diff --git a/applications/skynet.ie.nix b/applications/skynet.ie.nix index 823b4f0..4277232 100644 --- a/applications/skynet.ie.nix +++ b/applications/skynet.ie.nix @@ -25,7 +25,6 @@ # the root one is already covered by teh certificate "2016.skynet.ie" "discord.skynet.ie" - "ext.skynet.ie" ]; skynet_dns.records = [ @@ -48,15 +47,7 @@ documentRoot = "${inputs.skynet_website.defaultPackage."x86_64-linux"}"; # only on skynet.ie # skynet.ie/~username - enableUserDir = true; - }; - "ext.skynet.ie" = { - forceSSL = true; - useACMEHost = "skynet"; - documentRoot = "${inputs.skynet_website.defaultPackage."x86_64-linux"}"; - # only on skynet.ie - # skynet.ie/~username - enableUserDir = true; + #enableUserDir = true; }; # archive of teh site as it was ~2012 to 2016 diff --git a/flake.nix b/flake.nix index e341146..447efb5 100644 --- a/flake.nix +++ b/flake.nix @@ -87,9 +87,12 @@ # backup 1 neuromancer = import ./machines/neuromancer.nix; - # Skynet + # Skynet, user ssh access skynet = import ./machines/skynet.nix; + # Main skynet sites + earth = import ./machines/earth.nix; + }; }; diff --git a/machines/earth.nix b/machines/earth.nix new file mode 100644 index 0000000..b9d8507 --- /dev/null +++ b/machines/earth.nix @@ -0,0 +1,45 @@ +/* + + Name: https://hitchhikers.fandom.com/wiki/Earth + Why: Our home(page) + Type: VM + Hardware: - + From: 2023 + Role: Webserver + Notes: + +*/ + +{ pkgs, lib, nodes, inputs, ... }: +let + name = "earth"; + ip_pub = "193.1.99.79"; + hostname = "${name}.skynet.ie"; + +in { + imports = [ + + ]; + + deployment = { + targetHost = ip_pub; + targetPort = 22; + targetUser = "root"; + + tags = [ "active-core" ]; + }; + + # it has two network devices so two + skynet_dns.records = [ + {record=name; r_type="A"; value=ip_pub; server=true;} + {record=ip_pub; r_type="PTR"; value=hostname;} + ]; + + services.skynet_backup = { + host = { + ip = ip_pub; + name = name; + }; + }; + +} \ No newline at end of file diff --git a/machines/skynet.nix b/machines/skynet.nix index 18cd4e4..6d5ba49 100644 --- a/machines/skynet.nix +++ b/machines/skynet.nix @@ -6,27 +6,24 @@ Hardware: - From: 2023 Role: Webserver and member linux box - Notes: + Notes: Does not host offical sites */ { pkgs, lib, nodes, inputs, ... }: let - # name of the server, sets teh hostname and record for it name = "skynet"; # DMZ that ITD provided ip_pub = "193.1.96.165"; - ip_priv = "193.1.99.79"; hostname = "${name}.skynet.ie"; - hostname_int = "${name}.int.skynet.ie"; in { imports = [ - ../applications/skynet.ie.nix + #../applications/skynet.ie.nix ]; deployment = { - targetHost = ip_priv; + targetHost = ip_pub; targetPort = 22; targetUser = "root"; @@ -35,17 +32,13 @@ in { # it has two network devices so two skynet_dns.records = [ - {record=name; r_type="A"; value=ip_pub; server=true;} - {record="${name}.int"; r_type="A"; value=ip_priv; server=true;} - {record=ip_pub; r_type="PTR"; value=hostname;} - {record=ip_priv; r_type="PTR"; value=hostname_int;} + {record=name; r_type="A"; value=ip_pub; server=true;} + {record=ip_pub; r_type="PTR"; value=hostname;} ]; - services.skynet_backup = { - host = { - ip = ip_priv; - name = name; - }; + services.skynet_backup.host = { + ip = ip_pub; + name = name; }; # allow more than admins access @@ -60,41 +53,21 @@ in { networking = { hostName = name; # needed to use the dmz first -# defaultGateway = lib.mkForce "193.1.96.161"; + defaultGateway = lib.mkForce "193.1.96.161"; - interfaces = { - eth0.ipv4 = { - addresses = [ - { - address = ip_priv; - prefixLength = 26; - } - ]; -# routes = [ -# { -# address = "193.1.99.64"; -# prefixLength = 26; -# via = "193.1.99.65"; -# } -# ]; - }; - - - # primary ip for logging in - eth1.ipv4.addresses = [ - { - address = ip_pub; - prefixLength = 28; - } - ]; - }; + interfaces.eth1.ipv4.addresses = [ + { + address = ip_pub; + prefixLength = 28; + } + ]; }; - services.skynet = { - host = { - # website is still hosted on the internal IP - ip = ip_priv; - name = name; - }; - }; +# services.skynet = { +# host = { +# # website is still hosted on the internal IP +# ip = ip_priv; +# name = name; +# }; +# }; } \ No newline at end of file