2127331 dns, os: Enable IPv6 — radicle-infra

rad:z254T5p17bdFPmzfDojsdjo4HjpoZ

Radicle Infrastructure as Code (NixOS, OpenTofu, …)

dns, os: Enable IPv6

Lorenz Leutgeb committed 9 months ago

commit 212733147b5b1de357b743c0fa0c35efb9d25888
parent 169615f

5 files changed +32 -5

modified dns/dnsconfig.js

@@ -48,6 +48,7 @@ D("radicle.xyz", REG_NONE, DnsProvider(DSP_CLOUDFLARE),

     A("iris", "95.217.156.6"),
     AAAA("iris", "2a01:4f9:c010:dfaa::1"),
     SSHFP("iris", 4, 1, "1ffe43af8f30c34373515fa24f1b9fe69532a9d5"),
     SSHFP("iris", 4, 2, "715ce29a1ccdd7088b9fb40949ca186e736ff6d711163689560ffe54252c9d43"),

@@ -59,6 +60,7 @@ D("radicle.xyz", REG_NONE, DnsProvider(DSP_CLOUDFLARE),

     A("rosa", "5.161.85.124"),
     AAAA("rosa", "2a01:4ff:f0:abd3::1"),
     SSHFP("rosa", 4, 1, "6ee4b941f49ece1601e238344f088f5a83712b91"),
     SSHFP("rosa", 4, 2, "e2364a3e0f7728eaa53d40543f15e7c23409fe06e5b08c55d8f63ee00e963b0b"),

@@ -73,6 +75,7 @@ D("radicle.xyz", REG_NONE, DnsProvider(DSP_CLOUDFLARE),

     A("seed", "65.108.87.205"),
     AAAA("seed", "2a01:4f9:c011:b666::1"),
     SSHFP("seed", 4, 2, "ac7db28d3d05c52f3e2d67adca4654ce6766a1e8d7b6fab4c03b25ab435a613d"),
     SSHFP("seed", 4, 1, "9033b89019264dbad5a744057166a5e1b7af92f7"),

modified os/host/iris/default.nix

@@ -24,7 +24,10 @@

     (modulesPath + "/profiles/qemu-guest.nix")
   ];
   systemd.network.enable = true;
   systemd.network.networks."10-hetzner".address = [
     # IPv6 address is statically configured, see Hetzner dashboard.
     "2a01:4f9:c010:dfaa::1/128"
   ];
   boot.loader.grub = {
     efiSupport = true;

modified os/host/rosa/default.nix

@@ -24,7 +24,10 @@

     (modulesPath + "/profiles/qemu-guest.nix")
   ];
   systemd.network.enable = true;
   systemd.network.networks."10-hetzner".address = [
     # IPv6 address is statically configured, see Hetzner dashboard.
     "2a01:4ff:f0:abd3::1/128"
   ];
   boot.loader.grub = {
     efiSupport = true;

modified os/host/seed/default.nix

@@ -25,7 +25,10 @@

     (modulesPath + "/profiles/qemu-guest.nix")
   ];
   systemd.network.enable = true;
   systemd.network.networks."10-hetzner".address = [
     # IPv6 address is statically configured, see Hetzner dashboard.
     "2a01:4f9:c011:b666::1/128"
   ];
   fileSystems =
     (builtins.listToAttrs (map

modified os/mixin/common.nix

@@ -6,13 +6,28 @@

   time.timeZone = "UTC";
   i18n.defaultLocale = "en_US.UTF-8";
   boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
   networking = {
     domain = "radicle.xyz";
     useNetworkd = true;
   };
   systemd.network = {
     enable = true;
     config.networkConfig = {
       IPv4Forwarding = true;
       IPv6Forwarding = true;
     };
     networks."10-hetzner" = {
       linkConfig.RequiredForOnline = "routable";
       matchConfig.Name = "enp1s0";
       networkConfig.DHCP = "ipv4";
       routes = [
         {Gateway = "fe80::1";}
       ];
     };
   };
   security = {
     acme = {
       defaults.email = "team@${config.networking.domain}";