From a44dfd1e65048f995162e267a86b78a46fee9b19 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 24 Mar 2025 20:48:17 +0100
Subject: [PATCH 1/3] hosts/dn42-ildix-clerie: Migrate to systemd-networkd
---
hosts/dn42-ildix-clerie/configuration.nix | 47 ++++++++++++++++-------
1 file changed, 33 insertions(+), 14 deletions(-)
diff --git a/hosts/dn42-ildix-clerie/configuration.nix b/hosts/dn42-ildix-clerie/configuration.nix
index ff718c0..c51fb69 100644
--- a/hosts/dn42-ildix-clerie/configuration.nix
+++ b/hosts/dn42-ildix-clerie/configuration.nix
@@ -7,23 +7,42 @@
];
profiles.clerie.mercury-vm.enable = true;
+ profiles.clerie.common-networking.enable = true;
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
- networking.useDHCP = false;
- # VM Nat Netz mercury
- networking.interfaces.ens18.ipv4.addresses = [ { address = "192.168.10.27"; prefixLength = 24; } ];
- # Ildix
- networking.interfaces.ens19.ipv6.addresses = [ { address = "fd81:edb3:71d8:ffff::13"; prefixLength = 64; } ];
- # Route to dn42-ildix-service
- networking.interfaces.ens19.ipv6.routes = [ { address = "fd81:edb3:71d8::"; prefixLength = 48; via = "fd81:edb3:71d8:ffff:2953::1"; } ];
-
- # public address
- networking.interfaces.ens20.ipv6.addresses = [ { address = "2001:638:904:ffcb::4"; prefixLength = 64; } ];
-
- networking.defaultGateway6 = { address = "2001:638:904:ffcb::1"; interface = "ens20"; };
- networking.defaultGateway = { address = "192.168.10.1"; interface = "ens18"; };
+ systemd.network.networks."10-wan" = {
+ matchConfig.Name = "ens20";
+ address = [
+ "2001:638:904:ffcb::4/64"
+ ];
+ routes = [
+ { Gateway = "2001:638:904:ffcb::1"; }
+ ];
+ linkConfig.RequiredForOnline = "routable";
+ };
+ systemd.network.networks."10-nat-netz-mercury" = {
+ matchConfig.Name = "ens18";
+ address = [
+ "192.168.10.27/24"
+ ];
+ routes = [
+ { Gateway = "192.168.10.1"; }
+ ];
+ linkConfig.RequiredForOnline = "routable";
+ };
+ systemd.network.networks."10-dn42-ildix" = {
+ matchConfig.Name = "ens19";
+ address = [
+ "fd81:edb3:71d8:ffff::13/64"
+ ];
+ routes = [
+ # Route to dn42-ildix-service
+ { Destination = "fd81:edb3:71d8::/48"; Gateway = "fd81:edb3:71d8:ffff:2953::1"; }
+ ];
+ linkConfig.RequiredForOnline = "no";
+ };
# Open Firewall for BGP
networking.firewall.allowedTCPPorts = [ 179 ];
@@ -36,7 +55,7 @@
services.bird.enable = true;
services.bird.package = pkgs.bird2;
services.bird.config = ''
- router id ${ (lib.head config.networking.interfaces.ens18.ipv4.addresses).address };
+ router id 192.168.10.27;
protocol direct {
interface "ens19";
From f9359f4d5085f29dbf7e20c2c45d2577fb557d34 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 24 Mar 2025 21:39:04 +0100
Subject: [PATCH 2/3] hosts/dn42-ildix-service: Migrate to systemd-networkd
---
hosts/dn42-ildix-service/bird.nix | 4 +-
hosts/dn42-ildix-service/configuration.nix | 55 +++++++++++++++++-----
hosts/dn42-ildix-service/fernglas.nix | 2 +-
3 files changed, 45 insertions(+), 16 deletions(-)
diff --git a/hosts/dn42-ildix-service/bird.nix b/hosts/dn42-ildix-service/bird.nix
index caf2b8c..0538233 100644
--- a/hosts/dn42-ildix-service/bird.nix
+++ b/hosts/dn42-ildix-service/bird.nix
@@ -7,7 +7,7 @@
services.bird.enable = false;
services.bird.package = pkgs.bird2;
services.bird.config = ''
- router id ${(lib.head config.networking.interfaces.ens18.ipv4.addresses).address};
+ router id 192.168.10.28;
ipv6 table bgp6;
@@ -22,7 +22,7 @@
ipv6 {
table bgp6;
export filter {
- krt_prefsrc=${(lib.head config.networking.interfaces.lo.ipv6.addresses).address};
+ krt_prefsrc=fd81:edb3:71d8::1;
accept;
};
import none;
diff --git a/hosts/dn42-ildix-service/configuration.nix b/hosts/dn42-ildix-service/configuration.nix
index 344fef9..8c1b997 100644
--- a/hosts/dn42-ildix-service/configuration.nix
+++ b/hosts/dn42-ildix-service/configuration.nix
@@ -10,6 +10,7 @@
];
profiles.clerie.mercury-vm.enable = true;
+ profiles.clerie.common-networking.enable = true;
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
@@ -19,20 +20,48 @@
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
- networking.useDHCP = false;
- networking.interfaces.lo.ipv6.addresses = [
- { address = "fd81:edb3:71d8::1"; prefixLength = 128; }
- { address = "fd81:edb3:71d8::53"; prefixLength = 128; }
- ];
- # VM Nat Netz mercury
- networking.interfaces.ens18.ipv4.addresses = [ { address = "192.168.10.28"; prefixLength = 24; } ];
- # ildix peering lan
- networking.interfaces.ens19.ipv6.addresses = [ { address = "fd81:edb3:71d8:ffff:2953::1"; prefixLength = 64; } ];
- # IPv6 Uplink
- networking.interfaces.ens20.ipv6.addresses = [ { address = "2001:638:904:ffc9::c"; prefixLength = 64; } ];
+ systemd.network.netdevs."10-lo-dn42" = {
+ netdevConfig = {
+ Kind = "dummy";
+ Name = "lo-dn42";
+ };
+ };
- networking.defaultGateway6 = { address = "2001:638:904:ffc9::1"; interface = "ens20"; };
- networking.defaultGateway = { address = "192.168.10.1"; interface = "ens18"; };
+ systemd.network.networks."10-lo-dn42" = {
+ matchConfig.Name = "lo-dn42";
+ address = [
+ "fd81:edb3:71d8::1/128"
+ "fd81:edb3:71d8::53/128"
+ ];
+ linkConfig.RequiredForOnline = "no";
+ };
+ systemd.network.networks."10-wan" = {
+ matchConfig.Name = "ens20";
+ address = [
+ "2001:638:904:ffc9::c/64"
+ ];
+ routes = [
+ { Gateway = "2001:638:904:ffc9::1"; }
+ ];
+ linkConfig.RequiredForOnline = "routable";
+ };
+ systemd.network.networks."10-nat-netz-mercury" = {
+ matchConfig.Name = "ens18";
+ address = [
+ "192.168.10.28/24"
+ ];
+ routes = [
+ { Gateway = "192.168.10.1"; }
+ ];
+ linkConfig.RequiredForOnline = "routable";
+ };
+ systemd.network.networks."10-dn42-ildix" = {
+ matchConfig.Name = "ens19";
+ address = [
+ "fd81:edb3:71d8:ffff:2953::1/64"
+ ];
+ linkConfig.RequiredForOnline = "no";
+ };
services.nginx.enable = true;
diff --git a/hosts/dn42-ildix-service/fernglas.nix b/hosts/dn42-ildix-service/fernglas.nix
index 373977e..7216c7f 100644
--- a/hosts/dn42-ildix-service/fernglas.nix
+++ b/hosts/dn42-ildix-service/fernglas.nix
@@ -13,7 +13,7 @@
bind = "[::]:1179";
default_peer_config = {
asn = 4242422953;
- router_id = "${(lib.head config.networking.interfaces.ens18.ipv4.addresses).address}";
+ router_id = "192.168.10.28";
route_state = "Accepted";
add_path = true;
};
From 900e74280ea49df35a5d778e104af6cf5dd42293 Mon Sep 17 00:00:00 2001
From: Flake Update Bot <flake-update-bot@clerie.de>
Date: Tue, 25 Mar 2025 03:03:06 +0100
Subject: [PATCH 3/3] Update nixpkgs 2025-03-25-02-03
---
flake.lock | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/flake.lock b/flake.lock
index e7345fc..25c2a13 100644
--- a/flake.lock
+++ b/flake.lock
@@ -533,11 +533,11 @@
},
"nixpkgs_3": {
"locked": {
- "lastModified": 1742069588,
- "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=",
+ "lastModified": 1742669843,
+ "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5",
+ "rev": "1e5b653dff12029333a6546c11e108ede13052eb",
"type": "github"
},
"original": {