Browse Source

nfs: prevent clients from going AWOL

main
Dustin Frisch 1 month ago
parent
commit
6309c1b2f0
No known key found for this signature in database GPG Key ID: B4C3BF012D9B26BE
  1. 50
      clients.nix
  2. 1
      machines/nfs/default.nix
  3. 24
      machines/nfs/netinstaller.nix
  4. 37
      machines/nfs/wol.nix

50
clients.nix

@ -1,28 +1,28 @@
{
"00" = { ip = "10.33.65.100"; mac = "24:4B:FE:AD:40:AE"; };
"01" = { ip = "10.33.65.101"; mac = "24:4B:FE:AD:3E:8E"; };
"02" = { ip = "10.33.65.102"; mac = "24:4B:FE:AD:3E:8F"; };
"03" = { ip = "10.33.65.103"; mac = "24:4B:FE:AD:3E:90"; };
"04" = { ip = "10.33.65.104"; mac = "24:4B:FE:AD:3E:91"; };
"05" = { ip = "10.33.65.105"; mac = "24:4B:FE:AD:3E:92"; };
"06" = { ip = "10.33.65.106"; mac = "24:4B:FE:AD:3E:93"; };
"07" = { ip = "10.33.65.107"; mac = "24:4B:FE:AD:3E:94"; };
"08" = { ip = "10.33.65.108"; mac = "24:4B:FE:AD:3E:95"; };
"09" = { ip = "10.33.65.109"; mac = "24:4B:FE:AD:3E:96"; };
"10" = { ip = "10.33.65.110"; mac = "24:4B:FE:AD:3F:B0"; };
"11" = { ip = "10.33.65.111"; mac = "24:4B:FE:AD:3F:B1"; };
"12" = { ip = "10.33.65.112"; mac = "24:4B:FE:AD:3F:B2"; };
"13" = { ip = "10.33.65.113"; mac = "24:4B:FE:AD:3F:B3"; };
"14" = { ip = "10.33.65.114"; mac = "24:4B:FE:AD:3F:B4"; };
"15" = { ip = "10.33.65.115"; mac = "24:4B:FE:AD:3F:B5"; };
"16" = { ip = "10.33.65.116"; mac = "24:4B:FE:AD:3F:B6"; };
"17" = { ip = "10.33.65.117"; mac = "24:4B:FE:AD:3F:B7"; };
"18" = { ip = "10.33.65.118"; mac = "24:4B:FE:AD:3F:B8"; };
"19" = { ip = "10.33.65.119"; mac = "24:4B:FE:AD:3F:B9"; };
"20" = { ip = "10.33.65.120"; mac = "3C:7C:3F:41:1D:B6"; };
"21" = { ip = "10.33.65.121"; mac = "3C:7C:3F:41:1D:B7"; };
"22" = { ip = "10.33.65.122"; mac = "3C:7C:3F:41:1D:B9"; };
"23" = { ip = "10.33.65.123"; mac = "3C:7C:3F:41:1D:BA"; };
"24" = { ip = "10.33.65.124"; mac = "3C:7C:3F:41:1D:BC"; };
"00" = { ip = "10.33.65.100"; mac = "24:4B:FE:AD:40:AE"; wol = "b4:2e:99:f6:f2:c2"; };
"01" = { ip = "10.33.65.101"; mac = "24:4B:FE:AD:3E:8E"; wol = "b4:2e:99:f6:8a:54"; };
"02" = { ip = "10.33.65.102"; mac = "24:4B:FE:AD:3E:8F"; wol = "b4:2e:99:f6:f4:28"; };
"03" = { ip = "10.33.65.103"; mac = "24:4B:FE:AD:3E:90"; wol = "b4:2e:99:f6:f2:ff"; };
"04" = { ip = "10.33.65.104"; mac = "24:4B:FE:AD:3E:91"; wol = "b4:2e:99:f6:f1:1c"; };
"05" = { ip = "10.33.65.105"; mac = "24:4B:FE:AD:3E:92"; wol = "b4:2e:99:f6:f4:2d"; };
"06" = { ip = "10.33.65.106"; mac = "24:4B:FE:AD:3E:93"; wol = "b4:2e:99:f6:f1:f3"; };
"07" = { ip = "10.33.65.107"; mac = "24:4B:FE:AD:3E:94"; wol = "b4:2e:99:f6:f4:24"; };
"08" = { ip = "10.33.65.108"; mac = "24:4B:FE:AD:3E:95"; wol = "b4:2e:99:f6:f1:f3"; };
"09" = { ip = "10.33.65.109"; mac = "24:4B:FE:AD:3E:96"; wol = "b4:2e:99:f6:88:e3"; };
"10" = { ip = "10.33.65.110"; mac = "24:4B:FE:AD:3F:B0"; wol = "b4:2e:99:f6:f2:ec"; };
"11" = { ip = "10.33.65.111"; mac = "24:4B:FE:AD:3F:B1"; wol = "b4:2e:99:f6:f4:01"; };
"12" = { ip = "10.33.65.112"; mac = "24:4B:FE:AD:3F:B2"; wol = "b4:2e:99:f6:f4:46"; };
"13" = { ip = "10.33.65.113"; mac = "24:4B:FE:AD:3F:B3"; wol = "b4:2e:99:f6:8a:56"; };
"14" = { ip = "10.33.65.114"; mac = "24:4B:FE:AD:3F:B4"; wol = "b4:2e:99:f6:f2:fa"; };
"15" = { ip = "10.33.65.115"; mac = "24:4B:FE:AD:3F:B5"; wol = "b4:2e:99:f6:f3:03"; };
"16" = { ip = "10.33.65.116"; mac = "24:4B:FE:AD:3F:B6"; wol = "b4:2e:99:f6:f3:0d"; };
"17" = { ip = "10.33.65.117"; mac = "24:4B:FE:AD:3F:B7"; wol = "b4:2e:99:f6:f4:27"; };
"18" = { ip = "10.33.65.118"; mac = "24:4B:FE:AD:3F:B8"; wol = "b4:2e:99:f0:ed:9e"; };
"19" = { ip = "10.33.65.119"; mac = "24:4B:FE:AD:3F:B9"; wol = "b4:2e:99:f6:f2:d3"; };
"20" = { ip = "10.33.65.120"; mac = "3C:7C:3F:41:1D:B6"; wol = "b4:2e:99:f6:f1:19"; };
"21" = { ip = "10.33.65.121"; mac = "3C:7C:3F:41:1D:B7"; wol = "b4:2e:99:f6:f4:1f"; };
"22" = { ip = "10.33.65.122"; mac = "3C:7C:3F:41:1D:B9"; wol = "b4:2e:99:f0:ee:06"; };
"23" = { ip = "10.33.65.123"; mac = "3C:7C:3F:41:1D:BA"; wol = "b4:2e:99:f6:f4:25"; };
"24" = { ip = "10.33.65.124"; mac = "3C:7C:3F:41:1D:BC"; wol = "b4:2e:99:f6:f2:27"; };
}

1
machines/nfs/default.nix

@ -5,6 +5,7 @@
./nfs.nix
./cache.nix
./netinstaller.nix
./wol.nix
];
deployment = {

24
machines/nfs/netinstaller.nix

@ -1,6 +1,4 @@
{ pkgs, lib, config, nodes, ... }:
with lib;
{ pkgs, config, nodes, ... }:
let
installer = pkgs.nixos [
@ -58,6 +56,7 @@ let
sanboot -d 0x80 || goto err
'';
in
{
services.nginx = {
@ -73,20 +72,19 @@ in
};
};
services.pixiecore =
{
enable = true;
debug = true;
services.pixiecore = {
enable = true;
debug = true;
dhcpNoBind = true;
dhcpNoBind = true;
port = 5080;
port = 5080;
mode = "boot";
kernel = toString ipxe-script;
mode = "boot";
kernel = toString ipxe-script;
openFirewall = true;
};
openFirewall = true;
};
networking.extraHosts = ''
127.0.0.1 boot.${config.networking.domain}

37
machines/nfs/wol.nix

@ -0,0 +1,37 @@
{ pkgs, lib, ... }:
with lib;
let
awol = pkgs.writers.writeBashBin "awol" ''
set -o errexit
set -o nounset
set -o pipefail
${concatMapStringsSep "\n\n"
({ name, value }: ''
echo "Waking up client ${name}"
${pkgs.wakelan}/bin/wakelan \
-b 10.32.44.255 \
-m '${value.wol}'
'')
(attrsToList (import ../../clients.nix))}
'';
in
{
users.users."root".packages = [
awol
];
systemd.services."awol" = {
description = "Prevent nodes from going AWOL";
wants = [ "network.target" ];
after = [ "network.target" ];
script = "exec ${awol}/bin/awol";
startAt = "5 minutes";
};
}
Loading…
Cancel
Save