Commit a4e1b4f66e6b
Changed files (2)
systems
hosts
systems/hosts/aomi.nix
@@ -24,6 +24,27 @@ in
(import ../../users).root
];
+ fileSystems."/" = {
+ device = "/dev/vg/root";
+ fsType = "ext4";
+ options = [ "noatime" "discard" ];
+ };
+
+ boot.initrd.luks.devices = {
+ root = {
+ device = "/dev/disk/by-uuid/50d7faba-8923-4b30-88f7-40df26e02def";
+ preLVM = true;
+ allowDiscards = true;
+ };
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/0101-68DE";
+ fsType = "vfat";
+ };
+
+ swapDevices = [{ device = "/dev/disk/by-uuid/aff86817-55ae-47ed-876a-e5a027b560ba"; }];
+
networking = {
hostName = hostname;
};
systems/hosts/wakasu.nix
@@ -134,6 +134,41 @@ in
HandleLidSwitchExternalPower=ignore
HandleLidSwitchDocked=ignore
'';
+ bind = {
+ enable = true;
+ forwarders = [ "8.8.8.8" "8.8.4.4" ];
+ cacheNetworks = [ "192.168.1.0/24" "127.0.0.0/8" "10.100.0.0/24" ];
+ zones = [
+ {
+ # home
+ name = "home";
+ master = true;
+ slaves = [ ];
+ file = pkgs.mkSecret ../../secrets/db.home;
+ }
+ {
+ # home.reverse
+ name = "192.168.1.in-addr.arpa";
+ master = true;
+ slaves = [ ];
+ file = pkgs.mkSecret ../../secrets/db.192.168.1;
+ }
+ {
+ # vpn
+ name = "vpn";
+ master = true;
+ slaves = [ ];
+ file = pkgs.mkSecret ../../secrets/db.vpn;
+ }
+ {
+ # vpn.reverse
+ name = "10.100.0.in-addr.arpa";
+ master = true;
+ slaves = [ ];
+ file = pkgs.mkSecret ../../secrets/db.10.100.0;
+ }
+ ];
+ };
#syncthing.guiAddress = "${wireguard.ips.wakasu}:8384";
syncthing.guiAddress = "0.0.0.0:8384";
smartd = {