rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

falkenstein: disable zram and add own dns config

Browse source
This commit is contained in:
Rouven Seifert 2024-03-09 12:38:24 +01:00
parent d3fd3e9b17
commit 911fa95dd1
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
3 changed files with 71 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -63,7 +63,6 @@ sda
├─sda1 / ├─sda1 /
├─sda14 # BIOS boot ├─sda14 # BIOS boot
└─sda15 /boot/efi # EFI stuff └─sda15 /boot/efi # EFI stuff
zram0 [SWAP]
``` ```
### vm ### vm

2
hosts/falkenstein/default.nix
View file

@ -5,6 +5,7 @@
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./modules/backup ./modules/backup
./modules/dns
./modules/fail2ban ./modules/fail2ban
./modules/mail ./modules/mail
./modules/networks ./modules/networks
@ -27,7 +28,6 @@
initrd.systemd.enable = true; initrd.systemd.enable = true;
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
}; };
zramSwap.enable = true;
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";

70
hosts/falkenstein/modules/dns/default.nix Normal file
View file

@ -0,0 +1,70 @@
{ pkgs, ... }:
{
services.bind = {
enable = true;
zones = {
"rfive.de" = {
master = true;
slaves = [
"192.174.68.104"
"176.97.158.104"
"185.181.104.96"
];
extraConfig = ''
also-notify {185.181.104.96;};
'';
file = pkgs.writeText "rfive.de_zone.txt" ''
$TTL 3600
rfive.de. 86400 IN SOA ns.rfive.de. hostmaster.rfive.de. 2024030827 10800 3600 604800 3600
@ 3600 IN NS ns.rfive.de.
@ 3600 IN NS ns.inwx.de.
@ 3600 IN NS ns2.inwx.de.
ns.rfive.de. 3600 IN A 23.88.121.184
ns.rfive.de. 3600 IN AAAA 2a01:4f8:c012:49de::1
@ IN A 23.88.121.184
@ IN AAAA 2a01:4f8:c012:49de::1
@ IN CAA 0 iodef "mailto:ca@rfive.de"
@ IN CAA 0 issue "letsencrypt.org"
@ IN CAA 0 issuewild ";"
nuc 3600 IN A 141.30.227.6
falkenstein IN A 23.88.121.184
falkenstein IN AAAA 2a01:4f8:c012:49de::1
falkenstein IN SSHFP 1 1 DE42CA418093CF94EABC124E101AE4D8DE02C69F
falkenstein IN SSHFP 1 2 149100F5C3CA333E20E7B03EB463B0FB23D34FFE1FC65EFAADDDBE51 8EC35990
falkenstein IN SSHFP 4 1 70A38677DEE50C5B67AA11400A6BCD4984355C2A
falkenstein IN SSHFP 4 2 B25AD18A23C885AE965875C4C9EDA4E4EDFD3503334B10F0BFE7527B EB178CB2
@ IN MX 1 mail.rfive.de.
mail IN A 23.88.121.184
mail IN AAAA 2a01:4f8:c012:49de::1
@ IN TXT "v=spf1 mx ~all"
rspamd._domainkey IN TXT "v=DKIM1; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoirUMubro4nlmY6a8JMwK9QB2agAXiJzexDU/7ba6KCggONfoSTfUHlrM/XeM1GG/9oKpngApxDPP97adJuxc8/EELyo4HjTyYD8GBFZhg0AN7V8IPaJ1o5k6dGDk8ZLh41ZCnlAVWkhVSKs5pYtzkrlJIfUSzyuoe8nuFsVe3QIDAQAB"
_dmarc IN TXT "v=DMARC1; p=none; adkim=s; fo=1; rua=mailto:dmarc@rfive.de; ruf=mailto:dmarc@rfive.de"
auth IN CNAME nuc.rfive.de.
test IN CNAME nuc.rfive.de.
cache IN CNAME nuc.rfive.de.
chat IN CNAME nuc.rfive.de.
images.trucksimulatorbot IN CNAME falkenstein.rfive.de.
matrix IN CNAME nuc.rfive.de.
purge IN CNAME falkenstein.rfive.de.
rspamd IN CNAME falkenstein.rfive.de.
seafile IN CNAME nuc.rfive.de.
trucksimulatorbot IN CNAME falkenstein.rfive.de.
uptime IN CNAME nuc.rfive.de.
vault IN CNAME nuc.rfive.de.
_discord IN TXT "dh=0bcca75b0a56c304f0c23fbdb3f12009411e8c0c"
'';
};
};
};
networking.firewall.allowedUDPPorts = [ 53 ];
networking.firewall.allowedTCPPorts = [ 53 ];
}