diff --git a/flake.lock b/flake.lock index 25939fa..95f639d 100644 --- a/flake.lock +++ b/flake.lock @@ -108,11 +108,11 @@ }, "nixlib": { "locked": { - "lastModified": 1721523216, - "narHash": "sha256-/NjnIKkBoqKdvOS8unooDg0HqMaRUwYLbyn0ntjEckQ=", + "lastModified": 1723942470, + "narHash": "sha256-QdSArN0xKESEOTcv+3kE6yu4B4WX9lupZ4+Htx3RXGg=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "31a99025ce3784c20dd11dafa5260e80e314f59e", + "rev": "531a2e8416a6d8200a53eddfbdb8f2c8dc4a1251", "type": "github" }, "original": { @@ -129,11 +129,11 @@ ] }, "locked": { - "lastModified": 1721869487, - "narHash": "sha256-zcusn81g+0gO+tSMhfs4W+wAP9As/MWNTBCbS+Ggp7A=", + "lastModified": 1724028932, + "narHash": "sha256-U11ZiQPrpIBdv7oS23bNdX9GCxe/hPf/ARr64P2Wj1Y=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "c12f9a969c8cdf14618774515c7c6c96aef753c7", + "rev": "5fd22603892e4ec5ac6085058ed658243143aacd", "type": "github" }, "original": { @@ -175,11 +175,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1722087241, - "narHash": "sha256-2ShmEaFi0kJVOEEu5gmlykN5dwjWYWYUJmlRTvZQRpU=", + "lastModified": 1723938990, + "narHash": "sha256-9tUadhnZQbWIiYVXH8ncfGXGvkNq3Hag4RCBEMUk7MI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "8c50662509100d53229d4be607f1a3a31157fa12", + "rev": "c42fcfbdfeae23e68fc520f9182dde9f38ad1890", "type": "github" }, "original": { @@ -225,11 +225,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1722138515, - "narHash": "sha256-8iQj7YvgFSStr3HH4PYm0ofrflS+74BxesKMUdtFhnw=", + "lastModified": 1724036520, + "narHash": "sha256-KJU6W5qghjMTjlTFnK0F2zJVw0qmTfC6nkMBhUNgjow=", "ref": "refs/heads/main", - "rev": "b717678d0f964ede087b5bef49bc4ec7ffa1d8d8", - "revCount": 28, + "rev": "4550d62254e030c9075343a4897a985fcfda1fd6", + "revCount": 29, "type": "git", "url": "https://git.strudelline.net/cascade/numbers" }, @@ -315,11 +315,11 @@ }, "unstable": { "locked": { - "lastModified": 1722073938, - "narHash": "sha256-OpX0StkL8vpXyWOGUD6G+MA26wAXK6SpT94kLJXo6B4=", + "lastModified": 1723985069, + "narHash": "sha256-MGtXhZHLZGKhtZT/MYXBJEuMkZB5DLYjY679EYNL7Es=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e36e9f57337d0ff0cf77aceb58af4c805472bfae", + "rev": "ff1c2669bbb4d0dd9e62cc94f0968cfa652ceec1", "type": "github" }, "original": { diff --git a/modules/corenet.nix b/modules/corenet.nix index fe18055..cf1bc30 100644 --- a/modules/corenet.nix +++ b/modules/corenet.nix @@ -30,7 +30,11 @@ in . { ${strIfHasIface "sxxxxec0" "bind sec0"} ${strIfHasIface "xxxxlan0" "bind lan0"} + nsid ${config.networking.hostName} forward . 172.16.1.8 + template IN A server.dns { + answer "{{ .Name }} 0 IN A ${(numbers.api.hostIface config.networking.hostName "sec0").ip}" + } } ''; }; @@ -76,12 +80,12 @@ in 53 80 443 5432 5001 9898 9999 6443 4222 6222 8222 2379 2380 8472 10250 ]; networking.firewall.allowedUDPPortRanges = [ - { from = 30000; to = 32767; } + { from = 5000; to = 32767; } ]; networking.firewall.allowedTCPPorts = [ 53 80 443 5432 5001 9898 9999 6443 4222 6222 8222 2379 2380 10250 ]; networking.firewall.allowedTCPPortRanges = [ - { from = 30000; to = 32767; } + { from = 5000; to = 32767; } ]; } diff --git a/modules/server.nix b/modules/server.nix index 8593bd8..e4a33b0 100644 --- a/modules/server.nix +++ b/modules/server.nix @@ -9,18 +9,6 @@ virtualisation = { kvmgt.enable = true; - #libvirtd = { - # enable = true; - # qemu = { - # runAsRoot = true; - # verbatimConfig = '' - # cgroup_device_acl = ["/dev/kvmfr0", "/dev/kvm"] - # ''; - # swtpm = { - # enable = true; - # }; - # }; - #}; containers = { enable = true; policy = { diff --git a/snorlax.nix b/snorlax.nix index 17b1d9e..aebad30 100644 --- a/snorlax.nix +++ b/snorlax.nix @@ -7,7 +7,6 @@ { imports = [ # Include the results of the hardware scan. - #./hardware-configuration.nix ./lib/packages.nix ./lib/server.nix ./lib/session.nix