Drift/pvv-nixos-config
17
5
Fork 1
Code Issues Pull Requests 10 Actions Wiki Activity

grzegorz: allow all of ntnu #99

Open
pederbs wants to merge 3 commits from grg-ip into main
pull from: grg-ip
merge into: Drift:main
Conversation 3 Commits 3 Files Changed 2 +26 -9
2 changed files with 26 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
modules/grzegorz.nix
View File

@@ -1,4 +1,4 @@
{config, lib, pkgs, ...}:
{config, lib, pkgs, values, ...}:
let
grg = config.services.greg-ng;
grgw = config.services.grzegorz-webui;
@@ -37,8 +37,12 @@ in {
"${machine}.pvv.org"
];
extraConfig = ''
allow 129.241.210.128/25;
allow 2001:700:300:1900::/64;
# pvv
allow ${values.ipv4-space}
allow ${values.ipv6-space}
# ntnu
allow ${values.ntnu.ipv4-space}
danio marked this conversation as resolved Outdated
oysteikt commented 2025-03-19 01:42:10 +01:00
Outdated
Review
Copy Link

Doesn't this straight up include pvv's ip space? It might also be nice to have in values, so we can re-use it later

Doesn't this straight up include pvv's ip space? It might also be nice to have in values, so we can re-use it later
danio commented 2025-03-22 03:05:42 +01:00
Outdated
Review
Copy Link

er nais å få den inn i values hvertfall

er nais å få den inn i values hvertfall
danio commented 2025-03-22 03:05:57 +01:00
Outdated
Review
Copy Link

ipv6!!!!

ipv6!!!!
allow ${values.ntnu.ipv6-space}
deny all;
'';
};
@@ -51,8 +55,12 @@ in {
"${machine}-backend.pvv.org"
];
extraConfig = ''
allow 129.241.210.128/25;
allow 2001:700:300:1900::/64;
# pvv
allow ${values.ipv4-space}
allow ${values.ipv6-space}
# ntnu
allow ${values.ntnu.ipv4-space}
allow ${values.ntnu.ipv6-space}
deny all;
'';
@@ -70,8 +78,12 @@ in {
"${machine}-old.pvv.org"
];
extraConfig = ''
allow 129.241.210.128/25;
allow 2001:700:300:1900::/64;
# pvv
allow ${values.ipv4-space}
allow ${values.ipv6-space}
# ntnu
allow ${values.ntnu.ipv4-space}
allow ${values.ntnu.ipv6-space}
deny all;
'';

9
values.nix
View File

@@ -1,8 +1,13 @@
# Feel free to change the structure of this file
let
pvv-ipv4 = suffix: "129.241.210.${toString suffix}";
pvv-ipv6 = suffix: "2001:700:300:1900::${toString suffix}";
ntnu-ipv4 = suffix: "129.241.${toString suffix}";
ntnu-ipv6 = suffix: "2001:700:300:${toString suffix}";
pvv-ipv4 = suffix: ntnu-ipv4 "210.${toString suffix}";
pvv-ipv6 = suffix: ntnu-ipv6 "1900::${toString suffix}";
in rec {
ntnu.ipv4-space = ntnu-ipv4 "0.0/16"; # https://ipinfo.io/ips/129.241.0.0/16
ntnu.ipv6-space = ntnu-ipv6 ":/48"; # https://ipinfo.io/2001:700:300::
ipv4-space = pvv-ipv4 "128/25";
ipv6-space = pvv-ipv6 "/64";