From f805ce37981a699981ae25dfd1943dc3db33b90e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 13 Nov 2024 08:41:39 +0100 Subject: ... --- accounts/gkleen@sif/default.nix | 1 + accounts/gkleen@sif/libvirt/default.nix | 3 ++- accounts/gkleen@sif/ssh-hosts.nix | 5 +++++ flake.lock | 6 +++--- hosts/surtr/default.nix | 11 +++++++---- hosts/surtr/dns/default.nix | 2 +- overlays/preserve-dscp/default.nix | 2 +- system-profiles/zfs.nix | 4 ++-- 8 files changed, 22 insertions(+), 12 deletions(-) diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index 189fabfa..2de98765 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix @@ -708,6 +708,7 @@ in { flakeInputs.deploy-rs.packages.${config.nixpkgs.system}.deploy-rs sieve-connect gimp inkscape udiskie glab nitrokey-app pynitrokey gtklock wlrctl remmina openscad spice-record + libguestfs-with-appliance ]; file = { diff --git a/accounts/gkleen@sif/libvirt/default.nix b/accounts/gkleen@sif/libvirt/default.nix index 076a0d86..a5636ce2 100644 --- a/accounts/gkleen@sif/libvirt/default.nix +++ b/accounts/gkleen@sif/libvirt/default.nix @@ -29,7 +29,8 @@ with flakeInputs.nixVirt.lib; # gl.enable = true; }; devices.interface = { - model.type = "virtio"; + # model.type = "virtio"; + model.type = "e1000e"; type = "bridge"; mac.address = "52:54:00:b9:f3:ed"; source.bridge = "gre-0971"; diff --git a/accounts/gkleen@sif/ssh-hosts.nix b/accounts/gkleen@sif/ssh-hosts.nix index ac930614..107f1e76 100644 --- a/accounts/gkleen@sif/ssh-hosts.nix +++ b/accounts/gkleen@sif/ssh-hosts.nix @@ -554,4 +554,9 @@ HostKeyAlgorithms = "+ecdsa-sha2-nistp256"; }; }; + "game01" = + { hostname = "game01.yggdrasil.li"; + user = "factorio"; + identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil"; + }; } diff --git a/flake.lock b/flake.lock index c1e5e7b6..2bef2351 100644 --- a/flake.lock +++ b/flake.lock @@ -619,11 +619,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1729880355, - "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix index 705f69b3..223e1f10 100644 --- a/hosts/surtr/default.nix +++ b/hosts/surtr/default.nix @@ -65,6 +65,12 @@ with lib; enable = true; rulesetFile = ./ruleset.nft; }; + resolvconf = { + enable = true; + extraConfig = '' + name_servers='127.0.0.53' + ''; + }; }; systemd.network = { @@ -78,10 +84,7 @@ with lib; }; }; - services.resolved = { - llmnr = "false"; - dnssec = "false"; # unbound does dnssec validation for us - }; + services.resolved.enable = false; services.ndppd = { enable = true; diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix index 65f46b35..53df798e 100644 --- a/hosts/surtr/dns/default.nix +++ b/hosts/surtr/dns/default.nix @@ -212,7 +212,7 @@ in { settings = { server = { - interface = ["lo@5353"]; + interface = ["lo@5353" "127.0.0.53"]; prefer-ip6 = true; access-control = ["127.0.0.0/8 allow" "::1/128 allow"]; root-hints = "${pkgs.dns-root-data}/root.hints"; diff --git a/overlays/preserve-dscp/default.nix b/overlays/preserve-dscp/default.nix index a1064591..105eccb9 100644 --- a/overlays/preserve-dscp/default.nix +++ b/overlays/preserve-dscp/default.nix @@ -16,7 +16,7 @@ outputs = [ "out" "lib" ]; buildInputs = with final; [ elfutils libpcap zlib ]; - nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkg-config bpftool libmnl gnum4 glibc_multi makeWrapper ]; + nativeBuildInputs = with final; [ llvmPackages.clang llvmPackages.llvm pkg-config bpftools libmnl gnum4 glibc_multi makeWrapper ]; installPhase = '' mkdir -p $lib/lib/bpf diff --git a/system-profiles/zfs.nix b/system-profiles/zfs.nix index 49386363..149decee 100644 --- a/system-profiles/zfs.nix +++ b/system-profiles/zfs.nix @@ -1,8 +1,8 @@ { pkgs, lib, ... } : { config = { boot = { - kernelPackages = pkgs.linuxPackages_6_10; - zfs.package = pkgs.zfs_2_2; + kernelPackages = pkgs.linuxPackages_6_11; + zfs.package = pkgs.zfs_unstable; supportedFilesystems.zfs = true; }; -- cgit v1.2.3