diff --git a/nix/hosts/loki/modules/coredns.nix b/nix/hosts/loki/modules/coredns.nix index 3461a61..5dafa11 100644 --- a/nix/hosts/loki/modules/coredns.nix +++ b/nix/hosts/loki/modules/coredns.nix @@ -5,7 +5,7 @@ sops-nix, ... }: let - serial = toString 14; + serial = toString 15; svc = "coredns.service"; usr = "${toString config.users.users.coredns.name}"; domain = p.domainName; @@ -35,6 +35,8 @@ in { "net/ethLoki".restartUnits = [svc]; "net/ethCaelum".restartUnits = [svc]; "net/ethCarina".restartUnits = [svc]; + "net/ethNixpi".restartUnits = [svc]; + "net/ethSurtur".restartUnits = [svc]; "net/wlanLoki".restartUnits = [svc]; "net/wlanCarina".restartUnits = [svc]; @@ -47,6 +49,8 @@ in { "net/ethLoki".owner = usr; "net/ethCaelum".owner = usr; "net/ethCarina".owner = usr; + "net/ethNixpi".owner = usr; + "net/ethSurtur".owner = usr; "net/wlanLoki".owner = usr; "net/wlanCarina".owner = usr; }; @@ -57,33 +61,40 @@ in { content = '' $ORIGIN ${domain}. @ 1D IN SOA ${domain}. root.${domain}. ( - ${serial} ; serial (yyyymmdd##) - 1M ; refresh - 1M ; retry - 1M ; expiry - 1m ) ; minimum ttl + ${serial} ; serial (yyyymmdd##) + 1m ; refresh + 1m ; retry + 1m ; expiry + 1m ) ; minimum ttl 5m IN NS ${p."net/ethLoki"}. 5m IN NS ${p."net/wlanLoki"}. 5m IN NS ${p."net/ethCarina"}. 5m IN NS ${p."net/wlanCarina"}. - grocy.${domain}. 5m IN A ${p."net/ethCaelum"} - gonic.${domain}. 5m IN A ${p."net/ethLoki"} - cloud.${domain}. 5m IN A ${p."net/ethCaelum"} - media.${domain}. 5m IN A ${p."net/ethCaelum"} - llama.${domain}. 5m IN A ${p."net/ethCaelum"} - llama2.${domain}. 5m IN A ${p."net/ethCaelum"} - auth.${domain}. 5m IN A ${p."net/ethLoki"} - whoami.${domain}. 5m IN A ${p."net/ethLoki"} - ffsync.${domain}. 5m IN A ${p."net/ethLoki"} - cache.${domain}. 5m IN A ${p."net/ethLoki"} - nixcache.${domain}. 5m IN CNAME cache.${domain} - uptime.${domain}. 5m IN A ${p."net/ethLoki"} + ns1 5m IN A ${p."net/ethCarina"} + ns2 5m IN A ${p."net/ethLoki"} + ns3 5m IN A ${p."net/wlanLoki"} + ns4 5m IN A ${p."net/wlanCarina"} - carina.${domain}. 5m IN A ${p."net/ethCarina"} - caelum.${domain}. 5m IN A ${p."net/ethCaelum"} - loki.${domain}. 5m IN A ${p."net/ethLoki"} + grocy 5m IN A ${p."net/ethCaelum"} + gonic 5m IN A ${p."net/ethLoki"} + cloud 5m IN A ${p."net/ethCaelum"} + media 5m IN A ${p."net/ethCaelum"} + llama 5m IN A ${p."net/ethCaelum"} + llama2 5m IN A ${p."net/ethCaelum"} + auth 5m IN A ${p."net/ethLoki"} + whoami 5m IN A ${p."net/ethLoki"} + ffsync 5m IN A ${p."net/ethLoki"} + cache 5m IN A ${p."net/ethLoki"} + nixcache 5m IN CNAME cache.${domain} + uptime 5m IN A ${p."net/ethLoki"} + + carina 5m IN A ${p."net/ethCarina"} + loki 5m IN A ${p."net/ethLoki"} + caelum 5m IN A ${p."net/ethCaelum"} + nixpi 5m IN A ${p."net/ethNixpi"} + surtur.${domain}. 5m IN A ${p."net/ethSurtur"} ''; }; diff --git a/nix/hosts/loki/secrets.yaml b/nix/hosts/loki/secrets.yaml index e7cd3cb..8330e72 100644 --- a/nix/hosts/loki/secrets.yaml +++ b/nix/hosts/loki/secrets.yaml @@ -13,6 +13,8 @@ authentik: #ENC[AES256_GCM,data:7Ux8lB94gwD/7pab3THr8ExJ5DwsMBikqECFIRYEmIAIJh8RnGjORnGIk+Dx06NZ0yr16JMD3o0kyjNL,iv:bIfJmwB4Y/oS241keTPG7Ty9hT7U12ES3XV2vHKFKgI=,tag:qDTXF62SzpMqDNqklkZdsg==,type:comment] emailPassword: ENC[AES256_GCM,data:Jr1lpggvsxO50dvQ/jWjinN9CtSA5KiVbIuisYtx+lzzkOZojBlYkOiX3aYNfxX1MOPlsA==,iv:Bl6siYZ6wneYOeZ2PivAUJS1JnLFRgYtdbjrmrKOOBI=,tag:YrsvF3Q1cs6w+bUlHA9Wgw==,type:str] net: + ethSurtur: ENC[AES256_GCM,data:YvPqV8JDrkHtpqgW,iv:mI3vXwSlmsE/t6z68SovLmDRmKGQzGuxnFxHJOw7Fys=,tag:TrmFvuyGW9Smp5MJRzTPrg==,type:str] + ethNixpi: ENC[AES256_GCM,data:CiefW425x9pE24EJ,iv:dnWQNaNrvw4onfENV5t7kTrSKDxycNdHuAolwhKvS6w=,tag:jt205dplzDbqgetBcM/SMg==,type:str] ethLoki: ENC[AES256_GCM,data:dP23Oj9pPPntNnx0,iv:kdfdkKhHQQED/iH1BDRUB/C3R/vdVgY4Pm8nZMc62uQ=,tag:8qb669FIhwI5AU/LHfj7wg==,type:str] ethCaelum: ENC[AES256_GCM,data:KRiIHgqJVZHbMOEPlw==,iv:xbZBkEboi5B7M0PuWytkc6+Y2FoZ7LhDox39yX4ZTIk=,tag:Y2wElHZzxTn68kTK0e48UQ==,type:str] ethCarina: ENC[AES256_GCM,data:IIzTlIdGo17ie1XA6w==,iv:v79kkPFbhj5x+8xTkxSKCS9xCaTzlMK+RaGQgiKnDn8=,tag:cFNDqag0JGLHgVFQ3tA9mA==,type:str] @@ -63,8 +65,8 @@ sops: c200TjlWUnFqRCs4V0FjM25iT3YrZTQKfpfrN++o6SZerazvwpuiYLpvJL4Bb4U/ UIpMVS/rJhDrrBfMsCj253CRYRu73mbN28xnK+e68cl8l3EiMyEkEA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2023-11-01T22:20:35Z" - mac: ENC[AES256_GCM,data:tR1SlKiL9frBg3/KYrb8Igdgbx17mDreNOZEbkR1b7KmwoCvzJbO//5DT7yNPp4xiezTB/fW9xKNVSpBTJCbeifpj2hJGGC3VgUDpuZ9PiNcslIgvdw3tesGkRNq8srDgCx78CGl2q8wYxTtm4CjmjHv662OgNiXqbVHTRzOmZo=,iv:9SzPvUVlh8yNnSKEbaTyXw4JlQ0kbmR+L+9tyI3s2SU=,tag:wbq7R+tkt9uSGQzRs2g/Cw==,type:str] + lastmodified: "2023-11-13T21:36:25Z" + mac: ENC[AES256_GCM,data:LLXZTAAvR00tY0p6ANpP2SABwlI/hgcHlAArv5YkohykOaamWnHp4ehd248ouFjywPIFDu1YZYVcCPjATuKYv69I+qAD+Y2bApJQNkegthfR3oHQaU6eSpiloMx+Yqqvlb6XpoAB/ewgbPSDRBsQ8tibrNtwhOlX5nqIv5M2sIo=,iv:egsHl9G80EoDHIZannXE1KGJ4MJ/30cYCxfngJFRx7Q=,tag:FewLvSmbfNGyyTdZ2IPK/w==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3