diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-07-29 11:07:19 +0200 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-07-29 11:07:19 +0200 |
| commit | bda1a6b603a3944223707a6d090622b574ea7505 (patch) | |
| tree | e223290d0c3e4f91862f429e65f083d3ecb3b1cd /hosts/surtr/default.nix | |
| parent | ece84e99219c1d57dcee7ee93045edc81cd0cbc7 (diff) | |
| download | nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar.gz nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar.bz2 nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar.xz nixos-bda1a6b603a3944223707a6d090622b574ea7505.zip | |
bump & vpn
Diffstat (limited to 'hosts/surtr/default.nix')
| -rw-r--r-- | hosts/surtr/default.nix | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix index 87dd27b0..2be25560 100644 --- a/hosts/surtr/default.nix +++ b/hosts/surtr/default.nix | |||
| @@ -2,7 +2,7 @@ | |||
| 2 | { | 2 | { |
| 3 | imports = with flake.nixosModules.systemProfiles; [ | 3 | imports = with flake.nixosModules.systemProfiles; [ |
| 4 | qemu-guest openssh rebuild-machines zfs | 4 | qemu-guest openssh rebuild-machines zfs |
| 5 | ./zfs.nix ./dns ./tls ./http ./bifrost ./matrix ./postgresql.nix ./prometheus ./email | 5 | ./zfs.nix ./dns ./tls ./http ./bifrost ./matrix ./postgresql.nix ./prometheus ./email ./vpn |
| 6 | ]; | 6 | ]; |
| 7 | 7 | ||
| 8 | config = { | 8 | config = { |
| @@ -57,6 +57,7 @@ | |||
| 57 | { address = "202.61.241.61"; prefixLength = 22; } | 57 | { address = "202.61.241.61"; prefixLength = 22; } |
| 58 | ]; | 58 | ]; |
| 59 | ipv6.addresses = [ | 59 | ipv6.addresses = [ |
| 60 | { address = "2a03:4000:52:ada:98e7:16ff:feba:7a2e"; prefixLength = 128; } | ||
| 60 | { address = "2a03:4000:52:ada::"; prefixLength = 96; } | 61 | { address = "2a03:4000:52:ada::"; prefixLength = 96; } |
| 61 | ]; | 62 | ]; |
| 62 | }; | 63 | }; |
| @@ -68,11 +69,15 @@ | |||
| 68 | }; | 69 | }; |
| 69 | }; | 70 | }; |
| 70 | 71 | ||
| 71 | systemd.network.networks."40-ens3".networkConfig = { | 72 | systemd.network = { |
| 72 | Domains = lib.mkForce "~."; | 73 | networks = { |
| 73 | DNS = [ "127.0.0.1:5353" "[::1]:5353" ]; | 74 | "40-ens3".networkConfig = { |
| 74 | # DNSSEC = true; | 75 | Domains = lib.mkForce "~."; |
| 75 | # DNS = [ "46.38.225.230" "46.38.252.230" "2a03:4000:0:1::e1e6" "2a03:4000:8000::fce6" ]; | 76 | DNS = [ "127.0.0.1:5353" "[::1]:5353" ]; |
| 77 | # DNSSEC = true; | ||
| 78 | # DNS = [ "46.38.225.230" "46.38.252.230" "2a03:4000:0:1::e1e6" "2a03:4000:8000::fce6" ]; | ||
| 79 | }; | ||
| 80 | }; | ||
| 76 | }; | 81 | }; |
| 77 | 82 | ||
| 78 | services.resolved = { | 83 | services.resolved = { |
| @@ -85,8 +90,13 @@ | |||
| 85 | proxies = { | 90 | proxies = { |
| 86 | ens3 = { | 91 | ens3 = { |
| 87 | router = false; | 92 | router = false; |
| 88 | rules."2a03:4000:52:ada::/64" = { | 93 | rules = { |
| 89 | method = "static"; | 94 | "2a03:4000:20:259::/64" = { |
| 95 | method = "static"; | ||
| 96 | }; | ||
| 97 | "2a03:4000:52:ada::/64" = { | ||
| 98 | method = "static"; | ||
| 99 | }; | ||
| 90 | }; | 100 | }; |
| 91 | }; | 101 | }; |
| 92 | }; | 102 | }; |