coredns: bind to specific interfaces/IPs

This commit is contained in:
Luke Granger-Brown 2022-01-01 09:03:25 +00:00
parent 8e28b5bbfe
commit 1f13fd811d
6 changed files with 17 additions and 1 deletions

View file

@ -125,6 +125,7 @@ in {
];
};
my.ip.tailscale = "100.75.142.119";
my.coredns.bind = [ "enp1s0" "tailscale0" "127.0.0.1" "::1" ];
# List packages installed in system profile. To search, run:
# $ nix search wget

View file

@ -133,6 +133,7 @@ in {
};
};
my.ip.tailscale = "100.79.173.25";
my.coredns.bind = [ "br-ext" "tailscale0" "127.0.0.1" "::1" ];
services.openssh.openFirewall = false; # allowed by networking.firewall.extraCommands
services.openssh.hostKeys = [

View file

@ -65,6 +65,7 @@ in {
};
};
my.ip.tailscale = "100.127.132.77";
my.coredns.bind = [ "ens3" "tailscale0" "127.0.0.1" "::1" ];
system.stateVersion = "21.05";
}

View file

@ -65,6 +65,7 @@ in {
};
};
my.ip.tailscale = "100.125.159.57";
my.coredns.bind = [ "ens3" "tailscale0" "127.0.0.1" "::1" ];
system.stateVersion = "21.05";
}

View file

@ -68,6 +68,7 @@ in {
};
};
my.ip.tailscale = "100.99.236.25";
my.coredns.bind = [ "ens3" "tailscale0" "127.0.0.1" "::1" ];
services.lukegbgp = let local = {
asn = 205479;

View file

@ -1,6 +1,11 @@
{ depot, lib, ... }:
{ depot, lib, config, ... }:
{
options.my.coredns.bind = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
};
config = {
environment.etc."coredns-zones" = {
source = "${./zones}";
@ -38,7 +43,12 @@
}
'';
in ''
(global) {
bind ${lib.concatStringsSep " " config.my.coredns.bind}
}
. {
import global
chaos
log
errors
@ -52,6 +62,7 @@
}
(zonehdr) {
import global
prometheus
log
errors