home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit a4e1b4f66e6bc7f16bf81b71d4f0a12ab98d39a6
parent c5fc179cdc07b59a6308cbf990dff599a6f56182
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Thu,  9 Sep 2021 17:20:45 +0200

systems: add fs to aomi…

… and set bind on wakasu (to replace dead okinawa)

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Msystems/hosts/aomi.nix | 21+++++++++++++++++++++
Msystems/hosts/wakasu.nix | 35+++++++++++++++++++++++++++++++++++
2 files changed, 56 insertions(+), 0 deletions(-)

diff --git a/systems/hosts/aomi.nix b/systems/hosts/aomi.nix @@ -24,6 +24,27 @@ in (import ../../users).root ]; + fileSystems."/" = { + device = "/dev/vg/root"; + fsType = "ext4"; + options = [ "noatime" "discard" ]; + }; + + boot.initrd.luks.devices = { + root = { + device = "/dev/disk/by-uuid/50d7faba-8923-4b30-88f7-40df26e02def"; + preLVM = true; + allowDiscards = true; + }; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/0101-68DE"; + fsType = "vfat"; + }; + + swapDevices = [{ device = "/dev/disk/by-uuid/aff86817-55ae-47ed-876a-e5a027b560ba"; }]; + networking = { hostName = hostname; }; diff --git a/systems/hosts/wakasu.nix b/systems/hosts/wakasu.nix @@ -134,6 +134,41 @@ in HandleLidSwitchExternalPower=ignore HandleLidSwitchDocked=ignore ''; + bind = { + enable = true; + forwarders = [ "8.8.8.8" "8.8.4.4" ]; + cacheNetworks = [ "192.168.1.0/24" "127.0.0.0/8" "10.100.0.0/24" ]; + zones = [ + { + # home + name = "home"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.home; + } + { + # home.reverse + name = "192.168.1.in-addr.arpa"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.192.168.1; + } + { + # vpn + name = "vpn"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.vpn; + } + { + # vpn.reverse + name = "10.100.0.in-addr.arpa"; + master = true; + slaves = [ ]; + file = pkgs.mkSecret ../../secrets/db.10.100.0; + } + ]; + }; #syncthing.guiAddress = "${wireguard.ips.wakasu}:8384"; syncthing.guiAddress = "0.0.0.0:8384"; smartd = {