/* Name: https://en.wikipedia.org/wiki/Skynet_(Terminator) Why: Skynet is eternal Type: VM Hardware: - From: 2023 Role: Webserver and member linux box Notes: */ { pkgs, lib, nodes, inputs, ... }: let # name of the server, sets teh hostname and record for it name = "skynet"; # DMZ that ITD provided ip_pub = "193.1.96.165"; ip_priv = "193.1.99.79"; hostname = "${name}.skynet.ie"; hostname_int = "${name}.int.skynet.ie"; in { imports = [ ../applications/skynet.ie.nix ]; deployment = { targetHost = ip_priv; targetPort = 22; targetUser = "root"; tags = [ "active-core" ]; }; # it has two network devices so two skynet_dns.records = [ {record=name; r_type="A"; value=ip_pub; server=true;} {record="${name}.int"; r_type="A"; value=ip_priv; server=true;} {record=ip_pub; r_type="PTR"; value=hostname;} {record=ip_priv; r_type="PTR"; value=hostname_int;} ]; services.skynet_backup = { host = { ip = ip_priv; name = name; }; }; # allow more than admins access services.skynet_ldap_client = { groups = [ "skynet-admins-linux" "skynet-users-linux" ]; }; proxmoxLXC.manageNetwork = true; networking = { hostName = name; # needed to use the dmz first # defaultGateway = lib.mkForce "193.1.96.161"; interfaces = { eth0.ipv4 = { addresses = [ { address = ip_priv; prefixLength = 26; } ]; # routes = [ # { # address = "193.1.99.64"; # prefixLength = 26; # via = "193.1.99.65"; # } # ]; }; # primary ip for logging in eth1.ipv4.addresses = [ { address = ip_pub; prefixLength = 28; } ]; }; }; services.skynet = { host = { # website is still hosted on the internal IP ip = ip_priv; name = name; }; }; }