From 93f640e0fa70ba39883b405965df9fff66bcfd12 Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Mon, 8 Dec 2025 09:12:57 +0100 Subject: [PATCH 01/10] poc host file --- hosts.nix | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++ variables.nix | 8 ++++++ 2 files changed, 77 insertions(+) create mode 100644 hosts.nix create mode 100644 variables.nix diff --git a/hosts.nix b/hosts.nix new file mode 100644 index 0000000..e904252 --- /dev/null +++ b/hosts.nix @@ -0,0 +1,69 @@ +{adm,srv,srv-nat,san, adh}: +{ + physiques = [ + { + name = "cephirot"; + id = 3; + vlans = [ + adm + san + ]; + serveur_type = ["san"]; + description = '' + Un serveur avec peut etre un jour ceph + ''; + } + { + name = "thot"; + id = 14; + vlans = [ + adm + san + ]; + serveur_type = ["backup"]; + description = '' + Serveur de backup du Crans, actuellement en SQ39 + ''; + } + ]; + + vms = [ + { + name = "romanesco"; + is_debian = true; + id = 145; + vlans = [ + adm + (adh "185.230.78.252") + (srv "185.230.79.5") + ]; + description = '' + DNS récursif + ''; + } + { + name = "neo"; + id = 145; + vlans = [ + adm + # pas besoin de spécifier l'ipv6 car elle est construite depuis l'id + (srv "180.230.79.5") + ]; + description = '' + Matrix du crans, heberge également le bridge IRC <-> Matrix + ''; + } + { + name = "NextCloud"; + id = 146; + vlans = [ + adm + san + srv-nat + ]; + description = '' + NextCloud du Crans + ''; + } + ]; +} diff --git a/variables.nix b/variables.nix new file mode 100644 index 0000000..00f475a --- /dev/null +++ b/variables.nix @@ -0,0 +1,8 @@ +let + machines = import ./hosts.nix; +in +{ + + dns-recursif = machines.vms.romanesco.id; + +} From 164c1e22db9f60854d5e09c3c0ba3d399ee6341d Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Mon, 15 Dec 2025 13:09:41 +0100 Subject: [PATCH 02/10] add ssh public key --- hosts.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts.nix b/hosts.nix index e904252..086d03b 100644 --- a/hosts.nix +++ b/hosts.nix @@ -12,6 +12,7 @@ description = '' Un serveur avec peut etre un jour ceph ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; } { name = "thot"; @@ -24,6 +25,7 @@ description = '' Serveur de backup du Crans, actuellement en SQ39 ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; } ]; @@ -40,6 +42,7 @@ description = '' DNS récursif ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; } { name = "neo"; @@ -52,6 +55,7 @@ description = '' Matrix du crans, heberge également le bridge IRC <-> Matrix ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; } { name = "NextCloud"; @@ -64,6 +68,7 @@ description = '' NextCloud du Crans ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; } ]; } From c0b76bba4ded69e6d31592fa829c3bfaa1db5a2a Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Mon, 15 Dec 2025 20:17:16 +0100 Subject: [PATCH 03/10] continue POC refactor --- flake.nix | 71 +++++++------------------- hosts.nix | 147 ++++++++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 137 insertions(+), 81 deletions(-) diff --git a/flake.nix b/flake.nix index d841f39..2c031ea 100644 --- a/flake.nix +++ b/flake.nix @@ -38,63 +38,26 @@ ./modules agenix.nixosModules.default ]; + hosts = import ./hosts.nix; in - { - apprentix = nixosSystem { + # Physiques + (mapAttrs (name: value: + nixosSystem { specialArgs = inputs; - modules = [ ./hosts/vm/apprentix ] ++ baseModules; - }; - - jitsi = nixosSystem { + modules = [./hosts/physiques/${name}] ++ baseModules; + } + ) + (filterAttrs (n: v: !(attrByPath ["is_debian"] false v)) hosts.physiques) + )// + # VMs + (mapAttrs (name: value: + nixosSystem { specialArgs = inputs; - modules = [ ./hosts/vm/jitsi ] ++ baseModules; - }; - - livre = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/livre ] ++ baseModules; - }; - - neo = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/neo ] ++ baseModules; - }; - - nextcloud = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/nextcloud ] ++ baseModules; - }; - - periodique = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/periodique ] ++ baseModules; - }; - - redite = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/redite ] ++ baseModules; - }; - - reverseproxy = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/reverseproxy ] ++ baseModules; - }; - - thot = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/physiques/thot ] ++ baseModules; - }; - - two = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/two ] ++ baseModules; - }; - - vaultwarden = nixosSystem { - specialArgs = inputs; - modules = [ ./hosts/vm/vaultwarden ] ++ baseModules; - }; - }; + modules = [./hosts/vm/${name}] ++ baseModules; + } + ) + (filterAttrs (n: v: !(attrByPath ["is_debian"] false v)) hosts.vms) + ); }; perSystem = diff --git a/hosts.nix b/hosts.nix index 086d03b..d85a6d3 100644 --- a/hosts.nix +++ b/hosts.nix @@ -1,20 +1,26 @@ -{adm,srv,srv-nat,san, adh}: +let + adm = 10; + srv = n: 4; + srv-nat = 2; + san = 3; + adh = 42; +in { - physiques = [ - { - name = "cephirot"; - id = 3; - vlans = [ - adm - san - ]; - serveur_type = ["san"]; - description = '' - Un serveur avec peut etre un jour ceph - ''; - public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; - } - { + physiques ={ + # cephirot = { + # name = "cephirot"; + # id = 3; + # vlans = [ + # adm + # san + # ]; + # serveur_type = ["san"]; + # description = '' + # Un serveur avec peut etre un jour ceph + # ''; + # public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + # }; + thot = { name = "thot"; id = 14; vlans = [ @@ -26,11 +32,11 @@ Serveur de backup du Crans, actuellement en SQ39 ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; - } - ]; + }; + }; - vms = [ - { + vms = { + romanesco = { name = "romanesco"; is_debian = true; id = 145; @@ -43,8 +49,8 @@ DNS récursif ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; - } - { + }; + neo = { name = "neo"; id = 145; vlans = [ @@ -56,9 +62,8 @@ Matrix du crans, heberge également le bridge IRC <-> Matrix ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; - } - { - name = "NextCloud"; + }; + nextcloud = { id = 146; vlans = [ adm @@ -69,6 +74,94 @@ NextCloud du Crans ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; - } - ]; + }; + apprentix = { + id = 150; + vlans = [ + adm + ]; + description = '' + VM NixOs apprentie + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + jitsi = { + id = 163; + vlans = [ + adm + (srv "185.230.79.15") + ]; + description = '' + Jitsi du crans + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + livre = { + id = 140; + vlans = [ + adm + srv-nat + ]; + description = '' + Stirling PDF + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + periodique = { + id = 118; + vlans = [ + adm + srv-nat + ]; + description = '' + Client matrix web (element) + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + redite = { + id = 139; + vlans = [ + adm + srv-nat + ]; + description = '' + Redite + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + reverseproxy = { + id = 151; + vlans = [ + adm + srv-nat + (srv "185.230.79.42") + ]; + description = '' + NextCloud du Crans + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + two = { + id = 135; + vlans = [ + adm + srv-nat + ]; + description = '' + Une vm de test + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + vaultwarden = { + id = 159; + vlans = [ + adm + srv-nat + ]; + description = '' + Vaultwarden + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + }; } From e1fd5d8406e39dcefee6c11999bbdd8161fbcfef Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Mon, 15 Dec 2025 20:21:26 +0100 Subject: [PATCH 04/10] add comment --- flake.nix | 45 ++++++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 21 deletions(-) diff --git a/flake.nix b/flake.nix index 2c031ea..f467ac0 100644 --- a/flake.nix +++ b/flake.nix @@ -19,12 +19,11 @@ }; outputs = - inputs@{ - self, - nixpkgs, - flake-parts, - agenix, - ... + inputs@{ self + , nixpkgs + , flake-parts + , agenix + , ... }: flake-parts.lib.mkFlake { inherit inputs; } { imports = [ inputs.treefmt-nix.flakeModule ]; @@ -41,22 +40,26 @@ hosts = import ./hosts.nix; in # Physiques - (mapAttrs (name: value: - nixosSystem { - specialArgs = inputs; - modules = [./hosts/physiques/${name}] ++ baseModules; - } - ) - (filterAttrs (n: v: !(attrByPath ["is_debian"] false v)) hosts.physiques) - )// + (mapAttrs + (name: value: + nixosSystem { + specialArgs = inputs; + modules = [ ./hosts/physiques/${name} ] ++ baseModules; + } + ) + # Filtre que c'est bien une machine Nixos + (filterAttrs (n: v: !(attrByPath [ "is_debian" ] false v)) hosts.physiques) + ) // # VMs - (mapAttrs (name: value: - nixosSystem { - specialArgs = inputs; - modules = [./hosts/vm/${name}] ++ baseModules; - } - ) - (filterAttrs (n: v: !(attrByPath ["is_debian"] false v)) hosts.vms) + (mapAttrs + (name: value: + nixosSystem { + specialArgs = inputs; + modules = [ ./hosts/vm/${name} ] ++ baseModules; + } + ) + # Filtre que c'est bien une machine Nixos + (filterAttrs (n: v: !(attrByPath [ "is_debian" ] false v)) hosts.vms) ); }; From b38db10cd8b32aa81848bd5786a516a4ce547a9c Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Sun, 18 Jan 2026 04:44:10 +0100 Subject: [PATCH 05/10] =?UTF-8?q?petit=20avancement=20sur=20l'id=C3=A9e?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hosts.nix | 214 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 205 insertions(+), 9 deletions(-) diff --git a/hosts.nix b/hosts.nix index d85a6d3..7cae6bd 100644 --- a/hosts.nix +++ b/hosts.nix @@ -1,14 +1,77 @@ let adm = 10; - srv = n: 4; + srv = ip: 4; srv-nat = 2; san = 3; - adh = 42; + adh = ip: 42; in { physiques ={ + thot = { + id = 14; + vlans = [ + adm + ]; + serveur_type = ["backup"]; + description = '' + Serveur de backup du Crans, actuellement en SQ39 + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + ft = { + is_debian = true; + id = 15; + vlans = [ + adm + ]; + serveur_type = ["backup"]; + description = '' + Serveur de backup du Crans, actuellement en SQ39 + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + switch = { + carapuce = 13; + arceus = 13; + ilo = { + carapuce = 25; # TODO + } + }; + }; + + tealc = { + is_debian = true; + id = 1; + vlans = [ + adm + san + ]; + serveur_type = ["san"]; + description = '' + Stockage adm + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + switch = { + carapuce = 10; + arceus = 10; + ilo = { + carapuce = 10; # TODO + } + }; + }; + cameron = { + is_debian = true; + id = 2; + vlans = [ + adm + san + ]; + serveur_type = ["san"]; + description = '' + Stockage adh + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; # cephirot = { - # name = "cephirot"; # id = 3; # vlans = [ # adm @@ -20,16 +83,149 @@ in # ''; # public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; # }; - thot = { - name = "thot"; - id = 14; + + arceus = { + is_debian = true; + id = 7; vlans = [ adm san ]; - serveur_type = ["backup"]; + serveur_type = ["switch"]; description = '' - Serveur de backup du Crans, actuellement en SQ39 + Switch principal + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + carapuce = { + is_debian = true; + id = 8; + vlans = [ + adm + san + ]; + serveur_type = ["switch"]; + description = '' + Switch principal + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + + sam = { + is_debian = true; + id = 11; + vlans = [ + adm + san + srv-nat + ]; + serveur_type = ["pve"]; + description = '' + PVE adm + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + switch = { + carapuce = 1; + arceus = 1; + ilo = { + carapuce = 25; # TODO + } + }; + }; + daniel = { + is_debian = true; + id = 12; + vlans = [ + adm + san + srv-nat + ]; + serveur_type = ["pve"]; + description = '' + PVE adm + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + switch = { + carapuce = 3; + arceus = 3; + ilo = { + carapuce = 25; # TODO + } + }; + }; + jack = { + is_debian = true; + id = 13; + vlans = [ + adm + san + srv-nat + ]; + serveur_type = ["pve"]; + description = '' + PVE adm + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + switch = { + carapuce = 5; + arceus = 5; + ilo = { + carapuce = 25; # TODO + } + }; + }; + + odlyd = { + is_debian = true; + id = 16; + vlans = [ + adh + adm + ]; + serveur_type = ["pve"]; + description = '' + PVE adh, fait actuellement le mort + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + stitch = { + is_debian = true; + id = 17; + vlans = [ + adh + adm + ]; + serveur_type = ["pve"]; + description = '' + PVE adh + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + gulp = { + is_debian = true; + id = 18; + vlans = [ + adh + adm + ]; + serveur_type = ["pve"]; + description = '' + PVE adh + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + + zamok = { + is_debian = true; + id = 31; + vlans = [ + adh + adm + san + ]; + serveur_type = ["pve"]; + description = '' + Serveur de calcul adhérent ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; }; @@ -43,7 +239,7 @@ in vlans = [ adm (adh "185.230.78.252") - (srv "185.230.79.5") + (srv "185.230.79.59") ]; description = '' DNS récursif From 587a67efcd1be203fbf18647f966f903387e630c Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Sun, 18 Jan 2026 04:53:11 +0100 Subject: [PATCH 06/10] fix: missing ; --- hosts.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/hosts.nix b/hosts.nix index 7cae6bd..edef775 100644 --- a/hosts.nix +++ b/hosts.nix @@ -34,7 +34,7 @@ in arceus = 13; ilo = { carapuce = 25; # TODO - } + }; }; }; @@ -55,7 +55,7 @@ in arceus = 10; ilo = { carapuce = 10; # TODO - } + }; }; }; cameron = { @@ -129,7 +129,7 @@ in arceus = 1; ilo = { carapuce = 25; # TODO - } + }; }; }; daniel = { @@ -150,7 +150,7 @@ in arceus = 3; ilo = { carapuce = 25; # TODO - } + }; }; }; jack = { @@ -171,7 +171,7 @@ in arceus = 5; ilo = { carapuce = 25; # TODO - } + }; }; }; From 94dfc8c6a4521aaa54909496f2da92324e5efa58 Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Sat, 24 Jan 2026 21:05:59 +0100 Subject: [PATCH 07/10] modif pour pouvoir generer la conf des switchs --- hosts.nix | 98 ++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 65 insertions(+), 33 deletions(-) diff --git a/hosts.nix b/hosts.nix index edef775..839e124 100644 --- a/hosts.nix +++ b/hosts.nix @@ -1,15 +1,47 @@ -let - adm = 10; - srv = ip: 4; - srv-nat = 2; - san = 3; - adh = ip: 42; -in -{ +rec { + vlans = { + srv = {id = 2;}; + srv-nat = {id = 3;}; + san = {id = 4;}; + adm = {id = 10;}; + adh = {id = 12;}; + adm-adh = {id = 13;}; + vr = {id = 27;}; + aurore = {id = 28;}; + imprimante = {id = 2756;}; + }; + + reseaux = { + aurore = { + vlans = with vlans; [ + aurore + ]; + switch = { + carapuce = 19; + }; + }; + # vr = { + # vlans = with vlans; [ + # vr + # ]; + # switch = { + # arceus = 21; + # }; + # }; + ens = { + vlans = with vlans; [ + imprimante + ]; + switch = { + carapuce = 17; + }; + }; + }; + physiques ={ thot = { id = 14; - vlans = [ + vlans = with vlans; [ adm ]; serveur_type = ["backup"]; @@ -21,7 +53,7 @@ in ft = { is_debian = true; id = 15; - vlans = [ + vlans = with vlans; [ adm ]; serveur_type = ["backup"]; @@ -41,7 +73,7 @@ in tealc = { is_debian = true; id = 1; - vlans = [ + vlans = with vlans; [ adm san ]; @@ -61,7 +93,7 @@ in cameron = { is_debian = true; id = 2; - vlans = [ + vlans = with vlans; [ adm san ]; @@ -73,7 +105,7 @@ in }; # cephirot = { # id = 3; - # vlans = [ + # vlans = with vlans; [ # adm # san # ]; @@ -87,7 +119,7 @@ in arceus = { is_debian = true; id = 7; - vlans = [ + vlans = with vlans; [ adm san ]; @@ -100,7 +132,7 @@ in carapuce = { is_debian = true; id = 8; - vlans = [ + vlans = with vlans; [ adm san ]; @@ -114,7 +146,7 @@ in sam = { is_debian = true; id = 11; - vlans = [ + vlans = with vlans; [ adm san srv-nat @@ -135,7 +167,7 @@ in daniel = { is_debian = true; id = 12; - vlans = [ + vlans = with vlans; [ adm san srv-nat @@ -156,7 +188,7 @@ in jack = { is_debian = true; id = 13; - vlans = [ + vlans = with vlans; [ adm san srv-nat @@ -178,7 +210,7 @@ in odlyd = { is_debian = true; id = 16; - vlans = [ + vlans = with vlans; [ adh adm ]; @@ -191,7 +223,7 @@ in stitch = { is_debian = true; id = 17; - vlans = [ + vlans = with vlans; [ adh adm ]; @@ -201,7 +233,7 @@ in ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; }; - gulp = { + gulp = with vlans; { is_debian = true; id = 18; vlans = [ @@ -215,7 +247,7 @@ in public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; }; - zamok = { + zamok = with vlans; { is_debian = true; id = 31; vlans = [ @@ -236,7 +268,7 @@ in name = "romanesco"; is_debian = true; id = 145; - vlans = [ + vlans = with vlans; [ adm (adh "185.230.78.252") (srv "185.230.79.59") @@ -246,7 +278,7 @@ in ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; }; - neo = { + neo = with vlans; { name = "neo"; id = 145; vlans = [ @@ -261,7 +293,7 @@ in }; nextcloud = { id = 146; - vlans = [ + vlans = with vlans; [ adm san srv-nat @@ -273,7 +305,7 @@ in }; apprentix = { id = 150; - vlans = [ + vlans = with vlans; [ adm ]; description = '' @@ -283,7 +315,7 @@ in }; jitsi = { id = 163; - vlans = [ + vlans = with vlans; [ adm (srv "185.230.79.15") ]; @@ -294,7 +326,7 @@ in }; livre = { id = 140; - vlans = [ + vlans = with vlans; [ adm srv-nat ]; @@ -305,7 +337,7 @@ in }; periodique = { id = 118; - vlans = [ + vlans = with vlans; [ adm srv-nat ]; @@ -316,7 +348,7 @@ in }; redite = { id = 139; - vlans = [ + vlans = with vlans; [ adm srv-nat ]; @@ -325,7 +357,7 @@ in ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; }; - reverseproxy = { + reverseproxy = with vlans; { id = 151; vlans = [ adm @@ -339,7 +371,7 @@ in }; two = { id = 135; - vlans = [ + vlans = with vlans; [ adm srv-nat ]; @@ -350,7 +382,7 @@ in }; vaultwarden = { id = 159; - vlans = [ + vlans = with vlans; [ adm srv-nat ]; From 21634a7e5e4f25ac229aea735580c2dcde0d909b Mon Sep 17 00:00:00 2001 From: Hachino Date: Wed, 4 Feb 2026 08:05:09 +0100 Subject: [PATCH 08/10] Typo sur Neo --- hosts.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts.nix b/hosts.nix index 839e124..f70b190 100644 --- a/hosts.nix +++ b/hosts.nix @@ -284,7 +284,7 @@ rec { vlans = [ adm # pas besoin de spécifier l'ipv6 car elle est construite depuis l'id - (srv "180.230.79.5") + (srv "18R.230.79.5") ]; description = '' Matrix du crans, heberge également le bridge IRC <-> Matrix From b7e682fc5da8a7f8b8f76d35b124803fe82843c5 Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Wed, 4 Feb 2026 18:53:47 +0100 Subject: [PATCH 09/10] fix: typo correction typo :) --- hosts.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts.nix b/hosts.nix index f70b190..f542344 100644 --- a/hosts.nix +++ b/hosts.nix @@ -284,7 +284,7 @@ rec { vlans = [ adm # pas besoin de spécifier l'ipv6 car elle est construite depuis l'id - (srv "18R.230.79.5") + (srv "185.230.79.5") ]; description = '' Matrix du crans, heberge également le bridge IRC <-> Matrix From 63741ae107a27613366d9234340389c57d88b45a Mon Sep 17 00:00:00 2001 From: Lzebulon Date: Wed, 4 Feb 2026 20:28:49 +0100 Subject: [PATCH 10/10] add description vlan & switch & ilo info --- hosts.nix | 137 ++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 106 insertions(+), 31 deletions(-) diff --git a/hosts.nix b/hosts.nix index f542344..43ecad4 100644 --- a/hosts.nix +++ b/hosts.nix @@ -1,14 +1,57 @@ rec { vlans = { - srv = {id = 2;}; - srv-nat = {id = 3;}; - san = {id = 4;}; - adm = {id = 10;}; - adh = {id = 12;}; - adm-adh = {id = 13;}; - vr = {id = 27;}; - aurore = {id = 28;}; - imprimante = {id = 2756;}; + void = { + id = 1; + description = "VLAN par défaut des switchs"; + }; + srv = { + id = 2; + description = "Serveurs du Crans à IP publiques"; + ipv4 = "185.230.79.0/26"; + ipv6 = "2a0c:700:2::/64"; + }; + srv-nat = { + id = 3; + description = "Serveur du Crans derrière un NAT"; + ipv4 = "172.16.3.0/24"; + ipv6 = "2a0c:700:3::/64"; + }; + san = { + id = 4; + description = "Interconnexion avec les baies de stockage"; + }; + ceph = { + id = 6; + description = "VLan interne pour ceph (synchronisation des nodes ceph)"; + }; + adm = { + id = 10; + description = "Administration des serveurs"; + }; + adh = { + id = 12; + description = "Machines des adhérent·e·s à IP publiques"; + }; + adm-adh = { + id = 13; + description = "Administration des machines des adhérent·e·s"; + }; + viarezo = { + id = 27; + description = "Interconnexion avec viarezo"; + }; + aurore = { + id = 28; + description = "Interconnexion avec aurore"; + }; + ens = { + id = 38; + description = "Interconnexion avec l'ENS (arrive détaggé & vlan 2751 pour l'ENS)"; + }; + lp = { + id = 56; + description = "Connexion avec l'imprimante (vlan 2756 pour l'ENS)"; + }; }; reseaux = { @@ -22,7 +65,7 @@ rec { }; # vr = { # vlans = with vlans; [ - # vr + # viarezo # ]; # switch = { # arceus = 21; @@ -30,7 +73,8 @@ rec { # }; ens = { vlans = with vlans; [ - imprimante + ens + lp ]; switch = { carapuce = 17; @@ -64,9 +108,6 @@ rec { switch = { carapuce = 13; arceus = 13; - ilo = { - carapuce = 25; # TODO - }; }; }; @@ -85,9 +126,10 @@ rec { switch = { carapuce = 10; arceus = 10; - ilo = { - carapuce = 10; # TODO - }; + }; + ilo = { + id = 51; + switch.salameche = 18; }; }; cameron = { @@ -102,6 +144,14 @@ rec { Stockage adh ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + switch = { + # TODO: temp rebasculer sur fibre + salameche = -1 ; + }; + ilo = { + id = 52; + switch.salameche = 16; + }; }; # cephirot = { # id = 3; @@ -119,10 +169,7 @@ rec { arceus = { is_debian = true; id = 7; - vlans = with vlans; [ - adm - san - ]; + vlans = vlans; serveur_type = ["switch"]; description = '' Switch principal @@ -132,13 +179,38 @@ rec { carapuce = { is_debian = true; id = 8; + vlans = vlans; + serveur_type = ["switch"]; + description = '' + Switch principal + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + rodney = { + is_debian = true; + id = 9; + vlans = with vlans; [ + adh + adm + adm-adh + san + ]; + serveur_type = ["switch"]; + description = '' + Switch adh + ''; + public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; + }; + salameche = { + is_debian = true; + id = 10; vlans = with vlans; [ adm san ]; serveur_type = ["switch"]; description = '' - Switch principal + Switch ilo ''; public-ssh = "ssh-rsa TODOTODOTODOTODOTODOTODOTODO"; }; @@ -159,9 +231,10 @@ rec { switch = { carapuce = 1; arceus = 1; - ilo = { - carapuce = 25; # TODO - }; + }; + ilo = { + id = 21; + switch.salameche = 2; # TODO }; }; daniel = { @@ -180,9 +253,10 @@ rec { switch = { carapuce = 3; arceus = 3; - ilo = { - carapuce = 25; # TODO - }; + }; + ilo = { + id = 22; + switch.salameche = 4; # TODO }; }; jack = { @@ -201,9 +275,10 @@ rec { switch = { carapuce = 5; arceus = 5; - ilo = { - carapuce = 25; # TODO - }; + }; + ilo = { + id = 23; + switch.salameche = 6; # TODO }; };