motiejus/config
1
Fork 0
Code Packages Releases Activity

jakst.vpn

Browse Source
This commit is contained in:
Motiejus Jakštys
2025-03-08 23:47:31 +02:00
parent 5b0d71dc2a
commit 6310a6e74e
10 changed files with 70 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
hosts/fra1-b/configuration.nix
View File

@@ -90,9 +90,9 @@ in
uidgid = myData.uidgid.remote-builder;
sshAllowSubnet = myData.subnets.tailscale.sshPattern;
publicKeys = map (h: myData.hosts.${h}.publicKey) [
"vno1-gdrx.motiejus.jakst"
"fwminex.servers.jakst"
"mtworx.motiejus.jakst"
"vno1-gdrx.jakst.vpn"
"fwminex.jakst.vpn"
"mtworx.jakst.vpn"
];
};
@@ -103,7 +103,7 @@ in
deployerbot = {
follower = {
publicKeys = [ myData.hosts."fwminex.servers.jakst".publicKey ];
publicKeys = [ myData.hosts."fwminex.jakst.vpn".publicKey ];
enable = true;
sshAllowSubnets = [ myData.subnets.tailscale.sshPattern ];
@@ -131,7 +131,7 @@ in
networking = {
hostName = "fra1-b";
domain = "servers.jakst";
domain = "jakst.vpn";
useDHCP = true;
interfaces.enp1s0.ipv6.addresses = [
{

36
hosts/fwminex/configuration.nix
View File

@@ -405,10 +405,10 @@ in
let
port = toString config.services.prometheus.exporters.ping.port;
hosts = [
"fwminex.servers.jakst"
"vno3-nk.servers.jakst"
"fra1-b.servers.jakst"
"vno1-gdrx.motiejus.jakst"
"fwminex.jakst.vpn"
"vno3-nk.jakst.vpn"
"fra1-b.jakst.vpn"
"vno1-gdrx.jakst.vpn"
];
in
@@ -443,8 +443,8 @@ in
static_configs = [ { targets = [ "127.0.0.1:${toString myData.ports.exporters.weather}" ]; } ];
}
{
job_name = "vno1-vinc.vincentas.jakst";
static_configs = [ { targets = [ "${myData.hosts."vno1-vinc.vincentas.jakst".jakstIP}:9100" ]; } ];
job_name = "vno1-vinc.jakst.vpn";
static_configs = [ { targets = [ "${myData.hosts."vno1-vinc.jakst.vpn".jakstIP}:9100" ]; } ];
}
]
++ map
@@ -458,11 +458,11 @@ in
}
)
[
"fra1-b.servers.jakst"
"vno3-nk.servers.jakst"
"fwminex.servers.jakst"
"mtworx.motiejus.jakst"
"vno1-gdrx.motiejus.jakst"
"fra1-b.jakst.vpn"
"vno3-nk.jakst.vpn"
"fwminex.jakst.vpn"
"mtworx.jakst.vpn"
"vno1-gdrx.jakst.vpn"
];
};
@@ -520,7 +520,7 @@ in
enable = true;
dataDir = "/var/lib/borgstor";
sshKeys = with myData; [
hosts."vno3-nk.servers.jakst".publicKey
hosts."vno3-nk.jakst.vpn".publicKey
people_pubkeys.motiejus
];
};
@@ -611,7 +611,7 @@ in
)
[
"zh2769@zh2769.rsync.net"
"borgstor@${myData.hosts."vno3-nk.servers.jakst".jakstIP}"
"borgstor@${myData.hosts."vno3-nk.jakst.vpn".jakstIP}"
];
};
@@ -655,7 +655,7 @@ in
remote-builder.client =
let
host = myData.hosts."fra1-b.servers.jakst";
host = myData.hosts."fra1-b.jakst.vpn";
in
{
enable = true;
@@ -677,17 +677,17 @@ in
deployIfPresent = [
{
derivationTarget = ".#mtworx";
pingTarget = myData.hosts."mtworx.motiejus.jakst".jakstIP;
pingTarget = myData.hosts."mtworx.jakst.vpn".jakstIP;
}
{
derivationTarget = ".#vno1-gdrx";
pingTarget = myData.hosts."vno1-gdrx.motiejus.jakst".jakstIP;
pingTarget = myData.hosts."vno1-gdrx.jakst.vpn".jakstIP;
}
];
};
follower = {
publicKeys = [ myData.hosts."fwminex.servers.jakst".publicKey ];
publicKeys = [ myData.hosts."fwminex.jakst.vpn".publicKey ];
enable = true;
uidgid = myData.uidgid.updaterbot-deployee;
@@ -739,7 +739,7 @@ in
networking = {
hostId = "a6b19da0";
hostName = "fwminex";
domain = "servers.jakst";
domain = "jakst.vpn";
firewall = {
rejectPackets = true;
allowedUDPPorts = [

6
hosts/mtworx/configuration.nix
View File

@@ -133,7 +133,7 @@ in
remote-builder.client =
let
host = myData.hosts."fra1-b.servers.jakst";
host = myData.hosts."fra1-b.jakst.vpn";
in
{
enable = true;
@@ -150,7 +150,7 @@ in
deployerbot = {
follower = {
publicKeys = [ myData.hosts."fwminex.servers.jakst".publicKey ];
publicKeys = [ myData.hosts."fwminex.jakst.vpn".publicKey ];
enable = true;
uidgid = myData.uidgid.updaterbot-deployee;
@@ -199,7 +199,7 @@ in
networking = {
hostId = "b14a02aa";
hostName = "mtworx";
domain = "motiejus.jakst";
domain = "jakst.vpn";
firewall.rejectPackets = true;
};
}

6
hosts/vno1-gdrx/configuration.nix
View File

@@ -140,7 +140,7 @@ in
remote-builder.client =
let
host = myData.hosts."fra1-b.servers.jakst";
host = myData.hosts."fra1-b.jakst.vpn";
in
{
enable = true;
@@ -152,7 +152,7 @@ in
deployerbot = {
follower = {
publicKeys = [ myData.hosts."fwminex.servers.jakst".publicKey ];
publicKeys = [ myData.hosts."fwminex.jakst.vpn".publicKey ];
enable = true;
uidgid = myData.uidgid.updaterbot-deployee;
@@ -181,7 +181,7 @@ in
networking = {
hostName = "vno1-gdrx";
domain = "motiejus.jakst";
domain = "jakst.vpn";
firewall.rejectPackets = true;
};
}

10
hosts/vno3-nk/configuration.nix
View File

@@ -108,7 +108,7 @@ in
enable = true;
dataDir = "/data/borg";
sshKeys = with myData; [
hosts."fwminex.servers.jakst".publicKey
hosts."fwminex.jakst.vpn".publicKey
people_pubkeys.motiejus
];
};
@@ -140,7 +140,7 @@ in
)
[
"zh2769@zh2769.rsync.net"
"borgstor@${myData.hosts."fwminex.servers.jakst".jakstIP}"
"borgstor@${myData.hosts."fwminex.jakst.vpn".jakstIP}"
];
};
@@ -164,7 +164,7 @@ in
remote-builder.client =
let
host = myData.hosts."fra1-b.servers.jakst";
host = myData.hosts."fra1-b.jakst.vpn";
in
{
enable = true;
@@ -193,7 +193,7 @@ in
deployerbot = {
follower = {
enable = true;
publicKeys = [ myData.hosts."fwminex.servers.jakst".publicKey ];
publicKeys = [ myData.hosts."fwminex.jakst.vpn".publicKey ];
sshAllowSubnets = [ myData.subnets.tailscale.sshPattern ];
uidgid = myData.uidgid.updaterbot-deployee;
};
@@ -212,7 +212,7 @@ in
networking = {
hostId = "ab4af0bb";
hostName = "vno3-nk";
domain = "servers.jakst";
domain = "jakst.vpn";
firewall = {
rejectPackets = true;
allowedUDPPorts = [