pyrox.dev
+3
.nvim.lua
+3
.nvim.lua
+81
-4
flake.lock
+81
-4
flake.lock
·····················
+4
flake.nix
+4
flake.nix
+4
hosts/default.nix
+4
hosts/default.nix
-109
hosts/prefect/dn42/bgp.nix
-109
hosts/prefect/dn42/bgp.nix
···
-315
hosts/prefect/dn42/bird.conf
-315
hosts/prefect/dn42/bird.conf
···-else if (64511, 22) ~ bgp_community then { bgp_community.delete([(64511, 23..29)]); return 22; }-else if (64511, 23) ~ bgp_community then { bgp_community.delete([(64511, 24..29)]); return 23; }-else if (64511, 24) ~ bgp_community then { bgp_community.delete([(64511, 25..29)]); return 24; }-else if (64511, 25) ~ bgp_community then { bgp_community.delete([(64511, 26..29)]); return 25; }-else if (64511, 26) ~ bgp_community then { bgp_community.delete([(64511, 27..29)]); return 26; }-else if (64511, 27) ~ bgp_community then { bgp_community.delete([(64511, 28..29)]); return 27; }-else if (64511, 28) ~ bgp_community then { bgp_community.delete([(64511, 29..29)]); return 28; }-else if (64511, 32) ~ bgp_community then { bgp_community.delete([(64511, 33..34)]); return 32; }-else if (64511, 33) ~ bgp_community then { bgp_community.delete([(64511, 34..34)]); return 33; }-if (is_valid_network() && !is_self_net()) || (is_valid_network_v6() && !is_self_net_v6()) then {-if roa_check(dn42_roa, net, bgp_path.last) != ROA_VALID && roa_check(dn42_roa_v6, net, bgp_path.last) != ROA_VALID then {-# if roa_check(dn42_roa, net, bgp_path.last) != ROA_VALID && roa_check(dn42_roa_v6, net, bgp_path.last) != ROA_VALID then {
+53
-20
hosts/prefect/dn42/default.nix
+53
-20
hosts/prefect/dn42/default.nix
···
+25
hosts/prefect/dn42/peers/bandura.nix
+25
hosts/prefect/dn42/peers/bandura.nix
···
+26
hosts/prefect/dn42/peers/catgirls.nix
+26
hosts/prefect/dn42/peers/catgirls.nix
···
+26
hosts/prefect/dn42/peers/chrismoos.nix
+26
hosts/prefect/dn42/peers/chrismoos.nix
···
+21
hosts/prefect/dn42/peers/default.nix
+21
hosts/prefect/dn42/peers/default.nix
···
+26
hosts/prefect/dn42/peers/iedon.nix
+26
hosts/prefect/dn42/peers/iedon.nix
···
+27
hosts/prefect/dn42/peers/kioubit.nix
+27
hosts/prefect/dn42/peers/kioubit.nix
···
+25
hosts/prefect/dn42/peers/lare.nix
+25
hosts/prefect/dn42/peers/lare.nix
···
+26
hosts/prefect/dn42/peers/potato.nix
+26
hosts/prefect/dn42/peers/potato.nix
···
+26
hosts/prefect/dn42/peers/routedbits.nix
+26
hosts/prefect/dn42/peers/routedbits.nix
···
+26
hosts/prefect/dn42/peers/sunnet.nix
+26
hosts/prefect/dn42/peers/sunnet.nix
···
+26
hosts/prefect/dn42/peers/uffsalot.nix
+26
hosts/prefect/dn42/peers/uffsalot.nix
···
-69
hosts/prefect/dn42/services.nix
-69
hosts/prefect/dn42/services.nix
···-${pkgs.curl}/bin/curl -sfSLR {-o,-z}/etc/bird/roa_dn42_v6.conf https://dn42.burble.com/roa/dn42_roa_bird2_6.conf-${pkgs.curl}/bin/curl -sfSLR {-o,-z}/etc/bird/roa_dn42.conf https://dn42.burble.com/roa/dn42_roa_bird2_4.conf-"\n ipv4 {\n extended next hop on;\n import where dn42_import_filter(${x.link},25,34);\n export where dn42_export_filter(${x.link},25,34);\n import keep filtered;\n };\n "-"\n ipv6 {\n extended next hop on;\n import where dn42_import_filter(${x.link},25,34);\n export where dn42_export_filter(${x.link},25,34);\n import keep filtered;\n };\n "
-75
hosts/prefect/dn42/tunnels.nix
-75
hosts/prefect/dn42/tunnels.nix
···-tunnel 487 defaultPrivKeyFile "itmJ4Z8V1aNN368P6kMzuQM+GdzWbBKZjJiXrgSeGlw=" defaultLocalIPv4 "fe80::100"-tunnel 488 defaultPrivKeyFile "6Cylr9h1xFduAO+5nyXhFI1XJ0+Sw9jCpCDvcqErF1s=" defaultLocalIPv4 "fe80::3"-tunnel 491 defaultPrivKeyFile "Sz0UhewjDk2yRKI0QL9rB+5daWpXFVlbbz9cLfVVLn4=" defaultLocalIPv4 "fe80::6"-tunnel 492 defaultPrivKeyFile "QSAeFPotqFpF6fFe3CMrMjrpS5AL54AxWY2w1+Ot2Bo=" defaultLocalIPv4 "fe80::abcd"-tunnel 493 defaultPrivKeyFile "jo8eAfY8LeA4FAEJ4laYYMNkMd4z3oO/zN5DN0Mo+RQ=" defaultLocalIPv4 "fe80::7" "karx.xyz:22459"-tunnel 495 defaultPrivKeyFile "LUwqKS6QrCPv510Pwt1eAIiHACYDsbMjrkrbGTJfviU=" defaultLocalIPv4 "fe80::9"-tunnel 496 defaultPrivKeyFile "7V65FxvD9AQetyUr0qSiu+ik8samB4Atrw2ekvC0xQM=" defaultLocalIPv4 "fe80::10"-tunnel 497 defaultPrivKeyFile "xPW1/cWYDkk/IAss1GbdwVMW7fzKtyHA+qrfCriOB2k=" defaultLocalIPv4 "fe80::11"-tunnel 498 defaultPrivKeyFile "7HNg2+uMI2WfntN+WlMnlTDG6xra/Dusee82cuXWMBY=" defaultLocalIPv4 "fe80::12"
+63
hosts/prefect/dn42/types.nix
+63
hosts/prefect/dn42/types.nix
···
-43
hosts/prefect/dn42/wireguard.nix
-43
hosts/prefect/dn42/wireguard.nix
···-customTunnel = listenPort: privKeyFile: peerPubKey: endpoint: name: peerIPv4: peerIPv6: localIPv4: localIPv6: isOspf: {-${if peerIPv4 != "" then "${pkgs.iproute2}/bin/ip addr add ${localIPv4} peer ${peerIPv4} dev ${name}" else ""}-${if peerIPv6 != "" then "${pkgs.iproute2}/bin/ip -6 addr add ${localIPv6} peer ${peerIPv6} dev ${name}" else ""}-+ lib.optionalString isOspf "${pkgs.iproute2}/bin/ip -6 addr add ${defaultLocalIPv6} dev ${name}";-customTunnel listenPort privKeyFile peerPubKey endpoint name peerIPv4 peerIPv6 localIPv4 localIPv6 false;-customTunnel listenPort privKeyFile peerPubKey endpoint name peerIPv4 peerIPv6 defaultLocalIPv4 ULAIPv6 true;
+2
-17
hosts/prefect/firewall.nix
+2
-17
hosts/prefect/firewall.nix
···
-1
hosts/prefect/services/tailscale.nix
-1
hosts/prefect/services/tailscale.nix
+2
nixosModules/default.nix
+2
nixosModules/default.nix
+127
nixosModules/dn42Wireguard/default.nix
+127
nixosModules/dn42Wireguard/default.nix
···+) "${pkgs.iproute2}/bin/ip addr add ${fc.localAddrs.v4} peer ${fc.peerAddrs.v4} dev wg42_${name}"}+) "${pkgs.iproute2}/bin/ip addr add ${fc.localAddrs.v6} peer ${fc.peerAddrs.v6} dev wg42_${name}"}