nixbld: relocation

nixbld-etc-nixos/configuration.nix

@@ -52,7 +52,7 @@ in
 
   security.apparmor.enable = true;
   services.fail2ban.enable = true;
-  services.fail2ban.ignoreIP = [ "42.200.147.171" "2001:470:18:629::2" ];
+  services.fail2ban.ignoreIP = [ "94.190.212.123" "2001:470:18:390::2" ];
   services.fail2ban.maxretry = 9;
   services.fail2ban.bantime-increment.enable = true;
   services.fail2ban.jails.sshd =
@@ -101,19 +101,9 @@ in
         prefixLength = 24;
       }];
       ipv6.addresses = [{
-        address = "2001:470:f821:1::";
+        address = "2001:470:f891:1::";
         prefixLength = 64;
       }];
-      ipv4.routes = [{
-        address = "192.168.13.0";
-        prefixLength = 24;
-        via = "192.168.1.30";
-      }];
-      ipv6.routes = [{
-        address = "2001:470:f821:3::";
-        prefixLength = 64;
-        via = "2001:470:f821:1:dea6:32ff:fe95:2fcf";
-      }];
     };
     interfaces."${netifWifi}" = {
       ipv4.addresses = [{
@@ -121,7 +111,7 @@ in
         prefixLength = 24;
       }];
       ipv6.addresses = [{
-        address = "2001:470:f821:2::";
+        address = "2001:470:f891:2::";
         prefixLength = 64;
       }];
     };
@@ -159,11 +149,11 @@ in
     sits."${netifSit}" = {
       dev = netifWan;
       remote = "216.218.221.6";
-      local = "42.200.147.171";
+      local = "94.190.212.123";
       ttl = 255;
     };
     interfaces."${netifSit}".ipv6 = {
-      addresses = [{ address = "2001:470:18:629::2"; prefixLength = 64; }];
+      addresses = [{ address = "2001:470:18:390::2"; prefixLength = 64; }];
       routes = [{ address = "::"; prefixLength = 0; }];
     };
   };
@@ -176,8 +166,8 @@ in
   # chown named.named /etc/nixos/named
   services.bind = {
     enable = true;
-    listenOn = [ "42.200.147.171" ];
-    listenOnIpv6 = [ "2001:470:18:629::2" ];
+    listenOn = [ "94.190.212.123" ];
+    listenOnIpv6 = [ "2001:470:18:390::2" ];
     forwarders = [];
     extraOptions = "listen-on-v6 port 5354 { ::1; };";
     cacheNetworks = [ "::1/128" ];
@@ -249,9 +239,6 @@ in
       dhcp-host=rpi-4,192.168.1.204
 
       # Static IP addresses for non-DHCP boards
-      address=/rpi-ext/192.168.1.30
-      address=/rpi-ext/2001:470:f821:1:dea6:32ff:fe95:2fcf
-
       address=/thermostat/192.168.1.26
       address=/powercycler/192.168.1.31
       address=/kc705/192.168.1.50

nixbld-etc-nixos/named/m-labs.hk

@@ -1,7 +1,7 @@
 $TTL 7200
 
 @						SOA	NS.XN--WBTZ5WPQAJ35CFXC.XN--J6W193G. sb.m-labs.hk. (
-							2023012704
+							2023012901
 							7200
 							3600
 							86400
@@ -11,15 +11,15 @@ $TTL 7200
 						NS		NS.XN--WBTZ5WPQAJ35CFXC.XN--J6W193G.
 						NS		ns1.he.net.
 
-						A		42.200.147.171
-						AAAA	2001:470:18:629::2
+						A		94.190.212.123
+						AAAA	2001:470:18:390::2
 						MX		10 mail.m-labs.hk.
 						TXT		"v=spf1 mx -all"
 						TXT		"google-site-verification=Tf_TEGZLG7-2BE70hMjLnzjDZ1qUeUZ6vxzbl1sagT8"
 
 
-mail					A		42.200.147.171
-mail					AAAA	2001:470:18:629::2
+mail					A		94.190.212.123
+mail					AAAA	2001:470:18:390::2
 mail._domainkey			TXT		"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl38A/Z0IInVU157qzrWgMfYm2iDHoWZsTyiiOoZdT7kHMzS/M2OMXMt7r5g1/7pCPClsGUDJvKGqVMmjJuPleMyKHwpGeT92qDNEFpt6ahneap/oYx5eBYM/vGcgmleNxyIoBHsptaZvqD4vCEFaC22f8UL5QAgQD3wCH3FwlpQIDAQAB"
 _dmarc					TXT		"v=DMARC1; p=none"
 
@@ -45,4 +45,4 @@ rpi-ext					AAAA	2001:470:f821:1:dea6:32ff:fe95:2fcf
 chiron					AAAA	2001:470:f891:1:7f02:9ebf:bee9:3dc7
 old-nixbld				AAAA	2001:470:f891:1:a07b:f49a:a4ef:aad9
 
-aux						A		94.190.212.123
+aux						A		42.200.147.171