skynet: finally setting up skynet

2023-07-20 22:05:46 +01:00 · 2023-07-20 22:05:46 +01:00 · 26197cec6e
commit 26197cec6e
parent 83e46a95fe
2 changed files with 61 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -86,6 +86,9 @@
      # backup 1
      neuromancer = import ./machines/neuromancer.nix;

+      # Skynet
+      skynet = import ./machines/skynet.nix;
+
    };
  };

--- a/machines/skynet.nix
+++ b/machines/skynet.nix
@ -0,0 +1,58 @@
+/*
+
+  Name:     https://en.wikipedia.org/wiki/Skynet_(Terminator)
+  Why:      Skynet is eternal
+  Type:     VM
+  Hardware: -
+  From:     2023
+  Role:     Webserver and member linux box
+  Notes:
+
+*/
+
+{ pkgs, lib, nodes, ... }:
+let
+  # name of the server, sets teh hostname and record for it
+  name      = "skynet";
+  # DMZ that ITD provided
+  ip_pub    = "193.1.96.165";
+  ip_priv   = "193.1.99.79";
+  hostname  = "${name}.skynet.ie";
+  hostname_int  = "${name}_int.skynet.ie";
+
+in {
+  imports = [];
+
+  deployment = {
+    targetHost = hostname_int;
+    targetPort = 22;
+    targetUser = "root";
+
+    tags = [ "active" ];
+  };
+
+  # it has two network devices so two
+  skynet_dns.records = [
+    {record=name;          r_type="A"; value=ip_pub;  server=true;}
+    {record="${name}_int"; r_type="A"; value=ip_priv; server=true;}
+
+    {record=ip_pub;  r_type="PTR"; value=hostname;}
+    {record=ip_priv; r_type="PTR"; value=hostname_int;}
+  ];
+
+  services.skynet_backup = {
+    host = {
+      ip = ip_pub;
+      name = name;
+    };
+  };
+
+  # allow more than admins access
+  services.skynet_ldap_client = {
+    groups = [
+      "skynet-admins-linux"
+      "skynet-users-linux"
+    ];
+  };
+
+}