remove getInternalIP

2023-02-02 21:34:19 +01:00 · 2023-02-02 21:34:19 +01:00 · 9a3759aba1
commit 9a3759aba1
parent da3d9cf3ae
9 changed files with 4 additions and 35 deletions
--- a/config/default.nix
+++ b/config/default.nix
@ -50,7 +50,7 @@
      "systemd"
      "tcpstat"
    ];
-    listenAddress = (import ../utils/getInternalIP.nix config).listenIP;
+    listenAddress = "0.0.0.0";
  };
  networking.firewall.interfaces."wg0".allowedTCPPorts = [config.services.prometheus.exporters.node.port];
--- a/config/services/dovecot.nix
+++ b/config/services/dovecot.nix
@ -3,7 +3,6 @@
  config,
  ...
 }: let
  inherit ((import ../../utils/getInternalIP.nix config)) listenIP;
  sieves = import ../../packages/sieves.nix pkgs;
 in {
  nixpkgs.overlays = [
@ -135,7 +134,7 @@ in {
  };
  services.prometheus.exporters.dovecot = {
    enable = true;
-    listenAddress = listenIP;
+    listenAddress = "0.0.0.0";
  };
  sops.secrets."services/dovecot/rspamd_password" = {owner = "dovecot";};
  sops.secrets."services/dovecot/dovecot-sql.conf.ext" = {owner = "dovecot";};
--- a/config/services/drone.nix
+++ b/config/services/drone.nix
@ -4,12 +4,6 @@
  lib,
  ...
 }: let
  inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
  listenStatements =
    lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
    + ''
      add_header Alt-Svc 'h3=":443"';
    '';
  split-system = pkgs.lib.strings.splitString "-" pkgs.system;
 in {
  systemd.services.drone-server = {
--- a/config/services/grafana.nix
+++ b/config/services/grafana.nix
@ -3,14 +3,7 @@
  config,
  pkgs,
  ...
-}: let
+}: {
  inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
  listenStatements =
    lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
    + ''
      add_header Alt-Svc 'h3=":443"';
    '';
 in {
  imports = [
    ./prometheus.nix
  ];
--- a/config/services/hydra.nix
+++ b/config/services/hydra.nix
@ -6,12 +6,6 @@
  pkgs,
  ...
 }: let
  inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
  listenStatements =
    lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
    + ''
      add_header Alt-Svc 'h3=":443"';
    '';
  clean-cache = nix-packages.packages.${system}.clean-s3-cache;
  machines = pkgs.writeText "machines" ''
    localhost armv7l-linux,powerpc-linux,powerpc64-linux,powerpc64le-linux,riscv32-linux,riscv64-linux,wasm32-wasi,x86_64-linux,i686-linux - 12 1 kvm,nixos-test,big-parallel,benchmark,gccarch-znver1,gccarch-skylake,ca-derivations  -
--- a/config/services/named-submissive.nix
+++ b/config/services/named-submissive.nix
@ -5,7 +5,6 @@
  hosts-list,
  ...
 }: let
  internalIP = import ../../utils/getInternalIP.nix config;
  mkZone = name: {
    master = false;
    masters = ["100.119.226.33" "fd7a:115c:a1e0:ab12:4843:cd96:6277:e221"];
--- a/config/services/named.nix
+++ b/config/services/named.nix
@ -5,7 +5,6 @@
  hosts-list,
  ...
 }: let
  internalIP = import ../../utils/getInternalIP.nix config;
  darkkirb-de = import ../../zones/darkkirb.de.nix {inherit dns;};
  chir-rs = import ../../zones/chir.rs.nix {inherit dns;};
  int-chir-rs = import ../../zones/int.chir.rs.nix {inherit dns;};
--- a/config/services/postgres.nix
+++ b/config/services/postgres.nix
@ -19,7 +19,7 @@
  services.prometheus.exporters.postgres = {
    enable = true;
    user = "postgres";
-    listenAddress = (import ../../utils/getInternalIP.nix config).listenIP;
+    listenAddress = "0.0.0.0";
  };
  networking.firewall.interfaces."wg0".allowedTCPPorts = [9187 5432];
 }
--- a/utils/getInternalIP.nix
+++ b/utils/getInternalIP.nix
@ -1,9 +0,0 @@
 config: let
  removeCIDR = cidr: builtins.elemAt (builtins.split "/" cidr) 0;
  filterIPsBare = builtins.map removeCIDR;
  filterIPs = builtins.map (f: "[${removeCIDR f}]");
 in rec {
  listenIPs = filterIPs config.networking.wireguard.interfaces."wg0".ips;
  listenIPsBare = filterIPsBare config.networking.wireguard.interfaces."wg0".ips;
  listenIP = builtins.elemAt listenIPs 0;
 }