diff --git a/nix/os/containers/mailserver.nix b/nix/os/containers/mailserver.nix index c821bf4..b906d8b 100644 --- a/nix/os/containers/mailserver.nix +++ b/nix/os/containers/mailserver.nix @@ -1,6 +1,5 @@ { specialArgs, - hostBridge, hostAddress, localAddress, imapsPort ? 993, @@ -228,5 +227,5 @@ } ]; - inherit hostBridge hostAddress localAddress; + inherit hostAddress localAddress; } diff --git a/nix/os/containers/syncthing.nix b/nix/os/containers/syncthing.nix index 8c0ba82..12421c7 100644 --- a/nix/os/containers/syncthing.nix +++ b/nix/os/containers/syncthing.nix @@ -1,6 +1,5 @@ { specialArgs, - hostBridge, hostAddress, localAddress, syncthingPort ? 22000, @@ -57,5 +56,5 @@ } ]; - inherit hostBridge hostAddress localAddress; + inherit hostAddress localAddress; } diff --git a/nix/os/containers/webserver.nix b/nix/os/containers/webserver.nix index 0611f60..c2c166c 100644 --- a/nix/os/containers/webserver.nix +++ b/nix/os/containers/webserver.nix @@ -1,6 +1,5 @@ { specialArgs, - hostBridge, hostAddress, localAddress, httpPort, @@ -331,5 +330,5 @@ in { } ]; - inherit hostBridge hostAddress localAddress; + inherit hostAddress localAddress; } diff --git a/nix/os/devices/router0-dmz0/configuration.nix b/nix/os/devices/router0-dmz0/configuration.nix index 33a6ed3..4d82178 100644 --- a/nix/os/devices/router0-dmz0/configuration.nix +++ b/nix/os/devices/router0-dmz0/configuration.nix @@ -87,16 +87,13 @@ then bridgeInterfaceName else "${bridgeInterfaceName}.${toString vlanid}"; - dmzExposedHost = "sj-srv1"; - dmzExposedHostDomain = "dmz.internal"; - dmzExposedHostFQDN = "${dmzExposedHost}.${dmzExposedHostDomain}"; + dmzExposedHost = "sj-srv1.dmz.internal"; dmzExposedHostIpv4 = mkVlanIpv4HostAddr { vlanid = vlansByName.dmz.id; host = 99; cidr = false; }; - - dmzExposedHostMACaddr = repoFlake.nixosConfigurations.${dmzExposedHost}.config.systemd.network.netdevs."10-dmz0".netdevConfig.MACAddress; + # "sj-srv1.dmz.internal"; in { imports = [ nixos-sbc.nixosModules.default @@ -1129,11 +1126,8 @@ in { ) vlanRangeWith0; - dhcp-host = builtins.concatStringsSep "," [ - dmzExposedHostMACaddr - dmzExposedHostIpv4 - dmzExposedHostFQDN - ]; + # TODO: double-check that this works + dhcp-host = "1c:69:7a:07:08:5f,${dmzExposedHostIpv4},${dmzExposedHost}"; expand-hosts = true; diff --git a/nix/os/devices/sj-srv1/system.nix b/nix/os/devices/sj-srv1/system.nix index a6498a4..bd23a9e 100644 --- a/nix/os/devices/sj-srv1/system.nix +++ b/nix/os/devices/sj-srv1/system.nix @@ -25,64 +25,15 @@ networking.usePredictableInterfaceNames = false; networking.useNetworkd = true; - networking.useDHCP = false; + networking.useDHCP = true; networking.nat = { enable = true; - internalInterfaces = ["br0"]; - externalInterface = "dmz0"; + internalInterfaces = ["ve-*"]; + externalInterface = "eth0"; }; - - networking.bridges = { - br0 = { - interfaces = []; - }; - }; - networking.interfaces = { - br0 = { - ipv4.addresses = [ - { - address = "192.168.101.1"; - prefixLength = 24; - } - ]; - }; - }; - - systemd.network.netdevs."10-dmz0" = { - enable = true; - netdevConfig = { - Name = "dmz0"; - Kind = "macvlan"; - MACAddress = "1c:69:7a:07:08:6f"; - }; - - macvlanConfig = { - Mode = "bridge"; - }; - }; - - systemd.network.networks."20-eth0" = { - enable = true; - matchConfig.Name = "eth0"; - - # TODO: i'm not sure if and if so why this is required - macvlan = [ - "dmz0" - ]; - - DHCP = "no"; - }; - - systemd.network.networks."30-dmz0" = { - enable = true; - matchConfig.Name = "dmz0"; - DHCP = "yes"; - }; - boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; - "net.ipv6.ip_forward" = 1; }; # virtualization @@ -133,15 +84,14 @@ autoStart = true; - hostBridge = "br0"; - hostAddress = "192.168.101.1"; - localAddress = "192.168.101.10/24"; + hostAddress = "192.168.100.10"; + localAddress = "192.168.100.11"; imapsPort = 993; sievePort = 4190; }; - webserver = + websrv0 = import ../../containers/webserver.nix { specialArgs = { @@ -150,9 +100,8 @@ autoStart = true; - hostBridge = "br0"; - hostAddress = "192.168.101.1"; - localAddress = "192.168.101.11/24"; + hostAddress = "192.168.100.12"; + localAddress = "192.168.100.13"; httpPort = 80; httpsPort = 443; @@ -165,9 +114,8 @@ }; autoStart = true; - hostBridge = "br0"; - hostAddress = "192.168.101.1"; - localAddress = "192.168.101.12/24"; + hostAddress = "192.168.100.14"; + localAddress = "192.168.100.15"; syncthingPort = 22000; };