simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity

fuuko/router: Migrate dnsmasq options to 23.05

Browse source
This commit is contained in:
Simon Bruder 2023-05-30 12:24:58 +02:00
parent 4adeba626a
commit b135035baa
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC
1 changed files with 28 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
machines/fuuko/services/router.nix
View file

@ -148,40 +148,45 @@ in
services.dnsmasq = { services.dnsmasq = {
enable = true; enable = true;
extraConfig = '' settings = {
bogus-priv # do not forward revese lookups of internal addresses bogus-priv = true; # do not forward revese lookups of internal addresses
domain-needed # do not forward names without domain domain-needed = true; # do not forward names without domain
interface=br-lan # only respond to queries from lan interface = "br-lan"; # only respond to queries from lan
no-hosts # do not resolve hosts from /etc/hosts no-hosts = true; # do not resolve hosts from /etc/hosts
no-resolv # only use explicitly configured resolvers no-resolv = true; # only use explicitly configured resolvers
cache-size=10000 cache-size = 10000;
inherit domain;
domain=${domain}
# Allow resolving the router # Allow resolving the router
interface-name=${config.networking.hostName}.${domain},br-lan interface-name = [
interface-name=${config.networking.hostName},br-lan "${config.networking.hostName}.${domain},br-lan"
"${config.networking.hostName},br-lan"
];
# DHCPv4 # DHCPv4
dhcp-range=10.80.1.20,10.80.1.150,12h dhcp-range = [
dhcp-option=option:router,10.80.1.1 "10.80.1.20,10.80.1.150,12h" # DHCPv4
"fd00:80:1::,ra-stateless,ra-names" # SLAAC (for addresses) / DHCPv6 (for DNS)
# SLAAC (for addresses) / DHCPv6 (for DNS) ];
dhcp-range=fd00:80:1::,ra-stateless,ra-names dhcp-option = [
dhcp-option=option6:dns-server,fd00:80:1::1 "option:router,10.80.1.1"
"option6:dns-server,fd00:80:1::1"
];
# Despite its name, the switch does not have a “smart” configuration, # Despite its name, the switch does not have a “smart” configuration,
# that would allow me to tell it not to get DHCP from wan, # that would allow me to tell it not to get DHCP from wan,
# but from lan instead. # but from lan instead.
# So it has to use static configuration. # So it has to use static configuration.
host-record=switchviech,switchviech.${domain},10.80.1.19 host-record = "switchviech,switchviech.${domain},10.80.1.19";
''; server = [
servers = [
"10.64.0.1" # mullvad DNS, should be fastest overall "10.64.0.1" # mullvad DNS, should be fastest overall
#"9.9.9.9" # dns.quad9.net #"9.9.9.9" # dns.quad9.net
#"2620:fe::fe" #"2620:fe::fe"
]; ];
}; };
};
systemd.services.dnsmasq.after = [ "systemd-networkd.service" ]; systemd.services.dnsmasq.after = [ "systemd-networkd.service" ];
services.prometheus.exporters.dnsmasq = { services.prometheus.exporters.dnsmasq = {