From b3d294752afc8a9b703fc0bbfd740d110e3e7464 Mon Sep 17 00:00:00 2001 From: Kjetil Orbekk Date: Sun, 19 Feb 2023 10:55:39 -0500 Subject: update dns --- data/dns/db.orbekk.shared.zone | 115 +++++++++++++++++++++-------------------- modules/router.nix | 26 ++++++++++ 2 files changed, 85 insertions(+), 56 deletions(-) create mode 100644 modules/router.nix diff --git a/data/dns/db.orbekk.shared.zone b/data/dns/db.orbekk.shared.zone index adce5cd..41c53e8 100644 --- a/data/dns/db.orbekk.shared.zone +++ b/data/dns/db.orbekk.shared.zone @@ -1,76 +1,79 @@ $TTL 600 -@ IN SOA ns1.he.net. root.orbekk.com. ( +@ IN SOA ns1.he.net. root.orbekk.com. ( $serial; serial - 609; refresh + 612; refresh 900; retry 2419200; expire 3600; ) - IN NS ns1.he.net. - IN NS ns2.he.net. - IN NS ns3.he.net. - IN NS ns4.he.net. - IN NS ns5.he.net. - - IN MX 10 in1-smtp.messagingengine.com. - IN MX 20 in2-smtp.messagingengine.com. - -@ IN TXT "v=spf1 include:spf.messagingengine.com ?all" -@ IN AAAA 2001:470:8e2e:20::d -@ IN A 74.108.70.139 - -_acme-challenge IN CNAME _acme-challenge.dynamic.orbekk.com. - -d IN CNAME dragon.dynamic.orbekk.com. -wifi IN CNAME dragon.dynamic.orbekk.com. -git IN CNAME dragon.dynamic.orbekk.com. -hydra IN CNAME dragon.dynamic.orbekk.com. -kj IN CNAME dragon.dynamic.orbekk.com. -journal IN CNAME dragon.dynamic.orbekk.com. -grafana IN CNAME dragon.dynamic.orbekk.com. -nextcloud IN CNAME dragon.dynamic.orbekk.com. -money IN CNAME dragon.dynamic.orbekk.com. -auth IN CNAME dragon.dynamic.orbekk.com. -bridge IN CNAME dragon.dynamic.orbekk.com. + IN NS ns1.he.net. + IN NS ns2.he.net. + IN NS ns3.he.net. + IN NS ns4.he.net. + IN NS ns5.he.net. + + IN MX 10 in1-smtp.messagingengine.com. + IN MX 20 in2-smtp.messagingengine.com. + +@ IN TXT "v=spf1 include:spf.messagingengine.com ?all" +@ IN AAAA 2001:470:8e2e:20::d +@ IN A 74.108.70.139 + +_acme-challenge IN CNAME _acme-challenge.dynamic.orbekk.com. + +d IN CNAME dragon.dynamic.orbekk.com. +wifi IN CNAME dragon.dynamic.orbekk.com. +git IN CNAME dragon.dynamic.orbekk.com. +hydra IN CNAME dragon.dynamic.orbekk.com. +kj IN CNAME dragon.dynamic.orbekk.com. +journal IN CNAME dragon.dynamic.orbekk.com. +grafana IN CNAME dragon.dynamic.orbekk.com. +nextcloud IN CNAME dragon.dynamic.orbekk.com. +money IN CNAME dragon.dynamic.orbekk.com. +auth IN CNAME dragon.dynamic.orbekk.com. +bridge IN CNAME dragon.dynamic.orbekk.com. ;; Internal admin network -gw.nyc IN A 10.10.255.3 -gw.nyc IN AAAA 2001:470:8e2e:ffff::3 +gw.nyc IN A 10.10.255.3 +gw.nyc IN AAAA 2001:470:8e2e:ffff::3 -sw.nyc IN A 10.10.255.1 -sw.nyc IN AAAA 2001:470:8e2e:ffff::1 +sw.nyc IN A 10.10.255.1 +sw.nyc IN AAAA 2001:470:8e2e:ffff::1 -ap.nyc IN A 10.10.255.2 -ap.nyc IN AAAA 2001:470:8e2e:ffff::2 -ap325.nyc IN A 10.10.255.4 -ap325.nyc IN AAAA 2001:470:8e2e:ffff::4 +ap.nyc IN A 10.10.255.2 +ap.nyc IN AAAA 2001:470:8e2e:ffff::2 +ap325.nyc IN A 10.10.255.4 +ap325.nyc IN AAAA 2001:470:8e2e:ffff::4 -dragon-mgmt.nyc IN A 10.10.255.20 -dragon-mgmt.nyc IN AAAA 2001:470:8e2e:ffff::20 +dragon-admin.nyc IN A 10.10.255.18 +dragon-admin.nyc IN AAAA 2001:470:8e2e:ffff::18 -tiny1.oracle IN A 132.145.210.99 +dragon-mgmt.nyc IN A 10.10.255.20 +dragon-mgmt.nyc IN AAAA 2001:470:8e2e:ffff::20 -raigh IN AAAA 2001:67c:29f4:1008:216:3eff:fe33:4512 -tiny1 IN CNAME tiny1.oracle.orbekk.com. +tiny1.oracle IN A 132.145.210.99 -gw IN CNAME dragon.dynamic.orbekk.com. -dragon IN CNAME dragon.dynamic.orbekk.com. +raigh IN AAAA 2001:67c:29f4:1008:216:3eff:fe33:4512 +tiny1 IN CNAME tiny1.oracle.orbekk.com. + +gw IN CNAME dragon.dynamic.orbekk.com. +dragon IN CNAME dragon.dynamic.orbekk.com. ;; Tailscale -;; trygve-backup IN AAAA fd7a:115c:a1e0:ab12:4843:cd96:627f:6f0e +;; trygve-backup IN AAAA fd7a:115c:a1e0:ab12:4843:cd96:627f:6f0e -trygve-backup IN AAAA 2001:470:8e2e:1000::2004 -trygve-backup.nyc IN AAAA 2001:470:8e2e:1000::2004 +trygve-backup IN AAAA 2001:470:8e2e:1000::2004 +trygve-backup.nyc IN AAAA 2001:470:8e2e:1000::2004 ;; Records for eo@orbekk.no. -*.dev IN A 95.85.62.224 -jira IN A 37.139.26.40 -icing IN A 37.139.26.40 -status IN A 37.139.26.40 - -dragon.nyc IN AAAA 2001:470:8e2e:1000::d -tiny1.nyc IN AAAA 2001:470:8e2e:1000::1001 -firelink.nyc IN AAAA 2001:470:8e2e:1000::2001 -pincer.nyc IN AAAA 2001:470:8e2e:1000::2002 -steamdeck.nyc IN AAAA 2001:470:8e2e:1000::2003 +*.dev IN A 95.85.62.224 +jira IN A 37.139.26.40 +icing IN A 37.139.26.40 +status IN A 37.139.26.40 + +dragon.nyc IN AAAA 2001:470:8e2e:1000::d +tiny1.nyc IN AAAA 2001:470:8e2e:1000::1001 +firelink.nyc IN AAAA 2001:470:8e2e:1000::2001 +pincer.nyc IN AAAA 2001:470:8e2e:1000::2002 +steamdeck.nyc IN AAAA 2001:470:8e2e:1000::2003 diff --git a/modules/router.nix b/modules/router.nix new file mode 100644 index 0000000..621a627 --- /dev/null +++ b/modules/router.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }; +with lib; +let + cfg = config.orbekk.router; +in { + options = { + orbekk.router = { + enable = mkEnableOption "Enable router config"; + }; + }; + + config = mkIf cfg.enable { + systemd.services."router" = { + description = "router network namespace"; + before = ["network.target"]; + path = with pkgs; [ iproute ]; + serviceConfig = { + ExecStart = [ + "ip netns up router" + "ip netns exec router ip link set lo up" + ]; + ExecStop = "netns del router"; + }; + }; + }; +}; -- cgit v1.2.3