malobeo/infrastructure
2
1
Fork 1
Code Issues 40 Pull Requests 4 Actions Projects 3 Releases Wiki Activity

[dns] init
Some checks failed
Check flake syntax / flake-check (push) Failing after 3m49s
Details

Browse Source
This commit is contained in:
kalipso
2026-01-26 14:05:12 +01:00
parent 2fda92f712
commit cb5e68ef16
5 changed files with 148 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
flake.lock generated
View File

@@ -21,6 +21,27 @@
"type": "github" "type": "github"
} }
}, },
"dns": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1768143854,
"narHash": "sha256-E5/kyPz4zAZn/lZdvqlF83jMgCWNxmqYjjWuadngCbk=",
"owner": "kirelagin",
"repo": "dns.nix",
"rev": "a97cf4156e9f044fe4bed5be531061000dfabb07",
"type": "github"
},
"original": {
"owner": "kirelagin",
"repo": "dns.nix",
"type": "github"
}
},
"ep3-bs": { "ep3-bs": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -43,6 +64,21 @@
} }
}, },
"flake-utils": { "flake-utils": {
"locked": {
"lastModified": 1614513358,
"narHash": "sha256-LakhOx3S1dRjnh0b5Dg3mbZyH0ToC9I8Y2wKSkBaTzU=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5466c5bbece17adaab2d82fae80b46e807611bf3",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_3"
}, },
@@ -102,7 +138,7 @@
}, },
"microvm": { "microvm": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
@@ -225,6 +261,7 @@
"root": { "root": {
"inputs": { "inputs": {
"disko": "disko", "disko": "disko",
"dns": "dns",
"ep3-bs": "ep3-bs", "ep3-bs": "ep3-bs",
"home-manager": "home-manager", "home-manager": "home-manager",
"mfsync": "mfsync", "mfsync": "mfsync",

5
flake.nix
View File

@@ -13,6 +13,11 @@
disko.url = "github:nix-community/disko/latest"; disko.url = "github:nix-community/disko/latest";
disko.inputs.nixpkgs.follows = "nixpkgs"; disko.inputs.nixpkgs.follows = "nixpkgs";
dns = {
url = "github:kirelagin/dns.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
utils = { utils = {
url = "github:numtide/flake-utils"; url = "github:numtide/flake-utils";
}; };

36
machines/hosts.nix
View File

@@ -1,27 +1,53 @@
{ ... }: { ... }:
{ {
#TODO: fix local 192.168.1.0/24 addresses they are just palceholders!
malobeo = { malobeo = {
hosts = { hosts = {
louise = { louise = {
type = "host"; type = "host";
network = {
local = true;
address = "192.168.1.11";
};
}; };
bakunin = { bakunin = {
type = "host"; type = "host";
network = {
local = true;
address = "192.168.1.12";
};
}; };
fanny = { fanny = {
type = "host"; type = "host";
network = {
local = true;
address = "192.168.1.13";
};
};
ns1 = {
type = "host";
network = {
local = true;
address = "192.168.1.14";
};
}; };
lucia = { lucia = {
type = "rpi"; type = "rpi";
network = {
local = true;
address = "192.168.1.15";
};
}; };
durruti = { durruti = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.5"; address = "10.0.0.5";
mac = "52:DA:0D:F9:EF:F9"; mac = "52:DA:0D:F9:EF:F9";
}; };
@@ -30,6 +56,7 @@
vpn = { vpn = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.10"; address = "10.0.0.10";
mac = "D0:E5:CA:F0:D7:E6"; mac = "D0:E5:CA:F0:D7:E6";
}; };
@@ -38,6 +65,7 @@
infradocs = { infradocs = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.11"; address = "10.0.0.11";
mac = "D0:E5:CA:F0:D7:E7"; mac = "D0:E5:CA:F0:D7:E7";
}; };
@@ -46,6 +74,7 @@
uptimekuma = { uptimekuma = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.12"; address = "10.0.0.12";
mac = "D0:E5:CA:F0:D7:E8"; mac = "D0:E5:CA:F0:D7:E8";
}; };
@@ -54,6 +83,7 @@
nextcloud = { nextcloud = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.13"; address = "10.0.0.13";
mac = "D0:E5:CA:F0:D7:E9"; mac = "D0:E5:CA:F0:D7:E9";
}; };
@@ -62,6 +92,7 @@
overwatch = { overwatch = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.14"; address = "10.0.0.14";
mac = "D0:E5:CA:F0:D7:E0"; mac = "D0:E5:CA:F0:D7:E0";
}; };
@@ -70,14 +101,11 @@
zineshop = { zineshop = {
type = "microvm"; type = "microvm";
network = { network = {
local = true;
address = "10.0.0.15"; address = "10.0.0.15";
mac = "D0:E5:CA:F0:D7:F1"; mac = "D0:E5:CA:F0:D7:F1";
}; };
}; };
testvm = {
type = "host";
};
}; };
}; };
} }

39
machines/modules/malobeo/zones.nix Normal file
View File

@@ -0,0 +1,39 @@
{ inputs }:
let
vpnNS = "vpn";
localNS = "hq";
peers = import ./peers.nix;
hosts = ((import ../../hosts.nix ) {}).malobeo.hosts;
in
{
SOA = {
nameServer = "ns1";
adminEmail = "admin@malobeo.org";
serial = 2019030800;
};
useOrigin = false;
NS = [
"ns1.malobeo.org."
];
A = [ "23.23.23.23" ]; #TODO: update
AAAA = [ "4321:0:1:2:3:4:567:89ab" ]; #TODO: update
subdomains = {
${localNS} = {
subdomains = builtins.mapAttrs (name: value: if value.network.local == true then {
A = [ value.network.address ];
} else {}) hosts;
};
${vpnNS} = {
A = [ peers.vpn.address ];
subdomains = builtins.mapAttrs (name: value: if value.role != "server" then {
A = [ value.address ];
} else {}) peers;
};
};
}

34
machines/ns1/configuration.nix Normal file
View File

@@ -0,0 +1,34 @@
{ config, self, lib, inputs, pkgs, ... }:
with lib;
with inputs;
let
dns = inputs.dns;
in
{
networking = {
hostName = mkDefault "ns1";
useDHCP = false;
};
imports = [
../modules/malobeo_user.nix
../modules/sshd.nix
../modules/minimal_tools.nix
../modules/autoupdate.nix
];
services.bind = {
enable = true;
zones = {
"malobeo.org" = {
master = true;
file = pkgs.writeText "zone-malobeo.org" (dns.lib.toString "malobeo.org" (import ../modules/malobeo/zones.nix { inherit inputs; }));
};
};
};
system.stateVersion = "22.11"; # Did you read the comment?
}