)" turn the values ointo a list
      lib.attrsets.mapAttrsToList (key: value:
        # make sure that anything running this firewall dosent count (recursion otherewise)
        # firewall may want to open ports in itself but can deal with that later
        if value.config.skynet_firewall.enable
        then []
        else value.config.skynet_firewall.forward
      ) nodes
    );
  };

}
feat: generating firewall forwarding rules from individual machiene configs complete 2023-01-15 18:27:21 +00:00			`{ pkgs, lib, nodes, ... }: {`
test: lets see if the firewall can be set up and nmap installed 2023-01-13 17:23:15 +00:00			`imports = [`
			`# applications for this particular server`
feat: basic firewall using the previous 2023-01-13 18:34:19 +00:00			`../applications/firewall.nix`
test: lets see if the firewall can be set up and nmap installed 2023-01-13 17:23:15 +00:00			`];`

feat: basic setup for colmena 2023-01-15 17:45:21 +00:00			`deployment = {`
feat: renaming in prep for them being isntalled 2023-01-15 19:22:12 +00:00			`#targetHost = "agentjones.skynet.ie";`
			`# wont have dns to start with`
feat: lets see if this works for secrets 2023-01-15 19:48:54 +00:00			`#targetHost = "193.1.99.72";`
			`targetHost = "192.168.1.157";`
feat: basic setup for colmena 2023-01-15 17:45:21 +00:00			`targetPort = 22;`
			`targetUser = "root";`
			`};`

tmnp: save current state 2023-01-15 15:10:40 +00:00			`# this server is teh firewall`
feat: generating firewall forwarding rules from individual machiene configs complete 2023-01-15 18:27:21 +00:00			`skynet_firewall = {`
feat: improved config a tad 2023-01-15 19:18:24 +00:00			`# always good to know oneself`
feat: lets see if this works for secrets 2023-01-15 19:48:54 +00:00			`#own_ip = "193.1.99.72";`
			`own_ip = "192.168.1.157";`
feat: improved config a tad 2023-01-15 19:18:24 +00:00
			`own_ports = [`
feat: lets see if this works for secrets 2023-01-15 19:48:54 +00:00			`# ssh`
feat: improved config a tad 2023-01-15 19:18:24 +00:00			`22`
feat: lets see if this works for secrets 2023-01-15 19:48:54 +00:00			`# dns`
			`53`
			`# wireguard`
			`51820`
feat: improved config a tad 2023-01-15 19:18:24 +00:00			`];`

feat: generating firewall forwarding rules from individual machiene configs complete 2023-01-15 18:27:21 +00:00			`enable = true;`

			`# gonna have to get all the`
feat: no more recusion, simplified the function 2023-01-15 18:42:01 +00:00			`forward = builtins.concatLists (`
			`# using this function "(key: value: value.config.skynet_firewall.forward)" turn the values ointo a list`
			`lib.attrsets.mapAttrsToList (key: value:`
			`# make sure that anything running this firewall dosent count (recursion otherewise)`
			`# firewall may want to open ports in itself but can deal with that later`
			`if value.config.skynet_firewall.enable`
			`then []`
			`else value.config.skynet_firewall.forward`
			`) nodes`
			`);`
feat: generating firewall forwarding rules from individual machiene configs complete 2023-01-15 18:27:21 +00:00			`};`
tmnp: save current state 2023-01-15 15:10:40 +00:00
test: lets see if the firewall can be set up and nmap installed 2023-01-13 17:23:15 +00:00			`}`