dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(clan): use ZT IPv6 as clan networking target 🛰️

Browse source 
clan-cli's upload / build / copy steps each resolve the SSH target
independently. With `internet.host = "sunken-ship"` (bare hostname),
off-LAN / missing-mDNS cases broke \`clan machines update\` because the
mac couldn't resolve the hostname. Pin both the inventory internet
instance's host AND clan.core.networking.{target,build}Host to each
machine's stable ZT IPv6, so every update path works regardless of
LAN DNS state — and the mac reaches the servers the same way it does
for ssh sunken-ship-zt / phantom-ship-zt.
This commit is contained in:
DannyDannyDanny 2026-04-20 10:39:24 +02:00
parent 0cd4947282
commit 41b3d217f8
1 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

18
flake-modules/clan.nix
View file

@ -37,18 +37,18 @@ in {
roles.peer.machines.sunken-ship = { }; roles.peer.machines.sunken-ship = { };
}; };
# Direct SSH reachability on the LAN. Priority 2000 > ZT's 900, so # `clan machines update` connection target. Priority 2000 > ZT's 900
# `clan machines update` prefers LAN hostnames over ZT IPv6 — and uses # and overrides the ZT service's root@ default. Using the ZT IPv6 as
# the right user (ZT service defaults to root@). # the host makes updates work regardless of LAN DNS / mDNS state.
inventory.instances.internet = { inventory.instances.internet = {
module.name = "internet"; module.name = "internet";
module.input = "clan-core"; module.input = "clan-core";
roles.default.machines.sunken-ship.settings = { roles.default.machines.sunken-ship.settings = {
host = "sunken-ship"; host = "fdd5:53a2:de33:d269:6499:93d5:53a2:de33";
user = "danny"; user = "danny";
}; };
roles.default.machines.phantom-ship.settings = { roles.default.machines.phantom-ship.settings = {
host = "phantom-ship"; host = "fdd5:53a2:de33:d269:6499:936c:48a:bbdc";
user = "danny"; user = "danny";
}; };
}; };
@ -60,8 +60,8 @@ in {
imports = [ imports = [
{ {
clan.core.enableRecommendedDefaults = false; clan.core.enableRecommendedDefaults = false;
clan.core.networking.targetHost = "danny@sunken-ship"; clan.core.networking.targetHost = "danny@[fdd5:53a2:de33:d269:6499:93d5:53a2:de33]";
clan.core.networking.buildHost = "danny@sunken-ship"; clan.core.networking.buildHost = "danny@[fdd5:53a2:de33:d269:6499:93d5:53a2:de33]";
} }
../nixos/hosts/sunken-ship.nix ../nixos/hosts/sunken-ship.nix
config.flake.nixosModules.dotfiles-rebuild config.flake.nixosModules.dotfiles-rebuild
@ -78,8 +78,8 @@ in {
imports = [ imports = [
{ {
clan.core.enableRecommendedDefaults = false; clan.core.enableRecommendedDefaults = false;
clan.core.networking.targetHost = "danny@phantom-ship"; clan.core.networking.targetHost = "danny@[fdd5:53a2:de33:d269:6499:936c:48a:bbdc]";
clan.core.networking.buildHost = "danny@phantom-ship"; clan.core.networking.buildHost = "danny@[fdd5:53a2:de33:d269:6499:936c:48a:bbdc]";
} }
inputs.nix-openclaw.nixosModules.openclaw-gateway inputs.nix-openclaw.nixosModules.openclaw-gateway
../nixos/hosts/phantom-ship.nix ../nixos/hosts/phantom-ship.nix