dns: move all local hosts under vpn.rfive.de

2025-01-18 17:11:39 +01:00 · 2024-04-01 14:23:43 +02:00 · 2024-04-01 14:23:43 +02:00 · 0205b8b2ea
commit 0205b8b2ea
parent 0b0ddf7faf
3 changed files with 8 additions and 29 deletions
--- a/hosts/falkenstein/modules/dns/default.nix
+++ b/hosts/falkenstein/modules/dns/default.nix
@ -6,7 +6,7 @@ let
    $ORIGIN rfive.de.
    rfive.de.   86400  IN  SOA ns.rfive.de. hostmaster.rfive.de. (
-      2024032601 ; serial
+      2024040102 ; serial
      10800      ; refresh
      3600       ; retry
      604800     ; expire
--- a/hosts/thinkpad/modules/networks/default.nix
+++ b/hosts/thinkpad/modules/networks/default.nix
@ -163,8 +163,8 @@
      networkConfig = {
        Address = "192.168.43.3/32";
        DNS = "192.168.43.1";
-        Domains = "~lan";
+        Domains = "~vpn.rfive.de";
-        DNSSEC = true;
+        DNSSEC = false;
        BindCarrier = [ "wlp9s0" ];
      };
    };
--- a/users/rouven/modules/ssh/default.nix
+++ b/users/rouven/modules/ssh/default.nix
@ -3,14 +3,14 @@ let
  git = "~/.ssh/git";
 in
 {
-  programs.ssh = rec {
+  programs.ssh = {
    enable = true;
    compression = true;
    controlMaster = "auto";
    controlPersist = "10m";
    extraConfig = ''
      CanonicalizeHostname yes
-      CanonicalDomains agdsn.network
+      CanonicalDomains agdsn.network vpn.rfive.de
      PKCS11Provider /run/current-system/sw/lib/libtpm2_pkcs11.so
      IdentityFile ~/.ssh/id_ed25519
      VisualHostKey = yes
@ -21,26 +21,6 @@ in
        match = "Host github.com User git";
        identityFile = git;
      };
      "rfive.de" = {
        hostname = "falkenstein.rfive.de";
        user = "root";
        extraOptions = {
          VerifyHostKeyDNS = "yes";
        };
      };
      # used for nix remote building
      falkenstein = matchBlocks."rfive.de";
      "nuc" = {
        hostname = "192.168.42.2";
        user = "root";
      };
      "router" = {
        hostname = "192.168.42.1";
        user = "root";
      };
      # iFSR
      "fsr" = {
        hostname = "ifsr.de";
@ -70,10 +50,6 @@ in
        hostname = "tomate.ifsr.de";
        user = "root";
      };
      "durian" = {
        hostname = "durian.ifsr.de";
        user = "root";
      };
      "git@ifsr.de" = {
        match = "Host ifsr.de User git";
        identityFile = git;
@ -94,6 +70,9 @@ in
          VerifyHostKeyDNS = "yes";
        };
      };
      "*.vpn.rfive.de" = {
        user = "root";
      };
      "git@git.agdsn.de" = {
        match = "Host git.agdsn.de User git";
        identityFile = git;