commit a4e1b4f66e6bc7f16bf81b71d4f0a12ab98d39a6 parent c5fc179cdc07b59a6308cbf990dff599a6f56182 Author: Vincent Demeester <vincent@sbr.pm> Date: Thu, 9 Sep 2021 17:20:45 +0200 systems: add fs to aomi… … and set bind on wakasu (to replace dead okinawa) Signed-off-by: Vincent Demeester <vincent@sbr.pm> Diffstat:
M | systems/hosts/aomi.nix | | | 21 | +++++++++++++++++++++ |
M | systems/hosts/wakasu.nix | | | 35 | +++++++++++++++++++++++++++++++++++ |
2 files changed, 56 insertions(+), 0 deletions(-)
diff --git a/systems/hosts/aomi.nix b/systems/hosts/aomi.nix @@ -24,6 +24,27 @@ in (import ../../users).root ]; + fileSystems."/" = { + device = "/dev/vg/root"; + fsType = "ext4"; + options = [ "noatime" "discard" ]; + }; + + boot.initrd.luks.devices = { + root = { + device = "/dev/disk/by-uuid/50d7faba-8923-4b30-88f7-40df26e02def"; + preLVM = true; + allowDiscards = true; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/0101-68DE"; + fsType = "vfat"; + }; + + swapDevices = [{ device = "/dev/disk/by-uuid/aff86817-55ae-47ed-876a-e5a027b560ba"; }]; + networking = { hostName = hostname; }; diff --git a/systems/hosts/wakasu.nix b/systems/hosts/wakasu.nix @@ -134,6 +134,41 @@ in HandleLidSwitchExternalPower=ignore HandleLidSwitchDocked=ignore ''; + bind = { + enable = true; + forwarders = [ "8.8.8.8" "8.8.4.4" ]; + cacheNetworks = [ "192.168.1.0/24" "127.0.0.0/8" "10.100.0.0/24" ]; + zones = [ + { + # home + name = "home"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.home; + } + { + # home.reverse + name = "192.168.1.in-addr.arpa"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.192.168.1; + } + { + # vpn + name = "vpn"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.vpn; + } + { + # vpn.reverse + name = "10.100.0.in-addr.arpa"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.10.100.0; + } + ]; + }; #syncthing.guiAddress = "${wireguard.ips.wakasu}:8384"; syncthing.guiAddress = "0.0.0.0:8384"; smartd = {