Cloonar/nixos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: Cloonar:dffa1d96cf60cc0e428ea112df8d1b36f8b35428
Branches Tags
Cloonar:master
..
compare: Cloonar:40fb010825576d0ca2493e3c53cd2af280f06b56
Branches Tags
Cloonar:master

2 commits
dffa1d96cf ... 40fb010825

Author SHA1 Message Date
Dominik Polakovics
40fb010825 add firewall for resolved 2023-12-07 08:40:51 +01:00
Dominik Polakovics
3ea51364e2 add resolved 2023-12-07 08:40:11 +01:00
2 changed files with 12 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/fw.cloonar.com/modules/firewall.nix
View file

@ -136,11 +136,12 @@
"lan", "lan",
"server", "server",
"vserver", "vserver",
"podman1",
"infrastructure", "infrastructure",
"wg_cloonar", "wg_cloonar",
"smart", "smart",
"multimedia" "multimedia"
} udp dport { 67, 68 } counter accept } udp dport { 53, 67, 68 } counter accept
# Accept mDNS for avahi reflection # Accept mDNS for avahi reflection
# iifname "multimedia" ip saddr <chromecast IP> tcp dport { llmnr } counter accept # iifname "multimedia" ip saddr <chromecast IP> tcp dport { llmnr } counter accept

10
hosts/fw.cloonar.com/modules/networking.nix
View file

@ -20,6 +20,16 @@
}; };
}; };
services.resolved = {
enable = true;
# dnssec = "true";
domains = [ "~." ];
fallbackDns = [ "10.42.97.10" ];
# extraConfig = ''
# DNSOverTLS=yes
# '';
};
networking = { networking = {
useDHCP = false; useDHCP = false;
# Define VLANS # Define VLANS