wymiller/nix-config-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Appliance server setup #4

Merged
wymiller merged 10 commits from valefor-setup into master 2025-01-05 20:36:46 -06:00
Conversation 0 Commits 10 Files Changed 7 +11 -15
2 changed files with 11 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit f10c3e7a8c - Show all commits

15
modules/machine/valefor/configuration.nix
View File

@ -86,26 +86,15 @@
# Core networking module (see ../../networking/core.nix)
networking = {
firewall = {
enable = true;
udpPorts = {
dns.enable = true;
};
};
firewall.enable = true;
networkmanager.enable = true;
};
# DNS module (see ../../networking/dns.nix)
dns = {
technitium = {
enable = true;
};
bind.enable = false;
technitium.enable = true;
};
# Enable dconf
programs.dconf.enable = true;
# Add username to groups "wheel" and "video" - more may be added here later
users.users.${userName}.extraGroups = ["wheel" "podman" "network"];

11
modules/networking/dns.nix
View File

@ -13,7 +13,13 @@ in {
interfaces = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["127.0.0.1"];
description = "Network interfaces BIND should listen on";
description = "Network interfaces BIND should listen on (IPv4)";
};
interfaces6 = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["::1"];
description = "Network interfaces BIND should listen on (IPv6)";
};
zones = lib.mkOption {
@ -73,7 +79,8 @@ in {
(lib.mkIf cfg.bind.enable {
services.bind = {
enable = true;
interfaces = cfg.bind.settings.interfaces;
listenOn = cfg.bind.settings.interfaces;
listenOnIpv6 = cfg.bind.settings.interfaces6;
zones =
map (zone: {
name = zone.name;