From ce3e3b4a0b5a567d2e7ec437ffde06e936ac766a Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Sun, 18 Jul 2021 09:01:41 -0400
Subject: update admin ip addresses

---
 config/router.nix              |  9 +++++++--
 data/dns/db.orbekk.shared.zone | 21 +++++++++++++++------
 2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/config/router.nix b/config/router.nix
index a80b1d7..6b5a84f 100644
--- a/config/router.nix
+++ b/config/router.nix
@@ -51,7 +51,8 @@ in {
     enable = true;
     config = ''
       @def $DEV_UNTRUSTED_LAN = (${lan-dev}.30);
-      @def $DEV_LAN = (${lan-dev}.100 ${lan-dev}.255);
+      @def $DEV_LAN = (${lan-dev}.100);
+      @def $DEV_ADMIN = (${lan-dev}.255);
       @def $DEV_WAN = (${wan-dev} he0 mullvad);
       @def $NET_LAN = 10.0.0.0/8;
 
@@ -80,7 +81,7 @@ in {
             proto udp dport ${toString mullvadPort} ACCEPT;
           }
 
-          interface $DEV_LAN @subchain "lan_services" {
+          interface ($DEV_LAN $DEV_ADMIN) @subchain "lan_services" {
             # Valheim
             proto udp dport (3400 3401 3402) ACCEPT;
 
@@ -268,6 +269,10 @@ in {
       address = "10.10.255.3";
       prefixLength = 24;
     }];
+    ipv6.addresses = [{
+      address = "2001:470:8e2e:ffff::3";
+      prefixLength = 64;
+    }];
     useDHCP = false;
   };
   networking.interfaces."${lan-dev}.100" = {
diff --git a/data/dns/db.orbekk.shared.zone b/data/dns/db.orbekk.shared.zone
index 3b3f81f..976d66f 100644
--- a/data/dns/db.orbekk.shared.zone
+++ b/data/dns/db.orbekk.shared.zone
@@ -1,7 +1,7 @@
 $TTL 600
 @   IN  SOA kremkake.trygveandre.net.   root.orbekk.com. (
     $serial;    serial
-    606;        refresh
+    612;        refresh
     900;        retry
     2419200;    expire
     3600;
@@ -32,11 +32,20 @@ grafana     IN  CNAME   dragon.dynamic.orbekk.com.
 nextcloud   IN  CNAME   dragon.dynamic.orbekk.com.
 money       IN  CNAME   dragon.dynamic.orbekk.com.
 
-gw.nyc IN A 10.10.255.3
-sw.nyc IN A 10.10.255.1
-ap.nyc IN A 10.10.255.2
-dragon-mgmt.nyc IN A 10.10.255.20
-tiny1.oracle      IN A    150.136.5.19
+;; Internal admin network
+gw.nyc                  IN A         10.10.255.3
+gw.nyc                  IN AAAA      2001:470:8e2e:ffff::3
+
+sw.nyc                  IN A         10.10.255.1
+sw.nyc                  IN AAAA      2001:470:8e2e:ffff::1
+
+ap.nyc                  IN A         10.10.255.2
+ap.nyc                  IN AAAA      2001:470:8e2e:ffff::2
+
+dragon-mgmt.nyc         IN A         10.10.255.20
+dragon-mgmt.nyc         IN AAAA      2001:470:8e2e:ffff::20
+
+tiny1.oracle            IN A         150.136.5.19
 
 raigh       IN AAAA 2001:67c:29f4:1008:216:3eff:fe33:4512
 tiny1      IN CNAME    tiny1.oracle.orbekk.com.
-- 
cgit v1.2.3