malobeo/infrastructure
2
1
Fork 1
Code Issues 40 Pull Requests 4 Actions Projects 3 Releases Wiki Activity

Compare commits

base: malobeo:62c92821b425030b9ff342a6c43b62d3f5ac64d9
Branches Tags
malobeo:master malobeo:nixpkgs_bump_20260319 malobeo:nixpkgs_bump_20260312 malobeo:nixpkgs_bump_20260305 malobeo:debug_mode malobeo:dns malobeo:vaultwarden malobeo:nextcloud_deck_derivation malobeo:staging malobeo:script malobeo:zineshop malobeo:nextcloud_upgrade_31 malobeo:printer-module malobeo:microvm-dirs malobeo:sanoid malobeo:issue77 malobeo:reproducible-deployments malobeo:reproducible-deployments-filestructure malobeo:issue31 malobeo:microvm-module malobeo:issue47 malobeo:hostbuilder malobeo:better-workflows malobeo:issue51 malobeo:local-testing-v2 malobeo:gitea malobeo:fileserver
..
compare: malobeo:0347fa68c7c8aca254fe18b902f608e54a54a502
Branches Tags
malobeo:nixpkgs_bump_20260319 malobeo:master malobeo:nixpkgs_bump_20260312 malobeo:nixpkgs_bump_20260305 malobeo:debug_mode malobeo:dns malobeo:vaultwarden malobeo:nextcloud_deck_derivation malobeo:staging malobeo:script malobeo:zineshop malobeo:nextcloud_upgrade_31 malobeo:printer-module malobeo:microvm-dirs malobeo:sanoid malobeo:issue77 malobeo:reproducible-deployments malobeo:reproducible-deployments-filestructure malobeo:issue31 malobeo:microvm-module malobeo:issue47 malobeo:hostbuilder malobeo:better-workflows malobeo:issue51 malobeo:local-testing-v2 malobeo:gitea malobeo:fileserver

4 Commits
62c92821b4 ... 0347fa68c7

Author SHA1 Message Date
kalipso
0347fa68c7 [hosts] use hostId in offsite net
All checks were successful
Check flake syntax / flake-check (push) Successful in 5m29s
Details
2026-01-30 20:26:12 +01:00
kalipso
f0e1f07c3e [zones] set ns1 A record 2026-01-30 20:25:49 +01:00
kalipso
b4d199d00c [ns1] setup forwarding, open ports 2026-01-30 20:25:10 +01:00
kalipso
bec232a023 [run-vm] override network cfg for local testing 2026-01-30 20:24:43 +01:00
4 changed files with 45 additions and 9 deletions
Expand all files Collapse all files

16
machines/hosts.nix
View File

@@ -3,16 +3,18 @@
let
createMaloNet = hostId: mac: {
local = true;
hostId = hostId;
address = "192.168.1.${hostId}";
gateway = "192.168.1.1";
nameservers = [ "192.168.1.17" "1.1.1.1" ]; #setting ns1 as nameserver
mac = mac;
};
createOffsiteNet = address: mac: {
createOffsiteNet = hostId: mac: {
local = false;
address = address;
gateway = "10.0.10.1";
hostId = hostId;
address = "10.0.0.${hostId}";
gateway = "10.0.0.1";
nameservers = [ "1.1.1.1" ];
mac = mac;
};
@@ -25,6 +27,7 @@ in
type = "host";
network = {
local = true;
hostId = "11";
address = "192.168.1.11";
};
};
@@ -33,6 +36,7 @@ in
type = "host";
network = {
local = true;
hostId = "12";
address = "192.168.1.12";
};
};
@@ -41,6 +45,7 @@ in
type = "host";
network = {
local = true;
hostId = "13";
address = "192.168.1.13";
};
};
@@ -49,6 +54,7 @@ in
type = "rpi";
network = {
local = true;
hostId = "15";
address = "192.168.1.15";
};
};
@@ -60,7 +66,7 @@ in
vpn = {
type = "microvm";
network = createOffsiteNet "10.0.0.10" "52:DA:0D:F9:EF:E6";
network = createOffsiteNet "10" "52:DA:0D:F9:EF:E6";
};
infradocs = {
@@ -70,7 +76,7 @@ in
uptimekuma = {
type = "microvm";
network = createOffsiteNet "10.0.0.12" "52:DA:0D:F9:EF:E8";
network = createOffsiteNet "12" "52:DA:0D:F9:EF:E8";
};
nextcloud = {

10
machines/modules/host_builder.nix
View File

@@ -165,6 +165,16 @@ rec {
});
};
systemd.network.networks."20-lan" = pkgs.lib.mkForce {
matchConfig.Type = "ether";
networkConfig = {
Address = [ "10.0.0.${hosts.malobeo.hosts.${hostname}.network.hostId}/24" ];
Gateway = "10.0.0.1";
DNS = [ "1.1.1.1" ];
DHCP = "no";
};
};
boot.isContainer = pkgs.lib.mkForce false;
services.timesyncd.enable = false;
users.users.root.password = "";

10
machines/modules/malobeo/zones.nix
View File

@@ -11,7 +11,7 @@ in
SOA = {
nameServer = "ns1";
adminEmail = "admin@malobeo.org";
serial = 2019030800;
serial = 2019030801;
};
useOrigin = false;
@@ -19,11 +19,13 @@ in
"ns1.malobeo.org."
];
A = [ "23.23.23.23" ]; #TODO: update
AAAA = [ "4321:0:1:2:3:4:567:89ab" ]; #TODO: update
subdomains = {
ns1 = {
A = [ hosts.ns1.network.address ];
};
${localNS} = {
A = [ hosts.fanny.network.address ];
subdomains = builtins.mapAttrs (name: value: if value.network.local == true then {
A = [ value.network.address ];
} else {}) hosts;

18
machines/ns1/configuration.nix
View File

@@ -19,8 +19,26 @@ in
../modules/autoupdate.nix
];
networking.firewall = {
enable = true;
allowedTCPPorts = [ 53 ];
allowedUDPPorts = [ 53 ];
};
services.bind = {
enable = true;
forwarders = [
"1.1.1.1"
"1.0.0.1"
];
cacheNetworks = [
"127.0.0.0/24"
"10.0.0.0/24"
"192.168.1.0/24"
"10.100.0.0/24"
];
zones = {
"malobeo.org" = {
master = true;