remove getInternalIP
This commit is contained in:
parent
da3d9cf3ae
commit
9a3759aba1
9 changed files with 4 additions and 35 deletions
|
@ -50,7 +50,7 @@
|
|||
"systemd"
|
||||
"tcpstat"
|
||||
];
|
||||
listenAddress = (import ../utils/getInternalIP.nix config).listenIP;
|
||||
listenAddress = "0.0.0.0";
|
||||
};
|
||||
networking.firewall.interfaces."wg0".allowedTCPPorts = [config.services.prometheus.exporters.node.port];
|
||||
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
config,
|
||||
...
|
||||
}: let
|
||||
inherit ((import ../../utils/getInternalIP.nix config)) listenIP;
|
||||
sieves = import ../../packages/sieves.nix pkgs;
|
||||
in {
|
||||
nixpkgs.overlays = [
|
||||
|
@ -135,7 +134,7 @@ in {
|
|||
};
|
||||
services.prometheus.exporters.dovecot = {
|
||||
enable = true;
|
||||
listenAddress = listenIP;
|
||||
listenAddress = "0.0.0.0";
|
||||
};
|
||||
sops.secrets."services/dovecot/rspamd_password" = {owner = "dovecot";};
|
||||
sops.secrets."services/dovecot/dovecot-sql.conf.ext" = {owner = "dovecot";};
|
||||
|
|
|
@ -4,12 +4,6 @@
|
|||
lib,
|
||||
...
|
||||
}: let
|
||||
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
|
||||
listenStatements =
|
||||
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
|
||||
+ ''
|
||||
add_header Alt-Svc 'h3=":443"';
|
||||
'';
|
||||
split-system = pkgs.lib.strings.splitString "-" pkgs.system;
|
||||
in {
|
||||
systemd.services.drone-server = {
|
||||
|
|
|
@ -3,14 +3,7 @@
|
|||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
|
||||
listenStatements =
|
||||
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
|
||||
+ ''
|
||||
add_header Alt-Svc 'h3=":443"';
|
||||
'';
|
||||
in {
|
||||
}: {
|
||||
imports = [
|
||||
./prometheus.nix
|
||||
];
|
||||
|
|
|
@ -6,12 +6,6 @@
|
|||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
|
||||
listenStatements =
|
||||
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
|
||||
+ ''
|
||||
add_header Alt-Svc 'h3=":443"';
|
||||
'';
|
||||
clean-cache = nix-packages.packages.${system}.clean-s3-cache;
|
||||
machines = pkgs.writeText "machines" ''
|
||||
localhost armv7l-linux,powerpc-linux,powerpc64-linux,powerpc64le-linux,riscv32-linux,riscv64-linux,wasm32-wasi,x86_64-linux,i686-linux - 12 1 kvm,nixos-test,big-parallel,benchmark,gccarch-znver1,gccarch-skylake,ca-derivations -
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
hosts-list,
|
||||
...
|
||||
}: let
|
||||
internalIP = import ../../utils/getInternalIP.nix config;
|
||||
mkZone = name: {
|
||||
master = false;
|
||||
masters = ["100.119.226.33" "fd7a:115c:a1e0:ab12:4843:cd96:6277:e221"];
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
hosts-list,
|
||||
...
|
||||
}: let
|
||||
internalIP = import ../../utils/getInternalIP.nix config;
|
||||
darkkirb-de = import ../../zones/darkkirb.de.nix {inherit dns;};
|
||||
chir-rs = import ../../zones/chir.rs.nix {inherit dns;};
|
||||
int-chir-rs = import ../../zones/int.chir.rs.nix {inherit dns;};
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
services.prometheus.exporters.postgres = {
|
||||
enable = true;
|
||||
user = "postgres";
|
||||
listenAddress = (import ../../utils/getInternalIP.nix config).listenIP;
|
||||
listenAddress = "0.0.0.0";
|
||||
};
|
||||
networking.firewall.interfaces."wg0".allowedTCPPorts = [9187 5432];
|
||||
}
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
config: let
|
||||
removeCIDR = cidr: builtins.elemAt (builtins.split "/" cidr) 0;
|
||||
filterIPsBare = builtins.map removeCIDR;
|
||||
filterIPs = builtins.map (f: "[${removeCIDR f}]");
|
||||
in rec {
|
||||
listenIPs = filterIPs config.networking.wireguard.interfaces."wg0".ips;
|
||||
listenIPsBare = filterIPsBare config.networking.wireguard.interfaces."wg0".ips;
|
||||
listenIP = builtins.elemAt listenIPs 0;
|
||||
}
|
Loading…
Reference in a new issue