Update from updated-inputs-2025-03-25-02-03

2025-03-25 03:03:07 +01:00 · 2025-03-25 03:03:07 +01:00 · d1f48521f7
commit d1f48521f7
parent 80c3a3c885 900e74280e
4 changed files with 78 additions and 30 deletions
--- a/hosts/dn42-ildix-clerie/configuration.nix
+++ b/hosts/dn42-ildix-clerie/configuration.nix
@ -7,23 +7,42 @@
    ];

  profiles.clerie.mercury-vm.enable = true;
+  profiles.clerie.common-networking.enable = true;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/vda";

-  networking.useDHCP = false;
-  # VM Nat Netz mercury
-  networking.interfaces.ens18.ipv4.addresses = [ { address = "192.168.10.27"; prefixLength = 24; } ];
-  # Ildix
-  networking.interfaces.ens19.ipv6.addresses = [ { address = "fd81:edb3:71d8:ffff::13"; prefixLength = 64; } ];
-  # Route to dn42-ildix-service
-  networking.interfaces.ens19.ipv6.routes = [ { address = "fd81:edb3:71d8::"; prefixLength = 48; via = "fd81:edb3:71d8:ffff:2953::1"; } ];
-
-  # public address
-  networking.interfaces.ens20.ipv6.addresses = [ { address = "2001:638:904:ffcb::4"; prefixLength = 64; } ];
-
-  networking.defaultGateway6 = { address = "2001:638:904:ffcb::1"; interface = "ens20"; };
-  networking.defaultGateway = { address = "192.168.10.1"; interface = "ens18"; };
+  systemd.network.networks."10-wan" = {
+    matchConfig.Name = "ens20";
+    address = [
+      "2001:638:904:ffcb::4/64"
+    ];
+    routes = [
+      { Gateway = "2001:638:904:ffcb::1"; }
+    ];
+    linkConfig.RequiredForOnline = "routable";
+  };
+  systemd.network.networks."10-nat-netz-mercury" = {
+    matchConfig.Name = "ens18";
+    address = [
+      "192.168.10.27/24"
+    ];
+    routes = [
+      { Gateway = "192.168.10.1"; }
+    ];
+    linkConfig.RequiredForOnline = "routable";
+  };
+  systemd.network.networks."10-dn42-ildix" = {
+    matchConfig.Name = "ens19";
+    address = [
+      "fd81:edb3:71d8:ffff::13/64"
+    ];
+    routes = [
+      # Route to dn42-ildix-service
+      { Destination = "fd81:edb3:71d8::/48"; Gateway = "fd81:edb3:71d8:ffff:2953::1"; }
+    ];
+    linkConfig.RequiredForOnline = "no";
+  };

  # Open Firewall for BGP
  networking.firewall.allowedTCPPorts = [ 179 ];
@ -36,7 +55,7 @@
  services.bird.enable = true;
  services.bird.package = pkgs.bird2;
  services.bird.config = ''
-  router id ${ (lib.head config.networking.interfaces.ens18.ipv4.addresses).address };
+  router id 192.168.10.27;

  protocol direct {
    interface "ens19";
--- a/hosts/dn42-ildix-service/bird.nix
+++ b/hosts/dn42-ildix-service/bird.nix
@ -7,7 +7,7 @@
  services.bird.enable = false;
  services.bird.package = pkgs.bird2;
  services.bird.config = ''
-  router id ${(lib.head config.networking.interfaces.ens18.ipv4.addresses).address};
+  router id 192.168.10.28;

  ipv6 table bgp6;

@ -22,7 +22,7 @@
    ipv6 {
      table bgp6;
      export filter {
-        krt_prefsrc=${(lib.head config.networking.interfaces.lo.ipv6.addresses).address};
+        krt_prefsrc=fd81:edb3:71d8::1;
        accept;
      };
      import none;
--- a/hosts/dn42-ildix-service/configuration.nix
+++ b/hosts/dn42-ildix-service/configuration.nix
@ -10,6 +10,7 @@
    ];

  profiles.clerie.mercury-vm.enable = true;
+  profiles.clerie.common-networking.enable = true;

  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
@ -19,20 +20,48 @@
  # Define on which hard drive you want to install Grub.
  boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only

-  networking.useDHCP = false;
-  networking.interfaces.lo.ipv6.addresses = [
-    { address = "fd81:edb3:71d8::1"; prefixLength = 128; }
-    { address = "fd81:edb3:71d8::53"; prefixLength = 128; }
-  ];
-  # VM Nat Netz mercury
-  networking.interfaces.ens18.ipv4.addresses = [ { address = "192.168.10.28"; prefixLength = 24; } ];
-  # ildix peering lan
-  networking.interfaces.ens19.ipv6.addresses = [ { address = "fd81:edb3:71d8:ffff:2953::1"; prefixLength = 64; } ];
-  # IPv6 Uplink
-  networking.interfaces.ens20.ipv6.addresses = [ { address = "2001:638:904:ffc9::c"; prefixLength = 64; } ];
+  systemd.network.netdevs."10-lo-dn42" = {
+    netdevConfig = {
+      Kind = "dummy";
+      Name = "lo-dn42";
+    };
+  };

-  networking.defaultGateway6 = { address = "2001:638:904:ffc9::1"; interface = "ens20"; };
-  networking.defaultGateway = { address = "192.168.10.1"; interface = "ens18"; };
+  systemd.network.networks."10-lo-dn42" = {
+    matchConfig.Name = "lo-dn42";
+    address = [
+      "fd81:edb3:71d8::1/128"
+      "fd81:edb3:71d8::53/128"
+    ];
+    linkConfig.RequiredForOnline = "no";
+  };
+  systemd.network.networks."10-wan" = {
+    matchConfig.Name = "ens20";
+    address = [
+      "2001:638:904:ffc9::c/64"
+    ];
+    routes = [
+      { Gateway = "2001:638:904:ffc9::1"; }
+    ];
+    linkConfig.RequiredForOnline = "routable";
+  };
+  systemd.network.networks."10-nat-netz-mercury" = {
+    matchConfig.Name = "ens18";
+    address = [
+      "192.168.10.28/24"
+    ];
+    routes = [
+      { Gateway = "192.168.10.1"; }
+    ];
+    linkConfig.RequiredForOnline = "routable";
+  };
+  systemd.network.networks."10-dn42-ildix" = {
+    matchConfig.Name = "ens19";
+    address = [
+      "fd81:edb3:71d8:ffff:2953::1/64"
+    ];
+    linkConfig.RequiredForOnline = "no";
+  };

  services.nginx.enable = true;

--- a/hosts/dn42-ildix-service/fernglas.nix
+++ b/hosts/dn42-ildix-service/fernglas.nix
@ -13,7 +13,7 @@
          bind = "[::]:1179";
          default_peer_config = {
            asn = 4242422953;
-            router_id = "${(lib.head config.networking.interfaces.ens18.ipv4.addresses).address}";
+            router_id = "192.168.10.28";
            route_state = "Accepted";
            add_path = true;
          };