Add Jupiter to mycelium

2025-05-30 00:42:55 -04:00 · 2025-05-30 00:42:55 -04:00 · 6a2fd78220
commit 6a2fd78220
parent 3bf365966c
8 changed files with 50 additions and 10 deletions
--- a/modules/home/programs/terminal/ssh/default.nix
+++ b/modules/home/programs/terminal/ssh/default.nix
@ -7,6 +7,7 @@
    matchBlocks = {
      # Personal servers
      tower.hostname = "577:84d1:b682:9ac3:b987:b78e:33d9:2060";
+      jupiter.hostname = "5ce:969c:40d1:9575:f5e:591d:c377:a20b";
      midas.hostname = "538:e163:87ba:f847:3646:18b6:6b01:d8f8";
      kitty.hostname = "53f:dc2d:80c9:3ca2:4b15:ef4d:38a0:c868";
      prophet.hostname = "42f:2737:2aed:4dee:cbe4:3c73:1918:ad9b";
--- a/modules/system/devices/networking/default.nix
+++ b/modules/system/devices/networking/default.nix
@ -17,4 +17,9 @@
    enable = config.networking.useNetworkd;
    dnsovertls = "true";
  };
+
+  systemd = {
+    services.NetworkManager-wait-online.enable = false;
+    network.wait-online.enable = false;
+  };
 }
--- a/modules/system/devices/networking/mycelium/ips/default.nix
+++ b/modules/system/devices/networking/mycelium/ips/default.nix
@ -6,6 +6,7 @@

  config.services.mycelium.ips = {
    tower = "577:84d1:b682:9ac3:b987:b78e:33d9:2060";
+    jupiter = "5ce:969c:40d1:9575:f5e:591d:c377:a20b";
    midas = "538:e163:87ba:f847:3646:18b6:6b01:d8f8";
    kitty = "53f:dc2d:80c9:3ca2:4b15:ef4d:38a0:c868";
    prophet = "42f:2737:2aed:4dee:cbe4:3c73:1918:ad9b";
--- a/modules/system/services/server/nfs/default.nix
+++ b/modules/system/services/server/nfs/default.nix
@ -5,7 +5,7 @@
  config = lib.mkIf config.services.nfs.server.enable {
    services.nfs.server.exports = "/storage *(rw)";
    networking.firewall.extraInputRules = with config.services.mycelium.ips; ''
-      ip6 saddr { ${tower}, ${midas}, ${kitty}, ${prophet} } tcp dport 2049 accept
+      ip6 saddr { ${tower}, ${jupiter}, ${midas}, ${kitty}, ${prophet} } tcp dport 2049 accept
    '';
  };
 }
--- a/modules/system/services/server/nginx/rtmp/default.nix
+++ b/modules/system/services/server/nginx/rtmp/default.nix
@ -24,7 +24,7 @@
      '';
    };
    networking.firewall.extraInputRules = with config.services.mycelium.ips; ''
-      ip6 saddr ${tower} tcp dport 1935 accept
+      ip6 saddr { ${tower}, ${jupiter} } tcp dport 1935 accept
      ip saddr { ${config.secrets.ips.luna}, ${config.secrets.ips.corn} } tcp dport 1935 accept
    '';
    systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www/landing-page/streams/hls/" ];
--- a/modules/system/services/server/owncast/default.nix
+++ b/modules/system/services/server/owncast/default.nix
@ -8,7 +8,7 @@
      rtmp-port = 1945;
    };
    networking.firewall.extraInputRules = with config.services.mycelium.ips; ''
-      ip6 saddr ${tower} tcp dport 1935 accept
+      ip6 saddr { ${tower}, ${jupiter} } tcp dport 1935 accept
    '';
    environment.persistence."/persist".directories = [ "/var/lib/owncast" ];
  };