From c042dcf8e01a6512d8dfdaefba28d5d29915f9da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= Date: Wed, 13 Mar 2024 23:22:10 +0100 Subject: [PATCH] Add ns1 and ns2 --- hosts/ns1/configuration.nix | 56 +++++++++++++++++++++++++++ hosts/ns1/default.nix | 5 +++ hosts/ns1/hardware-configuration.nix | 36 +++++++++++++++++ hosts/ns2/configuration.nix | 56 +++++++++++++++++++++++++++ hosts/ns2/default.nix | 5 +++ hosts/ns2/hardware-configuration.nix | 36 +++++++++++++++++ services/ns/master-authorative.nix | 4 +- services/ns/secondary-authorative.nix | 4 +- 8 files changed, 198 insertions(+), 4 deletions(-) create mode 100644 hosts/ns1/configuration.nix create mode 100644 hosts/ns1/default.nix create mode 100644 hosts/ns1/hardware-configuration.nix create mode 100644 hosts/ns2/configuration.nix create mode 100644 hosts/ns2/default.nix create mode 100644 hosts/ns2/hardware-configuration.nix diff --git a/hosts/ns1/configuration.nix b/hosts/ns1/configuration.nix new file mode 100644 index 0000000..7de58b2 --- /dev/null +++ b/hosts/ns1/configuration.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: + +{ + imports = + [ + ../template/hardware-configuration.nix + + ../../system + ../../services/ns/master-authorative.nix + ../../services/ns/resolver.nix + ]; + + nixpkgs.config.allowUnfree = true; + # Use the systemd-boot EFI boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.device = "/dev/sda"; + + networking.hostName = "ns1"; + networking.domain = "home.2rjus.net"; + networking.useNetworkd = true; + networking.useDHCP = false; + services.resolved.enable = false; + networking.nameservers = [ + "10.69.13.5" + "10.69.13.6" + ]; + + systemd.network.enable = true; + systemd.network.networks."ens18" = { + matchConfig.Name = "ens18"; + address = [ + "10.69.13.5/24" + ]; + routes = [ + { routeConfig.Gateway = "10.69.13.1"; } + ]; + linkConfig.RequiredForOnline = "routable"; + }; + time.timeZone = "Europe/Oslo"; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + environment.systemPackages = with pkgs; [ + vim + wget + git + ]; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = false; + + system.stateVersion = "23.11"; # Did you read the comment? +} + diff --git a/hosts/ns1/default.nix b/hosts/ns1/default.nix new file mode 100644 index 0000000..4cd684a --- /dev/null +++ b/hosts/ns1/default.nix @@ -0,0 +1,5 @@ +{ ... }: { + imports = [ + ./configuration.nix + ]; +} diff --git a/hosts/ns1/hardware-configuration.nix b/hosts/ns1/hardware-configuration.nix new file mode 100644 index 0000000..881ea3c --- /dev/null +++ b/hosts/ns1/hardware-configuration.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + # boot.kernelModules = [ ]; + # boot.extraModulePackages = [ ]; + + fileSystems."/" = + { + device = "/dev/disk/by-uuid/6889aba9-61ed-4687-ab10-e5cf4017ac8d"; + fsType = "xfs"; + }; + + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/BC07-3B7A"; + fsType = "vfat"; + }; + + swapDevices = + [{ device = "/dev/disk/by-uuid/64e5757b-6625-4dd2-aa2a-66ca93444d23"; }]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/ns2/configuration.nix b/hosts/ns2/configuration.nix new file mode 100644 index 0000000..c4ebc27 --- /dev/null +++ b/hosts/ns2/configuration.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: + +{ + imports = + [ + ../template/hardware-configuration.nix + + ../../system + ../../services/ns/secondary-authorative.nix + ../../services/ns/resolver.nix + ]; + + nixpkgs.config.allowUnfree = true; + # Use the systemd-boot EFI boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.device = "/dev/sda"; + + networking.hostName = "ns2"; + networking.domain = "home.2rjus.net"; + networking.useNetworkd = true; + networking.useDHCP = false; + services.resolved.enable = false; + networking.nameservers = [ + "10.69.13.5" + "10.69.13.6" + ]; + + systemd.network.enable = true; + systemd.network.networks."ens18" = { + matchConfig.Name = "ens18"; + address = [ + "10.69.13.6/24" + ]; + routes = [ + { routeConfig.Gateway = "10.69.13.1"; } + ]; + linkConfig.RequiredForOnline = "routable"; + }; + time.timeZone = "Europe/Oslo"; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + environment.systemPackages = with pkgs; [ + vim + wget + git + ]; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = false; + + system.stateVersion = "23.11"; # Did you read the comment? +} + diff --git a/hosts/ns2/default.nix b/hosts/ns2/default.nix new file mode 100644 index 0000000..4cd684a --- /dev/null +++ b/hosts/ns2/default.nix @@ -0,0 +1,5 @@ +{ ... }: { + imports = [ + ./configuration.nix + ]; +} diff --git a/hosts/ns2/hardware-configuration.nix b/hosts/ns2/hardware-configuration.nix new file mode 100644 index 0000000..881ea3c --- /dev/null +++ b/hosts/ns2/hardware-configuration.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + # boot.kernelModules = [ ]; + # boot.extraModulePackages = [ ]; + + fileSystems."/" = + { + device = "/dev/disk/by-uuid/6889aba9-61ed-4687-ab10-e5cf4017ac8d"; + fsType = "xfs"; + }; + + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/BC07-3B7A"; + fsType = "vfat"; + }; + + swapDevices = + [{ device = "/dev/disk/by-uuid/64e5757b-6625-4dd2-aa2a-66ca93444d23"; }]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/services/ns/master-authorative.nix b/services/ns/master-authorative.nix index 979f771..f7b1e6a 100644 --- a/services/ns/master-authorative.nix +++ b/services/ns/master-authorative.nix @@ -24,8 +24,8 @@ zones = { "home.2rjus.net" = { - provideXFR = [ "10.69.13.8 xferkey" ]; - notify = [ "10.69.13.8@8053 xferkey" ]; + provideXFR = [ "10.69.13.6 xferkey" ]; + notify = [ "10.69.13.6@8053 xferkey" ]; data = builtins.readFile ./zones-home-2rjus-net.conf; }; }; diff --git a/services/ns/secondary-authorative.nix b/services/ns/secondary-authorative.nix index 8bf3a2e..7afca5f 100644 --- a/services/ns/secondary-authorative.nix +++ b/services/ns/secondary-authorative.nix @@ -22,8 +22,8 @@ zones = { "home.2rjus.net" = { - allowNotify = [ "10.69.13.7 xferkey" ]; - requestXFR = [ "AXFR 10.69.13.7@8053 xferkey" ]; + allowNotify = [ "10.69.13.5 xferkey" ]; + requestXFR = [ "AXFR 10.69.13.5@8053 xferkey" ]; data = builtins.readFile ./zones-home-2rjus-net.conf; }; };