Cloonar/cloonar-assistant
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: right path to networkPrefix

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2025-04-29 10:12:30 +02:00
parent 967467e151
commit 036efd54c3
4 changed files with 50 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
modules/cloonar-assistant/networking/dhcp.nix
View File

@@ -25,15 +25,15 @@
id = 96; id = 96;
pools = [ pools = [
{ {
pool = "${config.networkPrefix}.96.100 - ${config.networkPrefix}.96.240"; pool = "${config.cloonar-assistant.networkPrefix}.96.100 - ${config.cloonar-assistant.networkPrefix}.96.240";
} }
]; ];
subnet = "${config.networkPrefix}.96.0/24"; subnet = "${config.cloonar-assistant.networkPrefix}.96.0/24";
interface = "lan"; interface = "lan";
option-data = [ option-data = [
{ {
name = "routers"; name = "routers";
data = "${config.networkPrefix}.96.1"; data = "${config.cloonar-assistant.networkPrefix}.96.1";
} }
{ {
name = "domain-name"; name = "domain-name";
@@ -45,7 +45,7 @@
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
data = "${config.networkPrefix}.96.1"; data = "${config.cloonar-assistant.networkPrefix}.96.1";
} }
]; ];
reservations = [ reservations = [
@@ -55,15 +55,15 @@
id = 97; id = 97;
pools = [ pools = [
{ {
pool = "${config.networkPrefix}.97.100 - ${config.networkPrefix}.97.240"; pool = "${config.cloonar-assistant.networkPrefix}.97.100 - ${config.cloonar-assistant.networkPrefix}.97.240";
} }
]; ];
subnet = "${config.networkPrefix}.97.0/24"; subnet = "${config.cloonar-assistant.networkPrefix}.97.0/24";
interface = "server"; interface = "server";
option-data = [ option-data = [
{ {
name = "routers"; name = "routers";
data = "${config.networkPrefix}.97.1"; data = "${config.cloonar-assistant.networkPrefix}.97.1";
} }
{ {
name = "domain-name"; name = "domain-name";
@@ -71,7 +71,7 @@
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
data = "${config.networkPrefix}.97.1"; data = "${config.cloonar-assistant.networkPrefix}.97.1";
} }
]; ];
reservations = [ reservations = [
@@ -81,15 +81,15 @@
id = 101; id = 101;
pools = [ pools = [
{ {
pool = "${config.networkPrefix}.101.100 - ${config.networkPrefix}.101.240"; pool = "${config.cloonar-assistant.networkPrefix}.101.100 - ${config.cloonar-assistant.networkPrefix}.101.240";
} }
]; ];
subnet = "${config.networkPrefix}.101.0/24"; subnet = "${config.cloonar-assistant.networkPrefix}.101.0/24";
interface = "infrastructure"; interface = "infrastructure";
option-data = [ option-data = [
{ {
name = "routers"; name = "routers";
data = "${config.networkPrefix}.101.1"; data = "${config.cloonar-assistant.networkPrefix}.101.1";
} }
{ {
name = "domain-name"; name = "domain-name";
@@ -97,12 +97,12 @@
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
data = "${config.networkPrefix}.101.1"; data = "${config.cloonar-assistant.networkPrefix}.101.1";
} }
{ {
name = "capwap-ac-v4"; name = "capwap-ac-v4";
code = 138; code = 138;
data = "${config.networkPrefix}.97.2"; data = "${config.cloonar-assistant.networkPrefix}.97.2";
} }
]; ];
reservations = [ reservations = [
@@ -112,15 +112,15 @@
id = 99; id = 99;
pools = [ pools = [
{ {
pool = "${config.networkPrefix}.99.100 - ${config.networkPrefix}.99.240"; pool = "${config.cloonar-assistant.networkPrefix}.99.100 - ${config.cloonar-assistant.networkPrefix}.99.240";
} }
]; ];
subnet = "${config.networkPrefix}.99.0/24"; subnet = "${config.cloonar-assistant.networkPrefix}.99.0/24";
interface = "multimedia"; interface = "multimedia";
option-data = [ option-data = [
{ {
name = "routers"; name = "routers";
data = "${config.networkPrefix}.99.1"; data = "${config.cloonar-assistant.networkPrefix}.99.1";
} }
{ {
name = "domain-name"; name = "domain-name";
@@ -128,7 +128,7 @@
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
data = "${config.networkPrefix}.99.1"; data = "${config.cloonar-assistant.networkPrefix}.99.1";
} }
]; ];
reservations = [ reservations = [
@@ -138,15 +138,15 @@
id = 254; id = 254;
pools = [ pools = [
{ {
pool = "${config.networkPrefix}.254.10 - ${config.networkPrefix}.254.254"; pool = "${config.cloonar-assistant.networkPrefix}.254.10 - ${config.cloonar-assistant.networkPrefix}.254.254";
} }
]; ];
subnet = "${config.networkPrefix}.254.0/24"; subnet = "${config.cloonar-assistant.networkPrefix}.254.0/24";
interface = "guest"; interface = "guest";
option-data = [ option-data = [
{ {
name = "routers"; name = "routers";
data = "${config.networkPrefix}.254.1"; data = "${config.cloonar-assistant.networkPrefix}.254.1";
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
@@ -158,15 +158,15 @@
id = 100; id = 100;
pools = [ pools = [
{ {
pool = "${config.networkPrefix}.100.100 - ${config.networkPrefix}.100.240"; pool = "${config.cloonar-assistant.networkPrefix}.100.100 - ${config.cloonar-assistant.networkPrefix}.100.240";
} }
]; ];
subnet = "${config.networkPrefix}.100.0/24"; subnet = "${config.cloonar-assistant.networkPrefix}.100.0/24";
interface = "smart"; interface = "smart";
option-data = [ option-data = [
{ {
name = "routers"; name = "routers";
data = "${config.networkPrefix}.100.1"; data = "${config.cloonar-assistant.networkPrefix}.100.1";
} }
{ {
name = "domain-name"; name = "domain-name";
@@ -174,7 +174,7 @@
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
data = "${config.networkPrefix}.100.1"; data = "${config.cloonar-assistant.networkPrefix}.100.1";
} }
]; ];
reservations = [ reservations = [

12
modules/cloonar-assistant/networking/firewall.nix
View File

@@ -52,8 +52,8 @@ in {
# Accept mDNS for avahi reflection # Accept mDNS for avahi reflection
${lib.optionalString config.cloonar-assistant.multiroom-audio.enable '' ${lib.optionalString config.cloonar-assistant.multiroom-audio.enable ''
iifname "server" ip saddr ${config.networkPrefix}.97.20/32 tcp dport { llmnr } counter accept iifname "server" ip saddr ${config.cloonar-assistant.networkPrefix}.97.20/32 tcp dport { llmnr } counter accept
iifname "server" ip saddr ${config.networkPrefix}.97.20/32 udp dport { mdns, llmnr } counter accept iifname "server" ip saddr ${config.cloonar-assistant.networkPrefix}.97.20/32 udp dport { mdns, llmnr } counter accept
''} ''}
# Allow all returning traffic # Allow all returning traffic
@@ -91,13 +91,13 @@ in {
iifname "multimedia" oifname "server" tcp dport { 1704, 1705 } counter accept iifname "multimedia" oifname "server" tcp dport { 1704, 1705 } counter accept
iifname "lan" oifname "server" udp dport { 5000, 5353, 6001 - 6011 } counter accept iifname "lan" oifname "server" udp dport { 5000, 5353, 6001 - 6011 } counter accept
# avahi # avahi
iifname "server" ip saddr ${config.networkPrefix}.97.20/32 oifname { "lan" } counter accept iifname "server" ip saddr ${config.cloonar-assistant.networkPrefix}.97.20/32 oifname { "lan" } counter accept
''} ''}
${lib.optionalString config.cloonar-assistant.firewall.enable '' ${lib.optionalString config.cloonar-assistant.firewall.enable ''
# smart home coap # smart home coap
iifname "smart" oifname "server" ip daddr ${config.networkPrefix}.97.20/32 udp dport { 5683 } counter accept iifname "smart" oifname "server" ip daddr ${config.cloonar-assistant.networkPrefix}.97.20/32 udp dport { 5683 } counter accept
iifname "smart" oifname "server" ip daddr ${config.networkPrefix}.97.20/32 tcp dport { 1883 } counter accept iifname "smart" oifname "server" ip daddr ${config.cloonar-assistant.networkPrefix}.97.20/32 tcp dport { 1883 } counter accept
# lan and vpn to any # lan and vpn to any
iifname { "lan", "server", "vserver", "wg_cloonar" } oifname { "lan", "server", "vserver", "infrastructure", "multimedia", "smart", "wg_cloonar", "guest", "setup" } counter accept iifname { "lan", "server", "vserver", "wg_cloonar" } oifname { "lan", "server", "vserver", "infrastructure", "multimedia", "smart", "wg_cloonar", "guest", "setup" } counter accept
@@ -138,7 +138,7 @@ in {
content = '' content = ''
chain prerouting { chain prerouting {
type nat hook prerouting priority filter; policy accept; type nat hook prerouting priority filter; policy accept;
iifname "server" ip daddr ${config.networkPrefix}.96.255 udp dport { 9 } dnat to ${config.networkPrefix}.96.255 iifname "server" ip daddr ${config.cloonar-assistant.networkPrefix}.96.255 udp dport { 9 } dnat to ${config.cloonar-assistant.networkPrefix}.96.255
${config.cloonar-assistant.firewall.custom-rules.prerouting} ${config.cloonar-assistant.firewall.custom-rules.prerouting}
} }

14
modules/cloonar-assistant/networking/interfaces.nix
View File

@@ -34,7 +34,7 @@
networking = if config.cloonar-assistant.firewall.enable then { networking = if config.cloonar-assistant.firewall.enable then {
useDHCP = false; useDHCP = false;
# Define VLANS # Define VLANS
nameservers = [ "${config.networkPrefix}.97.1" ]; nameservers = [ "${config.cloonar-assistant.networkPrefix}.97.1" ];
# resolvconf.enable = false; # resolvconf.enable = false;
vlans = { vlans = {
infrastructure = { infrastructure = {
@@ -71,37 +71,37 @@
wan.useDHCP = true; wan.useDHCP = true;
lan = { lan = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "${config.networkPrefix}.96.1"; address = "${config.cloonar-assistant.networkPrefix}.96.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
server = { server = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "${config.networkPrefix}.97.1"; address = "${config.cloonar-assistant.networkPrefix}.97.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
infrastructure = { infrastructure = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "${config.networkPrefix}.101.1"; address = "${config.cloonar-assistant.networkPrefix}.101.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
multimedia = { multimedia = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "${config.networkPrefix}.99.1"; address = "${config.cloonar-assistant.networkPrefix}.99.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
smart = { smart = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "${config.networkPrefix}.100.1"; address = "${config.cloonar-assistant.networkPrefix}.100.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };
guest = { guest = {
ipv4.addresses = [{ ipv4.addresses = [{
address = "${config.networkPrefix}.254.1"; address = "${config.cloonar-assistant.networkPrefix}.254.1";
prefixLength = 24; prefixLength = 24;
}]; }];
}; };

26
modules/cloonar-assistant/networking/unbound.nix
View File

@@ -7,11 +7,11 @@ let
interface-automatic = "yes"; interface-automatic = "yes";
access-control = [ access-control = [
"127.0.0.0/8 allow" "127.0.0.0/8 allow"
"${config.networkPrefix}.96.0/24 allow" "${config.cloonar-assistant.networkPrefix}.96.0/24 allow"
"${config.networkPrefix}.97.0/24 allow" "${config.cloonar-assistant.networkPrefix}.97.0/24 allow"
"${config.networkPrefix}.98.0/24 allow" "${config.cloonar-assistant.networkPrefix}.98.0/24 allow"
"${config.networkPrefix}.99.0/24 allow" "${config.cloonar-assistant.networkPrefix}.99.0/24 allow"
"${config.networkPrefix}.101.0/24 allow" "${config.cloonar-assistant.networkPrefix}.101.0/24 allow"
"0.0.0.0/0 allow" "0.0.0.0/0 allow"
]; ];
tls-cert-bundle = "/etc/ssl/certs/ca-certificates.crt"; tls-cert-bundle = "/etc/ssl/certs/ca-certificates.crt";
@@ -21,19 +21,19 @@ let
"\"localhost.${config.cloonar-assistant.domain} A 127.0.0.1\"" "\"localhost.${config.cloonar-assistant.domain} A 127.0.0.1\""
"\"localhost AAAA ::1\"" "\"localhost AAAA ::1\""
"\"localhost.${config.cloonar-assistant.domain} AAAA ::1\"" "\"localhost.${config.cloonar-assistant.domain} AAAA ::1\""
"\"fw.${config.cloonar-assistant.domain} A ${config.networkPrefix}.97.1\"" "\"fw.${config.cloonar-assistant.domain} A ${config.cloonar-assistant.networkPrefix}.97.1\""
"\"fw A ${config.networkPrefix}.97.1\"" "\"fw A ${config.cloonar-assistant.networkPrefix}.97.1\""
"\"mopidy.${config.cloonar-assistant.domain} IN A ${config.networkPrefix}.97.21\"" "\"mopidy.${config.cloonar-assistant.domain} IN A ${config.cloonar-assistant.networkPrefix}.97.21\""
"\"snapcast.${config.cloonar-assistant.domain} IN A ${config.networkPrefix}.97.21\"" "\"snapcast.${config.cloonar-assistant.domain} IN A ${config.cloonar-assistant.networkPrefix}.97.21\""
"\"home-assistant.${config.cloonar-assistant.domain} IN A ${config.networkPrefix}.97.20\"" "\"home-assistant.${config.cloonar-assistant.domain} IN A ${config.cloonar-assistant.networkPrefix}.97.20\""
]; ];
local-data-ptr = [ local-data-ptr = [
"\"127.0.0.1 localhost\"" "\"127.0.0.1 localhost\""
"\"::1 localhost\"" "\"::1 localhost\""
"\"${config.networkPrefix}.97.1 fw.${config.cloonar-assistant.domain}\"" "\"${config.cloonar-assistant.networkPrefix}.97.1 fw.${config.cloonar-assistant.domain}\""
"\"${config.networkPrefix}.97.20 home-assistant.${config.cloonar-assistant.domain}\"" "\"${config.cloonar-assistant.networkPrefix}.97.20 home-assistant.${config.cloonar-assistant.domain}\""
"\"${config.networkPrefix}.97.21 snapcast.${config.cloonar-assistant.domain}\"" "\"${config.cloonar-assistant.networkPrefix}.97.21 snapcast.${config.cloonar-assistant.domain}\""
]; ];
# ssl-upstream = "yes"; # ssl-upstream = "yes";
}; };