mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

chore: use flushBeforeStage2=true to avoid networking issues; fix loki listen address

Browse source
This commit is contained in:
oddlama 2023-06-06 01:04:39 +02:00
parent 90499504b5
commit 972b0456da
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
4 changed files with 10 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

10
flake.lock generated
View file

@ -348,16 +348,14 @@
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1685290091, "lastModified": 1685290091,
"narHash": "sha256-GGQYNZ7POoqPTtXgPOLUuSiHkOKFRWYpCoWUOSeSRoU=", "narHash": "sha256-eJ4hOd5fA8i9uhpPFrpjLAb09wqfB+NH9utHh0PGD4k=",
"owner": "NixOS", "type": "git",
"repo": "nixpkgs", "url": "file:///root/projects/nixpkgs-test"
"rev": "4e37b4e55b60fb7d43d2b62deb51032a489bcbe8",
"type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4e37b4e55b60fb7d43d2b62deb51032a489bcbe8",
"type": "github" "type": "github"
} }
}, },

2
flake.nix
View file

@ -37,7 +37,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixpkgs.url = "github:NixOS/nixpkgs?rev=4e37b4e55b60fb7d43d2b62deb51032a489bcbe8"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
microvm = { microvm = {
url = "github:astro/microvm.nix"; url = "github:astro/microvm.nix";

3
hosts/common/core/net.nix
View file

@ -14,6 +14,9 @@
mkForce mkForce
; ;
in { in {
# TODO needed until https://github.com/NixOS/nixpkgs/issues/236146 is resolved
boot.initrd.network.flushBeforeStage2 = true;
networking = { networking = {
hostName = nodeName; hostName = nodeName;
useDHCP = mkForce false; useDHCP = mkForce false;

5
hosts/ward/default.nix
View file

@ -253,7 +253,6 @@ in {
networking.nftables.firewall = { networking.nftables.firewall = {
zones = lib.mkForce { zones = lib.mkForce {
#local-vms.interfaces = ["local-vms"];
proxy-sentinel.interfaces = ["proxy-sentinel"]; proxy-sentinel.interfaces = ["proxy-sentinel"];
sentinel = { sentinel = {
parent = "proxy-sentinel"; parent = "proxy-sentinel";
@ -278,7 +277,7 @@ in {
auth_enabled = false; auth_enabled = false;
server = { server = {
http_listen_address = config.extra.wireguard."${parentNodeName}-local-vms".ipv4; http_listen_address = config.extra.wireguard.proxy-sentinel.ipv4;
http_listen_port = 3100; http_listen_port = 3100;
log_level = "warn"; log_level = "warn";
}; };
@ -340,6 +339,6 @@ in {
}; };
# TODO this for other vms and services too? # TODO this for other vms and services too?
systemd.services.loki.after = ["sys-subsystem-net-devices-${utils.escapeSystemdPath "local-vms"}.device"]; systemd.services.loki.after = ["sys-subsystem-net-devices-${utils.escapeSystemdPath "proxy-sentinel"}.device"];
}; };
} }