...

author: Gregor Kleen <gkleen@yggdrasil.li> 2024-11-13 08:41:39 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2024-11-13 08:41:39 +0100
commit: f805ce37981a699981ae25dfd1943dc3db33b90e (patch)
tree: 36083abc2af2a3c0fed5b75ccd10450fac5c1045
parent: 5440c73f19ae9bfac70c79da83241c158ceb7d4a (diff)
download: nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar
nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar.gz
nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar.bz2
nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar.xz
nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.zip
8 files changed, 22 insertions, 12 deletions
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix
index 189fabfa..2de98765 100644
--- a/accounts/gkleen@sif/default.nix
+++ b/accounts/gkleen@sif/default.nix
@@ -708,6 +708,7 @@ in {
          flakeInputs.deploy-rs.packages.${config.nixpkgs.system}.deploy-rs
          sieve-connect gimp inkscape udiskie glab nitrokey-app
          pynitrokey gtklock wlrctl remmina openscad spice-record
+          libguestfs-with-appliance
        ];
        file = {
diff --git a/accounts/gkleen@sif/libvirt/default.nix b/accounts/gkleen@sif/libvirt/default.nix
index 076a0d86..a5636ce2 100644
--- a/accounts/gkleen@sif/libvirt/default.nix
+++ b/accounts/gkleen@sif/libvirt/default.nix
@@ -29,7 +29,8 @@ with flakeInputs.nixVirt.lib;
                # gl.enable = true;
              };
              devices.interface = {
-                model.type = "virtio";
+                # model.type = "virtio";
+                model.type = "e1000e";
                type = "bridge";
                mac.address = "52:54:00:b9:f3:ed";
                source.bridge = "gre-0971";
diff --git a/accounts/gkleen@sif/ssh-hosts.nix b/accounts/gkleen@sif/ssh-hosts.nix
index ac930614..107f1e76 100644
--- a/accounts/gkleen@sif/ssh-hosts.nix
+++ b/accounts/gkleen@sif/ssh-hosts.nix
@@ -554,4 +554,9 @@
        HostKeyAlgorithms = "+ecdsa-sha2-nistp256";
      };
    };
+  "game01" =
+    { hostname = "game01.yggdrasil.li";
+      user = "factorio";
+      identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil";
+    };
 }
diff --git a/flake.lock b/flake.lock
index c1e5e7b6..2bef2351 100644
--- a/flake.lock
+++ b/flake.lock
@@ -619,11 +619,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1729880355,
+        "lastModified": 1730785428,
-        "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=",
+        "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "18536bf04cd71abd345f9579158841376fdd0c5a",
+        "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7",
        "type": "github"
      },
      "original": {
diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix
index 705f69b3..223e1f10 100644
--- a/hosts/surtr/default.nix
+++ b/hosts/surtr/default.nix
@@ -65,6 +65,12 @@ with lib;
        enable = true;
        rulesetFile = ./ruleset.nft;
      };
+      resolvconf = {
+        enable = true;
+        extraConfig = ''
+          name_servers='127.0.0.53'
+        '';
+      };
    };
    systemd.network = {
@@ -78,10 +84,7 @@ with lib;
      };
    };
-    services.resolved = {
+    services.resolved.enable = false;
-      llmnr = "false";
-      dnssec = "false"; # unbound does dnssec validation for us
-    };
    services.ndppd = {
      enable = true;
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix
index 65f46b35..53df798e 100644
--- a/hosts/surtr/dns/default.nix
+++ b/hosts/surtr/dns/default.nix
@@ -212,7 +212,7 @@ in {
      settings = {
        server = {
-          interface = ["lo@5353"];
+          interface = ["lo@5353" "127.0.0.53"];
          prefer-ip6 = true;
          access-control = ["127.0.0.0/8 allow" "::1/128 allow"];
          root-hints = "${pkgs.dns-root-data}/root.hints";
diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix
index a1064591..105eccb9 100644
--- a/overlays/preserve-dscp/default.nix
+++ b/overlays/preserve-dscp/default.nix
@@ -16,7 +16,7 @@
    outputs = [ "out" "lib" ];
    buildInputs = with final; [ elfutils libpcap zlib ];
-    nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkg-config bpftool libmnl gnum4 glibc_multi makeWrapper ];
+    nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkg-config bpftools libmnl gnum4 glibc_multi makeWrapper ];
    installPhase = ''
      mkdir -p $lib/lib/bpf
diff --git a/system-profiles/zfs.nix b/system-profiles/zfs.nix
index 49386363..149decee 100644
--- a/system-profiles/zfs.nix
+++ b/system-profiles/zfs.nix
@@ -1,8 +1,8 @@
 { pkgs, lib, ... } : {
  config = {
    boot = {
-      kernelPackages = pkgs.linuxPackages_6_10;
+      kernelPackages = pkgs.linuxPackages_6_11;
-      zfs.package = pkgs.zfs_2_2;
+      zfs.package = pkgs.zfs_unstable;
      supportedFilesystems.zfs = true;
    };
author	Gregor Kleen <gkleen@yggdrasil.li>	2024-11-13 08:41:39 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2024-11-13 08:41:39 +0100
commit	f805ce37981a699981ae25dfd1943dc3db33b90e (patch)
tree	36083abc2af2a3c0fed5b75ccd10450fac5c1045
parent	5440c73f19ae9bfac70c79da83241c158ceb7d4a (diff)
download	nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar.gz nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar.bz2 nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.tar.xz nixos-f805ce37981a699981ae25dfd1943dc3db33b90e.zip