ctucx.git: nixfiles

ctucx' nixfiles

commit 0d8149e9114d4d527ca790adc4f1d94af906a904
parent f7f620e58e1720811b6845c897ec64f30260e778
Author: Leah (ctucx) <git@ctu.cx>
Date: Fri, 12 May 2023 13:55:31 +0200

machines/trabbi: use `networking.primaryIP` and `networking.primaryIP4` options

3 files changed, 11 insertions(+), 8 deletions(-)
M
machines/trabbi/configuration.nix
|
13
++++++++-----
M
machines/trabbi/mail.nix
|
2
+-
M
machines/trabbi/websites/ctu.cx.nix
|
4
++--
diff --git a/machines/trabbi/configuration.nix b/machines/trabbi/configuration.nix
@@ -25,9 +25,12 @@
     ./websites
   ];
 
-  dns.zones."ctu.cx".subdomains."${config.networking.hostName}" = (pkgs.dns.lib.combinators.host "89.58.62.171" "2a0a:4cc0:1:2d7::1");
+  networking.primaryIP    = "2a0a:4cc0:1:2d7::1";
+  networking.primaryIP4   = "89.58.62.171";
 
   age.secrets.restic-server-lollo.file       = ../../secrets/restic-server/lollo.age;
+  dns.zones."ctu.cx".subdomains."${config.networking.hostName}" = (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
+
   age.secrets.restic-server-wanderduene.file = ../../secrets/restic-server/wanderduene.age;
 
   boot = {

@@ -47,10 +50,10 @@
 
       postCommands = ''
         ip link set dev ens3 up
-        ip addr add 2a0a:4cc0:1:2d7::1/128 dev ens3
+        ip addr add ${config.networking.primaryIP}/128 dev ens3
         ip route add default via fe80::1 dev ens3 onlink
 
-        ip addr add 89.58.62.171/22 dev ens3
+        ip addr add ${config.networking.primaryIP4}/22 dev ens3
         ip route add default via 89.58.62.1 dev ens3 onlink
         echo 'cryptsetup-askpass' >> /root/.profile
       '';

@@ -69,11 +72,11 @@
 
     interfaces.ens3 = {
       ipv4.addresses = [{
-        address = "89.58.62.171";
+        address = config.networking.primaryIP4;
         prefixLength = 22;
       }];
       ipv6.addresses = [{
-        address      = "2a0a:4cc0:1:2d7::1";
+        address      = config.networking.primaryIP;
         prefixLength = 64;
       }];
     };

diff --git a/machines/trabbi/mail.nix b/machines/trabbi/mail.nix
@@ -12,7 +12,7 @@
   age.secrets.mail-password-zugnetwork.file = ../../secrets/trabbi/mail/password-mail-zug.network.age;
 
   dns.zones = with pkgs.dns.lib.combinators; let
-    TXT   = [ "v=spf1 a mx ip4:89.58.62.171 +ip6:2a0a:4cc0:1:2d7::1 ~all" ];
+    TXT   = [ "v=spf1 a mx ip4:${config.networking.primaryIP4} +ip6:${config.networking.primaryIP} ~all" ];
     DMARC = "v=DMARC1; p=none";
     MX    = with mx; [ (mx 10 "${config.networking.fqdn}.") ];
    in {

diff --git a/machines/trabbi/websites/ctu.cx.nix b/machines/trabbi/websites/ctu.cx.nix
@@ -1,8 +1,8 @@
-{ pkgs, ...}:
+{ pkgs, lib, config, ...}:
 
 {
 
-  dns.zones."ctu.cx" =  (pkgs.dns.lib.combinators.host "89.58.62.171" "2a0a:4cc0:1:2d7::1");
+  dns.zones."ctu.cx" =  (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP);
 
   services.nginx = {
     enable = true;