97 lines
1.7 KiB
Nix
97 lines
1.7 KiB
Nix
/*
|
|
|
|
Name: https://en.wikipedia.org/wiki/Skynet_(Terminator)
|
|
Why: Skynet is eternal
|
|
Type: VM
|
|
Hardware: -
|
|
From: 2023
|
|
Role: Webserver and member linux box
|
|
Notes: Does not host offical sites
|
|
*/
|
|
{
|
|
pkgs,
|
|
lib,
|
|
nodes,
|
|
inputs,
|
|
...
|
|
}: let
|
|
name = "skynet";
|
|
# DMZ that ITD provided
|
|
ip_pub = "193.1.96.165";
|
|
ip_int = "193.1.99.81";
|
|
hostname = "${name}.skynet.ie";
|
|
in {
|
|
imports = [
|
|
../applications/skynet_users.nix
|
|
];
|
|
|
|
deployment = {
|
|
targetHost = ip_pub;
|
|
targetPort = 22;
|
|
targetUser = "root";
|
|
|
|
# this one is manually deployed
|
|
tags = ["active-ext"];
|
|
};
|
|
|
|
skynet_dns.records = [
|
|
{
|
|
record = name;
|
|
r_type = "A";
|
|
value = ip_pub;
|
|
server = true;
|
|
}
|
|
{
|
|
record = ip_pub;
|
|
r_type = "PTR";
|
|
value = hostname;
|
|
}
|
|
];
|
|
|
|
services.skynet_backup.host = {
|
|
ip = ip_pub;
|
|
name = name;
|
|
};
|
|
|
|
proxmoxLXC.manageNetwork = true;
|
|
networking = {
|
|
hostName = name;
|
|
# needed to use the dmz first
|
|
defaultGateway = lib.mkForce "193.1.96.161";
|
|
|
|
interfaces = {
|
|
# need it for dns validation for letsencrypt
|
|
eth0.ipv4 = {
|
|
addresses = [
|
|
{
|
|
address = ip_int;
|
|
prefixLength = 26;
|
|
}
|
|
];
|
|
routes = [
|
|
{
|
|
# need to be able to get to the dns server
|
|
address = "193.1.99.120";
|
|
prefixLength = 26;
|
|
via = "193.1.99.65";
|
|
}
|
|
];
|
|
};
|
|
|
|
# primary ip for logging in
|
|
eth1.ipv4.addresses = [
|
|
{
|
|
address = ip_pub;
|
|
prefixLength = 28;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
services.skynet_users = {
|
|
host = {
|
|
ip = ip_pub;
|
|
name = name;
|
|
};
|
|
};
|
|
}
|