fix: ensure networking remains good
This commit is contained in:
parent
7c4e83f60a
commit
02dd11c8b4
5 changed files with 32 additions and 27 deletions
|
@ -57,7 +57,12 @@ in {
|
||||||
|
|
||||||
environment.systemPackages = [pkgs.vim];
|
environment.systemPackages = [pkgs.vim];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [80 443];
|
networking = {
|
||||||
|
defaultGateway = {
|
||||||
|
address = lib.mkDefault "193.1.96.161";
|
||||||
|
interface = lib.mkDefault "eth1";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# normally services cannot read home dirs
|
# normally services cannot read home dirs
|
||||||
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
|
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
|
||||||
|
|
|
@ -102,7 +102,7 @@ in {
|
||||||
# explisitly stating this is good
|
# explisitly stating this is good
|
||||||
defaultGateway = {
|
defaultGateway = {
|
||||||
address = "193.1.99.65";
|
address = "193.1.99.65";
|
||||||
interface = "eno1";
|
interface = "eth0";
|
||||||
};
|
};
|
||||||
|
|
||||||
# cannot use our own it seems?
|
# cannot use our own it seems?
|
||||||
|
|
|
@ -58,15 +58,14 @@ in {
|
||||||
networking.hostName = name;
|
networking.hostName = name;
|
||||||
# this has to be defined for any physical servers
|
# this has to be defined for any physical servers
|
||||||
# vms are defined by teh vm host
|
# vms are defined by teh vm host
|
||||||
networking.interfaces = {
|
networking = {
|
||||||
eno1 = {
|
defaultGateway.interface = lib.mkDefault "eno1";
|
||||||
ipv4.addresses = [
|
interfaces.eno1.ipv4.addresses = [
|
||||||
{
|
{
|
||||||
address = ip_pub;
|
address = ip_pub;
|
||||||
prefixLength = 26;
|
prefixLength = 26;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# this server is teh firewall
|
# this server is teh firewall
|
||||||
|
|
|
@ -26,12 +26,15 @@ in {
|
||||||
networking.hostName = name;
|
networking.hostName = name;
|
||||||
# this has to be defined for any physical servers
|
# this has to be defined for any physical servers
|
||||||
# vms are defined by teh vm host
|
# vms are defined by teh vm host
|
||||||
networking.interfaces.eno1.ipv4.addresses = [
|
networking = {
|
||||||
{
|
defaultGateway.interface = lib.mkDefault "eno1";
|
||||||
address = ip_pub;
|
interfaces.eno1.ipv4.addresses = [
|
||||||
prefixLength = 26;
|
{
|
||||||
}
|
address = ip_pub;
|
||||||
];
|
prefixLength = 26;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
deployment = {
|
deployment = {
|
||||||
targetHost = hostname;
|
targetHost = hostname;
|
||||||
|
|
|
@ -35,16 +35,14 @@ in {
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
# needs to have an address statically assigned
|
# needs to have an address statically assigned
|
||||||
interfaces = {
|
|
||||||
eno1 = {
|
defaultGateway.interface = lib.mkDefault "eno1";
|
||||||
ipv4.addresses = [
|
interfaces.eno1.ipv4.addresses = [
|
||||||
{
|
{
|
||||||
address = "193.1.99.120";
|
address = "193.1.99.120";
|
||||||
prefixLength = 26;
|
prefixLength = 26;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
|
|
Loading…
Reference in a new issue