Compare commits

...

3 Commits

2 changed files with 26 additions and 9 deletions

@@ -1,4 +1,4 @@
{config, lib, pkgs, ...}: {config, lib, pkgs, values, ...}:
let let
grg = config.services.greg-ng; grg = config.services.greg-ng;
grgw = config.services.grzegorz-webui; grgw = config.services.grzegorz-webui;
@@ -37,8 +37,12 @@ in {
"${machine}.pvv.org" "${machine}.pvv.org"
]; ];
extraConfig = '' extraConfig = ''
allow 129.241.210.128/25; # pvv
allow 2001:700:300:1900::/64; allow ${values.ipv4-space}
allow ${values.ipv6-space}
# ntnu
allow ${values.ntnu.ipv4-space}
allow ${values.ntnu.ipv6-space}
deny all; deny all;
''; '';
}; };
@@ -51,8 +55,12 @@ in {
"${machine}-backend.pvv.org" "${machine}-backend.pvv.org"
]; ];
extraConfig = '' extraConfig = ''
allow 129.241.210.128/25; # pvv
allow 2001:700:300:1900::/64; allow ${values.ipv4-space}
allow ${values.ipv6-space}
# ntnu
allow ${values.ntnu.ipv4-space}
allow ${values.ntnu.ipv6-space}
deny all; deny all;
''; '';
@@ -70,8 +78,12 @@ in {
"${machine}-old.pvv.org" "${machine}-old.pvv.org"
]; ];
extraConfig = '' extraConfig = ''
allow 129.241.210.128/25; # pvv
allow 2001:700:300:1900::/64; allow ${values.ipv4-space}
allow ${values.ipv6-space}
# ntnu
allow ${values.ntnu.ipv4-space}
allow ${values.ntnu.ipv6-space}
deny all; deny all;
''; '';

@@ -1,8 +1,13 @@
# Feel free to change the structure of this file # Feel free to change the structure of this file
let let
pvv-ipv4 = suffix: "129.241.210.${toString suffix}"; ntnu-ipv4 = suffix: "129.241.${toString suffix}";
pvv-ipv6 = suffix: "2001:700:300:1900::${toString suffix}"; ntnu-ipv6 = suffix: "2001:700:300:${toString suffix}";
pvv-ipv4 = suffix: ntnu-ipv4 "210.${toString suffix}";
pvv-ipv6 = suffix: ntnu-ipv6 "1900::${toString suffix}";
in rec { in rec {
ntnu.ipv4-space = ntnu-ipv4 "0.0/16"; # https://ipinfo.io/ips/129.241.0.0/16
ntnu.ipv6-space = ntnu-ipv6 ":/48"; # https://ipinfo.io/2001:700:300::
ipv4-space = pvv-ipv4 "128/25"; ipv4-space = pvv-ipv4 "128/25";
ipv6-space = pvv-ipv6 "/64"; ipv6-space = pvv-ipv6 "/64";