mirror of
https://github.com/foo-dogsquared/nixos-config.git
synced 2025-01-31 04:58:01 +00:00
hosts/ni: update DNS routing for VPN internal network
This commit is contained in:
parent
e6b272c612
commit
ff1927deb5
@ -194,6 +194,9 @@ in
|
|||||||
|
|
||||||
system.stateVersion = "22.11"; # Yes! I read the comment!
|
system.stateVersion = "22.11"; # Yes! I read the comment!
|
||||||
|
|
||||||
|
# Setting up split DNS whenever possible.
|
||||||
|
services.resolved.domains = [ "~plover.foodogsquared.one" ];
|
||||||
|
|
||||||
# Setting up Wireguard as a VPN tunnel. Since this is a laptop that meant to
|
# Setting up Wireguard as a VPN tunnel. Since this is a laptop that meant to
|
||||||
# be used anywhere, we're configuring Wireguard here as a "client".
|
# be used anywhere, we're configuring Wireguard here as a "client".
|
||||||
#
|
#
|
||||||
@ -203,6 +206,13 @@ in
|
|||||||
networking.wg-quick.interfaces.wireguard0 = {
|
networking.wg-quick.interfaces.wireguard0 = {
|
||||||
privateKeyFile = config.sops.secrets."ni/wireguard/private-key".path;
|
privateKeyFile = config.sops.secrets."ni/wireguard/private-key".path;
|
||||||
|
|
||||||
|
dns = with interfaces.internal; [
|
||||||
|
IPv4.address
|
||||||
|
IPv6.address
|
||||||
|
];
|
||||||
|
|
||||||
|
listenPort = wireguardPort;
|
||||||
|
|
||||||
address = with wireguardPeers.desktop; [
|
address = with wireguardPeers.desktop; [
|
||||||
"${IPv4}/24"
|
"${IPv4}/24"
|
||||||
"${IPv6}/96"
|
"${IPv6}/96"
|
||||||
|
@ -68,6 +68,7 @@ in
|
|||||||
gnome.dconf-editor # A saner version of Windows registry.
|
gnome.dconf-editor # A saner version of Windows registry.
|
||||||
dialect # Your gateway to polyglotting.
|
dialect # Your gateway to polyglotting.
|
||||||
fractal # Your gateway to the matrix.
|
fractal # Your gateway to the matrix.
|
||||||
|
tangram # Your social media manager, probably.
|
||||||
gnome-frog # Graphical OCR with Tesseract that I always wanted.
|
gnome-frog # Graphical OCR with Tesseract that I always wanted.
|
||||||
gnome-solanum # Cute little matodor timers.
|
gnome-solanum # Cute little matodor timers.
|
||||||
gnome.gnome-boxes # Virtual machines, son.
|
gnome.gnome-boxes # Virtual machines, son.
|
||||||
@ -107,8 +108,13 @@ in
|
|||||||
gnome-initial-setup.enable = false;
|
gnome-initial-setup.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# It makes Nix store directory read/write so no...
|
||||||
services.packagekit.enable = false;
|
services.packagekit.enable = false;
|
||||||
|
|
||||||
|
# Setting up split DNS with systemd-resolved. The domains should already
|
||||||
|
# be configured somewhere else.
|
||||||
|
services.resolved.enable = true;
|
||||||
|
|
||||||
# Since we're using KDE Connect, we'll have to use gsconnect.
|
# Since we're using KDE Connect, we'll have to use gsconnect.
|
||||||
programs.kdeconnect = {
|
programs.kdeconnect = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
Loading…
Reference in New Issue
Block a user