about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/common/networking.nix7
-rw-r--r--modules/common/systemd.nix19
-rw-r--r--modules/profiles/default.nix6
-rw-r--r--modules/profiles/headful.nix6
-rw-r--r--modules/wireguard.nix19
5 files changed, 28 insertions, 29 deletions
diff --git a/modules/common/networking.nix b/modules/common/networking.nix
index 2867825..1f0f97a 100644
--- a/modules/common/networking.nix
+++ b/modules/common/networking.nix
@@ -108,6 +108,13 @@ in
       })
     ];
 
+    services.resolved = {
+      llmnr = "false";
+      dnsovertls = "opportunistic";
+      fallbackDns = dns.const.quad9.default;
+      domains = [ my.domain.shire ];
+    };
+
     environment = {
       shellAliases = listToAttrs (
         map ({ name, value }: nameValuePair name "${pkgs.iproute2}/bin/${value}") [
diff --git a/modules/common/systemd.nix b/modules/common/systemd.nix
index e058ad8..f832518 100644
--- a/modules/common/systemd.nix
+++ b/modules/common/systemd.nix
@@ -1,10 +1,7 @@
 {
   config,
-  pkgs,
-  lib,
   ...
 }:
-with lib;
 {
   ark = {
     files = [ "/etc/machine-id" ];
@@ -22,17 +19,9 @@ with lib;
     };
   };
 
-  services = {
-    resolved = {
-      llmnr = "false";
-      dnsovertls = "opportunistic";
-      fallbackDns = dns.const.quad9.default;
-    };
-
-    journald.extraConfig = ''
-      SystemMaxUse=5G
-    '';
-  };
+  services.journald.extraConfig = ''
+    SystemMaxUse=5G
+  '';
 
   systemd =
     let
@@ -50,7 +39,7 @@ with lib;
 
   environment.variables = {
     SYSTEMD_PAGERSECURE = "1";
-    SYSTEMD_PAGER = "${pkgs.less}/bin/less";
+    SYSTEMD_PAGER = "less";
     SYSTEMD_LESS = "FRSXMK";
   };
 }
diff --git a/modules/profiles/default.nix b/modules/profiles/default.nix
index 5265fda..8824dfd 100644
--- a/modules/profiles/default.nix
+++ b/modules/profiles/default.nix
@@ -49,15 +49,21 @@ in
     };
 
     environment.systemPackages = with pkgs; [
+      arping
       cryptsetup
+      dnsutils
       file
+      inetutils
+      ldns
       lshw
       lsof
       pciutils
       psmisc
       rsync
       smartmontools
+      socat
       sysstat
+      tcpdump
       tree
       util-linux
     ];
diff --git a/modules/profiles/headful.nix b/modules/profiles/headful.nix
index e9625de..b7c17d6 100644
--- a/modules/profiles/headful.nix
+++ b/modules/profiles/headful.nix
@@ -131,13 +131,7 @@ in
     time.timeZone = "Europe/Moscow";
 
     environment.systemPackages = with pkgs; [
-      arping
-      dnsutils
-      inetutils
-      ldns
       lm_sensors
-      socat
-      tcpdump
       usbutils
     ];
 
diff --git a/modules/wireguard.nix b/modules/wireguard.nix
index 8547f70..8ea360b 100644
--- a/modules/wireguard.nix
+++ b/modules/wireguard.nix
@@ -9,6 +9,15 @@
 with lib;
 let
   cfg = config.nixfiles.modules.wireguard;
+
+  DNSSetup =
+    let
+      resolvectl = "${config.systemd.package}/bin/resolvectl";
+    in
+    ''
+      ${resolvectl} dns ${cfg.interface} ${cfg.server.ipv6.address} ${cfg.server.ipv4.address}
+      ${resolvectl} domain ${cfg.interface} ${my.domain.shire}
+    '';
 in
 {
   disabledModules = [
@@ -166,14 +175,7 @@ in
               ipv6.address
               ipv4.address
             ];
-            postUp =
-              let
-                resolvectl = "${config.systemd.package}/bin/resolvectl";
-              in
-              ''
-                ${resolvectl} dns ${cfg.interface} ${ipv6.address} ${ipv4.address}
-                ${resolvectl} domain ${cfg.interface} ${concatStringsSep " " (mapAttrsToList (_: v: v) my.domain)}
-              '';
+            postUp = DNSSetup;
           })
         ];
 
@@ -216,6 +218,7 @@ in
               ];
               listenPort = port;
               inherit peers;
+              postSetup = DNSSetup;
               allowedIPsAsRoutes = false;
             };
           };

Consider giving Nix/NixOS a try! <3