hetzner

2026-01-14 16:55:00 +01:00 · 2024-07-26 18:56:12 +02:00 · 2024-07-26 18:56:12 +02:00 · 9cb748e072
commit 9cb748e072
parent 871aabd4c2
2 changed files with 60 additions and 3 deletions
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@ -27,6 +27,7 @@
      traceroute
      dnsutils
    ];
+
    time.timeZone = "Europe/Zurich";
    users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ];

@ -34,6 +35,7 @@
    zramSwap.enable = true;

    services.openssh.enable = true;
+
    # By default, Colmena will replace unknown remote profile
    # (unknown means the profile isn't in the nix store on the
    # host running Colmena) during apply (with the default goal,
@ -62,6 +64,55 @@
    boot.initrd.kernelModules = [ "nvme" ];
    fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
  };
+  dns2 = { name, nodes, modulesPath, lib, ... }: {
+    imports = [ ./modules/dns (modulesPath + "/profiles/qemu-guest.nix") ];
+
+    # The name and nodes parameters are supported in Colmena,
+    # allowing you to reference configurations in other nodes.
+    networking.hostName = name;
+
+    deployment.targetHost = "dns2.nilstrieb.dev";
+    deployment.tags = [ "dns" "eu" ];
+
+    system.stateVersion = "23.11";
+
+    boot.loader.grub.device = "/dev/sda";
+    boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+    boot.initrd.kernelModules = [ "nvme" ];
+    fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+
+    # This file was populated at runtime with the networking
+    # details gathered from the active system.
+    networking = {
+      nameservers = [
+        "8.8.8.8"
+      ];
+      defaultGateway = "172.31.1.1";
+      defaultGateway6 = {
+        address = "fe80::1";
+        interface = "eth0";
+      };
+      dhcpcd.enable = false;
+      usePredictableInterfaceNames = lib.mkForce false;
+      interfaces = {
+        eth0 = {
+          ipv4.addresses = [
+            { address = "128.140.3.7"; prefixLength = 32; }
+          ];
+          ipv6.addresses = [
+            { address = "2a01:4f8:c2c:d616::1"; prefixLength = 64; }
+            { address = "fe80::9400:3ff:fe91:1647"; prefixLength = 64; }
+          ];
+          ipv4.routes = [{ address = "172.31.1.1"; prefixLength = 32; }];
+          ipv6.routes = [{ address = "fe80::1"; prefixLength = 128; }];
+        };
+
+      };
+    };
+    services.udev.extraRules = ''
+      ATTR{address}=="96:00:03:91:16:47", NAME="eth0"
+    '';
+  };

  /*host-b = {
    # Like NixOps and Morph, Colmena will attempt to connect to
--- a/newinfra/nix/modules/dns/noratrieb.dev.nix
+++ b/newinfra/nix/modules/dns/noratrieb.dev.nix
@ -10,6 +10,10 @@ let
  });

  data = with dns.lib.combinators;
+    let
+      dns1 = host "154.38.163.74" null;
+      dns2 = host "128.140.3.7" "2a01:4f8:c2c:d616::";
+    in
    {
      SOA = {
        nameServer = "154.38.163.74"; #"ns1.noratrieb.dev";
@ -19,7 +23,7 @@ let

      NS = [
        "154.38.163.74" #"ns1.noratrieb.dev"
-        #"ns2.noratrieb.dev"
+        "128.140.3.7" #"ns2.noratrieb.dev"
      ];

      A = [ (a "161.97.165.1") ];
@ -31,10 +35,12 @@ let
          "she/her"
        ];

-        ns1 = host "154.38.163.74" null;
+        ns1 = dns1;
+        ns2 = dns2;

        infra.subdomains = {
-          dns1 = host "154.38.163.74" null;
+          inherit dns1;
+          inherit dns2;
        };
      };
    };