parent
ab086bc49b
commit
b616a73e66
2 changed files with 33 additions and 18 deletions
system
|
@ -3,10 +3,18 @@
|
||||||
let
|
let
|
||||||
isAdguardHost = config.services.adguardhome.enable;
|
isAdguardHost = config.services.adguardhome.enable;
|
||||||
|
|
||||||
interfaces.eth = [
|
interfaces.lan = [
|
||||||
"enp*"
|
"enp*"
|
||||||
"eth*"
|
"eth*"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
lan = rec {
|
||||||
|
IPv4Prefix = "192.168.1";
|
||||||
|
IPv4CIDR = "${IPv4Prefix}.1/24";
|
||||||
|
IPv6ULAPrefix = "fd1c:ca95:d74d";
|
||||||
|
IPv6ULACIDR = "${IPv6ULAPrefix}::/48";
|
||||||
|
};
|
||||||
|
|
||||||
nameservers = {
|
nameservers = {
|
||||||
local = [
|
local = [
|
||||||
"127.0.0.1"
|
"127.0.0.1"
|
||||||
|
@ -14,8 +22,8 @@ let
|
||||||
];
|
];
|
||||||
remote = [
|
remote = [
|
||||||
# LAN
|
# LAN
|
||||||
"192.168.1.102#dns.felschr.com"
|
"${lan.IPv4Prefix}.102#dns.felschr.com"
|
||||||
"fd1c:ca95:d74d::102#dns.felschr.com"
|
"${lan.IPv6ULAPrefix}::102#dns.felschr.com"
|
||||||
|
|
||||||
# Tailnet
|
# Tailnet
|
||||||
"100.97.32.60#dns.felschr.com"
|
"100.97.32.60#dns.felschr.com"
|
||||||
|
@ -24,25 +32,31 @@ let
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
networking.useDHCP = false;
|
networking = {
|
||||||
networking.nameservers = if isAdguardHost then nameservers.local else nameservers.remote;
|
useDHCP = false;
|
||||||
networking.search = [
|
nameservers = if isAdguardHost then nameservers.local else nameservers.remote;
|
||||||
"lan"
|
nftables.enable = true;
|
||||||
"tail05275.ts.net"
|
firewall.allowedUDPPorts = [
|
||||||
];
|
5353 # mDNS
|
||||||
|
];
|
||||||
networking.nftables.enable = true;
|
networkmanager.dns = "systemd-resolved";
|
||||||
networking.networkmanager.dns = "systemd-resolved";
|
};
|
||||||
|
|
||||||
systemd.network = {
|
systemd.network = {
|
||||||
enable = true;
|
enable = true;
|
||||||
wait-online.ignoredInterfaces = [ "tailscale0" ];
|
wait-online.ignoredInterfaces = [ "tailscale0" ];
|
||||||
networks = {
|
networks = {
|
||||||
"10-lan" = {
|
"10-lan" = {
|
||||||
matchConfig.Name = interfaces.eth;
|
matchConfig.Name = interfaces.lan;
|
||||||
|
domains = [ "local" ];
|
||||||
networkConfig = {
|
networkConfig = {
|
||||||
DHCP = true;
|
DHCP = "ipv4";
|
||||||
IPv6AcceptRA = true;
|
IPv6AcceptRA = true;
|
||||||
|
MulticastDNS = true;
|
||||||
|
UseDomains = true;
|
||||||
|
};
|
||||||
|
linkConfig = {
|
||||||
|
Multicast = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -58,8 +72,11 @@ in
|
||||||
"1.1.1.1#one.one.one.one"
|
"1.1.1.1#one.one.one.one"
|
||||||
"1.0.0.1#one.one.one.one"
|
"1.0.0.1#one.one.one.one"
|
||||||
];
|
];
|
||||||
extraConfig = lib.mkIf isAdguardHost ''
|
extraConfig = ''
|
||||||
DNSStubListener=no
|
MulticastDNS=yes
|
||||||
|
${lib.optionalString isAdguardHost ''
|
||||||
|
DNSStubListener=no
|
||||||
|
''}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,4 @@
|
||||||
|
|
||||||
{
|
{
|
||||||
services.printing.enable = true;
|
services.printing.enable = true;
|
||||||
services.avahi.enable = true;
|
|
||||||
services.avahi.nssmdns4 = true;
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue