commit a21e8abc6c84e6c742408547d73c888114055f8f · ryan.freumh.org/nixos

+15 -15

flake.lock

···

       57
       57
        
               ]

     

       58
       58
        
             },

     

       59
       59
        
             "locked": {

     

       60
       60
       -
               "lastModified": 1674649580,

     

       61
       61
       -
               "narHash": "sha256-r6e3oAQVDmL9QsHnTDw715Qo0SdXEo8fk8LLhBOo9fI=",

     

       60
       60
       +
               "lastModified": 1676990576,

     

       61
       61
       +
               "narHash": "sha256-oljhdlGy7v5bMI7gy0lfmUFl0wIMFczvlamWgH/6TFE=",

     

       62
       62
        
               "ref": "main",

     

       63
       63
       -
               "rev": "419027863b0dd7e37cee356873a10c554485ef4d",

     

       64
       64
       -
               "revCount": 12,

     

       63
       63
       +
               "rev": "9d7027b80ab57fece64090d7da9214e1d2b763df",

     

       64
       64
       +
               "revCount": 13,

     

       65
       65
        
               "type": "git",

     

       66
       66
        
               "url": "ssh://git@git.freumh.org/ryan/eilean-nix.git"

     

       67
       67
        
             },

     
···

       228
       228
        
               ]

     

       229
       229
        
             },

     

       230
       230
        
             "locked": {

     

       231
       231
       -
               "lastModified": 1676928470,

     

       232
       232
       -
               "narHash": "sha256-CGuXLhCXiEEC724ZSBWhgXkhGFHeKVekyE6GmDuG1A0=",

     

       231
       231
       +
               "lastModified": 1676980151,

     

       232
       232
       +
               "narHash": "sha256-31/8wJG0VUndUaZoIMGWLulIJmXfKb0IT5Q1qSB5E/A=",

     

       233
       233
        
               "owner": "RyanGibb",

     

       234
       234
        
               "repo": "ocaml-dns-eio",

     

       235
       235
       -
               "rev": "a4d5f0b29b90195397f1881138ea9d9f2c569154",

     

       235
       235
       +
               "rev": "62d9ccb45bdd133e5affe8e26847075b0dcbc697",

     

       236
       236
        
               "type": "github"

     

       237
       237
        
             },

     

       238
       238
        
             "original": {

     
···

       376
       376
        
               ]

     

       377
       377
        
             },

     

       378
       378
        
             "locked": {

     

       379
       379
       -
               "lastModified": 1676912279,

     

       380
       380
       -
               "narHash": "sha256-KWFYibR9VQa+VbhhUXTXMc0pfcw5QfhpsFDwRc82jS8=",

     

       379
       379
       +
               "lastModified": 1676988764,

     

       380
       380
       +
               "narHash": "sha256-ES3fiVeJFklvL4u+qeL+4qzGWCB3Ea/D/xUTflfyAQ0=",

     

       381
       381
        
               "ref": "refs/heads/master",

     

       382
       382
       -
               "rev": "78b36aeadf3dd0cadbf51db05b50927b25c5c4d5",

     

       383
       383
       -
               "revCount": 413,

     

       382
       382
       +
               "rev": "ebad86e5618db68ea1c64ee784d7231bf92f10a1",

     

       383
       383
       +
               "revCount": 414,

     

       384
       384
        
               "type": "git",

     

       385
       385
        
               "url": "ssh://git@git.freumh.org/ryan/website.git"

     

       386
       386
        
             },

     
···

       399
       399
        
               ]

     

       400
       400
        
             },

     

       401
       401
        
             "locked": {

     

       402
       402
       -
               "lastModified": 1669825363,

     

       403
       403
       -
               "narHash": "sha256-VnmzHGe6xk7DjHn+XqgYOo5t7rLq5mkhIYmoKFoawZg=",

     

       402
       402
       +
               "lastModified": 1676988665,

     

       403
       403
       +
               "narHash": "sha256-2yEamAhBR6Y3/SqxvFYAArz6+5fl+o7PT1xBERCfZ80=",

     

       404
       404
        
               "ref": "refs/heads/master",

     

       405
       405
       -
               "rev": "87fe5ba115534376bd00359ec43c80a0c32cadff",

     

       406
       406
       -
               "revCount": 210,

     

       405
       405
       +
               "rev": "3139087fe212e33e77e6cd67f9fa9764a6a64145",

     

       406
       406
       +
               "revCount": 211,

     

       407
       407
        
               "type": "git",

     

       408
       408
        
               "url": "ssh://git@git.freumh.org/ryan/twitcher.git"

     

       409
       409
        
             },

+22 -19

hosts/vps/default.nix

···

       24
       24
        
         };

     

       25
       25
        
       

     

       26
       26
        
         dns = {

     

       27
       27
       -
           soa.serial = lib.mkForce 2018011625;

     

       28
       28
       -
           records = [

     

       29
       29
       -
             { name = "@"; type = "TXT"; data = "google-site-verification=rEvwSqf7RYKRQltY412qMtTuoxPp64O3L7jMotj9Jnc"; }

     

       30
       30
       -
             { name = "teapot"; type = "CNAME"; data = "vps"; }

     

       27
       27
       +
           zones.${config.networking.domain} = {

     

       28
       28
       +
             soa.serial = lib.mkDefault 0;

     

       29
       29
       +
             records = [

     

       30
       30
       +
               { name = "@"; type = "TXT"; data = "google-site-verification=rEvwSqf7RYKRQltY412qMtTuoxPp64O3L7jMotj9Jnc"; }

     

       31
       31
       +
               { name = "teapot"; type = "CNAME"; data = "vps"; }

     

       31
       32
        
       

     

       32
       32
       -
             { name = "@";   type = "NS"; data = "ns1"; }

     

       33
       33
       -
             { name = "@";   type = "NS"; data = "ns2"; }

     

       33
       33
       +
               { name = "@";   type = "NS"; data = "ns1"; }

     

       34
       34
       +
               { name = "@";   type = "NS"; data = "ns2"; }

     

       34
       35
        
       

     

       35
       35
       -
             { name = "ns1"; type = "A";    data = config.eilean.serverIpv4; }

     

       36
       36
       -
             { name = "ns1"; type = "AAAA"; data = config.eilean.serverIpv6; }

     

       37
       37
       -
             { name = "ns2"; type = "A";    data = config.eilean.serverIpv4; }

     

       38
       38
       -
             { name = "ns2"; type = "AAAA"; data = config.eilean.serverIpv6; }

     

       36
       36
       +
               { name = "ns1"; type = "A";    data = config.eilean.serverIpv4; }

     

       37
       37
       +
               { name = "ns1"; type = "AAAA"; data = config.eilean.serverIpv6; }

     

       38
       38
       +
               { name = "ns2"; type = "A";    data = config.eilean.serverIpv4; }

     

       39
       39
       +
               { name = "ns2"; type = "AAAA"; data = config.eilean.serverIpv6; }

     

       39
       40
        
       

     

       40
       40
       -
             { name = "www"; type = "CNAME"; data = "@"; }

     

       41
       41
       +
               { name = "www"; type = "CNAME"; data = "@"; }

     

       41
       42
        
       

     

       42
       42
       -
             { name = "@";   type = "A";    data = config.eilean.serverIpv4; }

     

       43
       43
       -
             { name = "@";   type = "AAAA"; data = config.eilean.serverIpv6; }

     

       44
       44
       -
             { name = "vps"; type = "A";    data = config.eilean.serverIpv4; }

     

       45
       45
       -
             { name = "vps"; type = "AAAA"; data = config.eilean.serverIpv6; }

     

       43
       43
       +
               { name = "@";   type = "A";    data = config.eilean.serverIpv4; }

     

       44
       44
       +
               { name = "@";   type = "AAAA"; data = config.eilean.serverIpv6; }

     

       45
       45
       +
               { name = "vps"; type = "A";    data = config.eilean.serverIpv4; }

     

       46
       46
       +
               { name = "vps"; type = "AAAA"; data = config.eilean.serverIpv6; }

     

       46
       47
        
       

     

       47
       47
       -
             { name = "@"; type = "LOC"; data = "52 12 40.4 N 0 5 31.9 E 22m 10m 10m 10m"; }

     

       48
       48
       -
           ];

     

       48
       48
       +
               { name = "@"; type = "LOC"; data = "52 12 40.4 N 0 5 31.9 E 22m 10m 10m 10m"; }

     

       49
       49
       +
             ];

     

       50
       50
       +
           };

     

       49
       51
        
         };

     

       50
       52
        
       

     

       51
       53
        
         services.nginx.virtualHosts."teapot.${config.networking.domain}" = {

     
···

       70
       72
        
           };

     

       71
       73
        
           ocaml-dns-eio = {

     

       72
       74
        
             enable = true;

     

       73
       73
       -
             # todo make this zonefile derivation a config parameter `services.dns.zonefile`

     

       74
       74
       -
             zoneFile = import "${eilean}/modules/dns/zonefile.nix" { inherit pkgs config lib; };

     

       75
       75
       +
             # TODO make this zonefile derivation a config parameter `services.dns.zonefile`

     

       76
       76
       +
             # TODO add module in eilean for ocaml-dns-eio

     

       77
       77
       +
             zoneFile = "${import "${eilean}/modules/dns/zonefile.nix" { inherit pkgs config lib; zonename = config.networking.domain; zone = config.dns.zones.${config.networking.domain}; }}/${config.networking.domain}";

     

       75
       78
        
             logLevel = 2;

     

       76
       79
        
           };

     

       77
       80
        
         };

+1 -1

modules/hosting/nix-cache.nix

···

       28
       28
        
             };

     

       29
       29
        
           };

     

       30
       30
        
       

     

       31
       31
       -
           dns.records = [

     

       31
       31
       +
           dns.zones.${config.networking.domain}.records = [

     

       32
       32
        
             {

     

       33
       33
        
               name = "binarycache";

     

       34
       34
        
               type = "CNAME";

+1 -1

modules/hosting/rmfakecloud.nix

···

       50
       50
        
             };

     

       51
       51
        
           };

     

       52
       52
        
       

     

       53
       53
       -
           dns.records = [

     

       53
       53
       +
           dns.zones.${config.networking.domain}.records = [

     

       54
       54
        
             {

     

       55
       55
        
               name = "rmfakecloud";

     

       56
       56
        
               type = "CNAME";

+1 -1

modules/personal/tailscale.nix

···

       31
       31
        
           services.tailscale.enable = true;

     

       32
       32
        
           networking.firewall.checkReversePath = mkDefault "loose";

     

       33
       33
        
       

     

       34
       34
       -
           dns.records = attrsets.mapAttrsToList (hostName: values: {

     

       34
       34
       +
           dns.zones.${config.networking.domain}.records = attrsets.mapAttrsToList (hostName: values: {

     

       35
       35
        
             name = "${hostName}.vpn";

     

       36
       36
        
             type = "A";

     

       37
       37
        
             data = values.ip;