Chris Toph
8999806111
- Remove static host mappings from networking config - Add reverse proxy settings for multiple subdomains - Introduce DNSMASQ configuration with custom DNS records and firewall rules - Update firewall UDP port settings and system stateVersion
65 lines
1.5 KiB
Nix
65 lines
1.5 KiB
Nix
{
|
|
services.dnsmasq = {
|
|
enable = true;
|
|
settings = {
|
|
# Listen on eth0 for external clients and lo for local host
|
|
interface = [
|
|
"eth0"
|
|
"lo"
|
|
];
|
|
|
|
no-hosts = true;
|
|
no-resolv = true;
|
|
|
|
server = [
|
|
"104.40.3.1" # Query openWRT first for non-ryot.foo domains
|
|
"1.1.1.1" # Fallback public DNS
|
|
"1.0.0.1" # Fallback public DNS
|
|
"8.8.8.8" # Fallback public DNS
|
|
];
|
|
|
|
address = [
|
|
|
|
## CLOUD ##
|
|
"/drive.ryot.foo/104.40.3.24"
|
|
|
|
## PROXY ##
|
|
"/cloudflared.ryot.foo/104.40.3.34"
|
|
"/ochre.ryot.foo/104.40.3.34"
|
|
"/pve.ryot.foo/104.40.3.34"
|
|
"/wrt.ryot.foo/104.40.3.34"
|
|
|
|
## KOMO ##
|
|
"/auth.ryot.foo/104.40.3.44"
|
|
"/frp.ryot.foo/104.40.3.44"
|
|
"/git.ryot.foo/104.40.3.44"
|
|
"/grafana.ryot.foo/104.40.3.44"
|
|
"/home.ryot.foo/104.40.3.44"
|
|
"/influx.ryot.foo/104.40.3.44"
|
|
"/komodo.ryot.foo/104.40.3.44"
|
|
"/mail.ryot.foo/104.40.3.44"
|
|
"/map.ryot.foo/104.40.3.44"
|
|
"/outline.ryot.foo/104.40.3.44"
|
|
"/plane.ryot.foo/104.40.3.44"
|
|
|
|
## SOCK ##
|
|
"/upsnap.ryot.foo/104.40.3.54"
|
|
"/sock.ryot.foo/104.40.3.54"
|
|
|
|
];
|
|
|
|
cache-size = 1000;
|
|
|
|
# Log queries for debugging (optional)'
|
|
# log-queries = true;
|
|
};
|
|
};
|
|
|
|
networking = {
|
|
# Open DNS port in firewall
|
|
firewall = {
|
|
allowedTCPPorts = [ 53 ];
|
|
allowedUDPPorts = [ 53 ];
|
|
};
|
|
};
|
|
}
|