From 2c03460ad97ed1d10415918e9ec53744e4f920dc Mon Sep 17 00:00:00 2001 From: azahi Date: Mon, 21 Oct 2024 15:39:18 +0300 Subject: 2024-10-21 --- modules/common/networking.nix | 7 +++++++ modules/common/systemd.nix | 19 ++++--------------- modules/profiles/default.nix | 6 ++++++ modules/profiles/headful.nix | 6 ------ modules/wireguard.nix | 19 +++++++++++-------- 5 files changed, 28 insertions(+), 29 deletions(-) diff --git a/modules/common/networking.nix b/modules/common/networking.nix index 2867825..1f0f97a 100644 --- a/modules/common/networking.nix +++ b/modules/common/networking.nix @@ -108,6 +108,13 @@ in }) ]; + services.resolved = { + llmnr = "false"; + dnsovertls = "opportunistic"; + fallbackDns = dns.const.quad9.default; + domains = [ my.domain.shire ]; + }; + environment = { shellAliases = listToAttrs ( map ({ name, value }: nameValuePair name "${pkgs.iproute2}/bin/${value}") [ diff --git a/modules/common/systemd.nix b/modules/common/systemd.nix index e058ad8..f832518 100644 --- a/modules/common/systemd.nix +++ b/modules/common/systemd.nix @@ -1,10 +1,7 @@ { config, - pkgs, - lib, ... }: -with lib; { ark = { files = [ "/etc/machine-id" ]; @@ -22,17 +19,9 @@ with lib; }; }; - services = { - resolved = { - llmnr = "false"; - dnsovertls = "opportunistic"; - fallbackDns = dns.const.quad9.default; - }; - - journald.extraConfig = '' - SystemMaxUse=5G - ''; - }; + services.journald.extraConfig = '' + SystemMaxUse=5G + ''; systemd = let @@ -50,7 +39,7 @@ with lib; environment.variables = { SYSTEMD_PAGERSECURE = "1"; - SYSTEMD_PAGER = "${pkgs.less}/bin/less"; + SYSTEMD_PAGER = "less"; SYSTEMD_LESS = "FRSXMK"; }; } diff --git a/modules/profiles/default.nix b/modules/profiles/default.nix index 5265fda..8824dfd 100644 --- a/modules/profiles/default.nix +++ b/modules/profiles/default.nix @@ -49,15 +49,21 @@ in }; environment.systemPackages = with pkgs; [ + arping cryptsetup + dnsutils file + inetutils + ldns lshw lsof pciutils psmisc rsync smartmontools + socat sysstat + tcpdump tree util-linux ]; diff --git a/modules/profiles/headful.nix b/modules/profiles/headful.nix index e9625de..b7c17d6 100644 --- a/modules/profiles/headful.nix +++ b/modules/profiles/headful.nix @@ -131,13 +131,7 @@ in time.timeZone = "Europe/Moscow"; environment.systemPackages = with pkgs; [ - arping - dnsutils - inetutils - ldns lm_sensors - socat - tcpdump usbutils ]; diff --git a/modules/wireguard.nix b/modules/wireguard.nix index 8547f70..8ea360b 100644 --- a/modules/wireguard.nix +++ b/modules/wireguard.nix @@ -9,6 +9,15 @@ with lib; let cfg = config.nixfiles.modules.wireguard; + + DNSSetup = + let + resolvectl = "${config.systemd.package}/bin/resolvectl"; + in + '' + ${resolvectl} dns ${cfg.interface} ${cfg.server.ipv6.address} ${cfg.server.ipv4.address} + ${resolvectl} domain ${cfg.interface} ${my.domain.shire} + ''; in { disabledModules = [ @@ -166,14 +175,7 @@ in ipv6.address ipv4.address ]; - postUp = - let - resolvectl = "${config.systemd.package}/bin/resolvectl"; - in - '' - ${resolvectl} dns ${cfg.interface} ${ipv6.address} ${ipv4.address} - ${resolvectl} domain ${cfg.interface} ${concatStringsSep " " (mapAttrsToList (_: v: v) my.domain)} - ''; + postUp = DNSSetup; }) ]; @@ -216,6 +218,7 @@ in ]; listenPort = port; inherit peers; + postSetup = DNSSetup; allowedIPsAsRoutes = false; }; }; -- cgit 1.4.1