coredns: bind to specific interfaces/IPs

This commit is contained in:
Luke Granger-Brown 2022-01-01 09:03:25 +00:00
parent 8e28b5bbfe
commit 1f13fd811d
6 changed files with 17 additions and 1 deletions

View file

@ -125,6 +125,7 @@ in {
]; ];
}; };
my.ip.tailscale = "100.75.142.119"; my.ip.tailscale = "100.75.142.119";
my.coredns.bind = [ "enp1s0" "tailscale0" "127.0.0.1" "::1" ];
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget

View file

@ -133,6 +133,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.79.173.25"; my.ip.tailscale = "100.79.173.25";
my.coredns.bind = [ "br-ext" "tailscale0" "127.0.0.1" "::1" ];
services.openssh.openFirewall = false; # allowed by networking.firewall.extraCommands services.openssh.openFirewall = false; # allowed by networking.firewall.extraCommands
services.openssh.hostKeys = [ services.openssh.hostKeys = [

View file

@ -65,6 +65,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.127.132.77"; my.ip.tailscale = "100.127.132.77";
my.coredns.bind = [ "ens3" "tailscale0" "127.0.0.1" "::1" ];
system.stateVersion = "21.05"; system.stateVersion = "21.05";
} }

View file

@ -65,6 +65,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.125.159.57"; my.ip.tailscale = "100.125.159.57";
my.coredns.bind = [ "ens3" "tailscale0" "127.0.0.1" "::1" ];
system.stateVersion = "21.05"; system.stateVersion = "21.05";
} }

View file

@ -68,6 +68,7 @@ in {
}; };
}; };
my.ip.tailscale = "100.99.236.25"; my.ip.tailscale = "100.99.236.25";
my.coredns.bind = [ "ens3" "tailscale0" "127.0.0.1" "::1" ];
services.lukegbgp = let local = { services.lukegbgp = let local = {
asn = 205479; asn = 205479;

View file

@ -1,6 +1,11 @@
{ depot, lib, ... }: { depot, lib, config, ... }:
{ {
options.my.coredns.bind = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
};
config = { config = {
environment.etc."coredns-zones" = { environment.etc."coredns-zones" = {
source = "${./zones}"; source = "${./zones}";
@ -38,7 +43,12 @@
} }
''; '';
in '' in ''
(global) {
bind ${lib.concatStringsSep " " config.my.coredns.bind}
}
. { . {
import global
chaos chaos
log log
errors errors
@ -52,6 +62,7 @@
} }
(zonehdr) { (zonehdr) {
import global
prometheus prometheus
log log
errors errors