remove getInternalIP

This commit is contained in:
Charlotte 🦝 Delenk 2023-02-02 21:34:19 +01:00
parent da3d9cf3ae
commit 9a3759aba1
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122
9 changed files with 4 additions and 35 deletions

View file

@ -50,7 +50,7 @@
"systemd"
"tcpstat"
];
listenAddress = (import ../utils/getInternalIP.nix config).listenIP;
listenAddress = "0.0.0.0";
};
networking.firewall.interfaces."wg0".allowedTCPPorts = [config.services.prometheus.exporters.node.port];

View file

@ -3,7 +3,6 @@
config,
...
}: let
inherit ((import ../../utils/getInternalIP.nix config)) listenIP;
sieves = import ../../packages/sieves.nix pkgs;
in {
nixpkgs.overlays = [
@ -135,7 +134,7 @@ in {
};
services.prometheus.exporters.dovecot = {
enable = true;
listenAddress = listenIP;
listenAddress = "0.0.0.0";
};
sops.secrets."services/dovecot/rspamd_password" = {owner = "dovecot";};
sops.secrets."services/dovecot/dovecot-sql.conf.ext" = {owner = "dovecot";};

View file

@ -4,12 +4,6 @@
lib,
...
}: let
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
listenStatements =
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
+ ''
add_header Alt-Svc 'h3=":443"';
'';
split-system = pkgs.lib.strings.splitString "-" pkgs.system;
in {
systemd.services.drone-server = {

View file

@ -3,14 +3,7 @@
config,
pkgs,
...
}: let
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
listenStatements =
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
+ ''
add_header Alt-Svc 'h3=":443"';
'';
in {
}: {
imports = [
./prometheus.nix
];

View file

@ -6,12 +6,6 @@
pkgs,
...
}: let
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
listenStatements =
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
+ ''
add_header Alt-Svc 'h3=":443"';
'';
clean-cache = nix-packages.packages.${system}.clean-s3-cache;
machines = pkgs.writeText "machines" ''
localhost armv7l-linux,powerpc-linux,powerpc64-linux,powerpc64le-linux,riscv32-linux,riscv64-linux,wasm32-wasi,x86_64-linux,i686-linux - 12 1 kvm,nixos-test,big-parallel,benchmark,gccarch-znver1,gccarch-skylake,ca-derivations -

View file

@ -5,7 +5,6 @@
hosts-list,
...
}: let
internalIP = import ../../utils/getInternalIP.nix config;
mkZone = name: {
master = false;
masters = ["100.119.226.33" "fd7a:115c:a1e0:ab12:4843:cd96:6277:e221"];

View file

@ -5,7 +5,6 @@
hosts-list,
...
}: let
internalIP = import ../../utils/getInternalIP.nix config;
darkkirb-de = import ../../zones/darkkirb.de.nix {inherit dns;};
chir-rs = import ../../zones/chir.rs.nix {inherit dns;};
int-chir-rs = import ../../zones/int.chir.rs.nix {inherit dns;};

View file

@ -19,7 +19,7 @@
services.prometheus.exporters.postgres = {
enable = true;
user = "postgres";
listenAddress = (import ../../utils/getInternalIP.nix config).listenIP;
listenAddress = "0.0.0.0";
};
networking.firewall.interfaces."wg0".allowedTCPPorts = [9187 5432];
}

View file

@ -1,9 +0,0 @@
config: let
removeCIDR = cidr: builtins.elemAt (builtins.split "/" cidr) 0;
filterIPsBare = builtins.map removeCIDR;
filterIPs = builtins.map (f: "[${removeCIDR f}]");
in rec {
listenIPs = filterIPs config.networking.wireguard.interfaces."wg0".ips;
listenIPsBare = filterIPsBare config.networking.wireguard.interfaces."wg0".ips;
listenIP = builtins.elemAt listenIPs 0;
}