diff --git a/.gitignore b/.gitignore old mode 100644 new mode 100755 diff --git a/dhcpcd.conf b/dhcpcd.conf old mode 100644 new mode 100755 index a7043f0..77b1186 --- a/dhcpcd.conf +++ b/dhcpcd.conf @@ -25,4 +25,4 @@ interface wan0 interface lan0 static ip_address=10.0.0.1/8 static routers=10.0.0.1 - static domain_name_servers=10.0.0.1 8.8.8.8 8.8.4.4 + static domain_name_servers=1.1.1.1 1.0.0.1 diff --git a/dnsmasq.conf b/dnsmasq.conf old mode 100644 new mode 100755 index 3d7bdc1..6bafdea --- a/dnsmasq.conf +++ b/dnsmasq.conf @@ -11,37 +11,31 @@ dhcp-range=tag:lan0,::1,constructor:lan0,ra-names,12h local=/h.lyte.dev/ dhcp-host=dragon,10.0.0.10,12h -dhcp-host=faceless,10.0.0.210,12h +dhcp-host=chromebox,10.0.0.5,12h dhcp-host=mnemonic,10.0.0.248,ea:1b:7a:fb:8b:b8,12h -dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m +# dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m -dhcp-host=velop1,10.0.0.49,24:f5:a2:b0:86:2e,120m -dhcp-host=velop-kitchen,10.0.0.139,24:f5:a2:b0:8b:3e,120m -dhcp-host=velop-upstairs,10.0.0.137,30:23:03:97:1c:43,120m +address=/video.lyte.dev/10.0.0.5 +address=/git.lyte.dev/10.0.0.5 +address=/bw.lyte.dev/10.0.0.5 +address=/.h.lyte.dev/10.0.0.5 -# k8s nodes -dhcp-host=bald,10.0.0.244,d0:50:99:26:89:86,120m # formerly: ourcraft -dhcp-host=chromebox,10.0.0.138,b4:a9:fc:17:86:a5,120m -dhcp-host=datto1,10.0.0.81,78:f2:9e:91:44:c9,120m - -address=/.h.lyte.dev/10.0.0.210 - -dhcp-host=AMC058BA_A75F1E,10.0.0.241,12h -dhcp-host=AMC0587F_A2969A,10.0.0.103,12h +dhcp-host=AMC058BA_A75F1E,10.0.0.150,12h +dhcp-host=AMC0587F_A2969A,10.0.0.151,12h # dhcp-host=kubeworker3,d0:50:99:26:89:86,ourcraft,10.0.0.244,120m # address=/dragon.h.lyte.dev/10.0.0.10 -# address=/git.lyte.dev/10.0.0.210 -# address=/h.lyte.dev/10.0.0.210 -# address=/a.lyte.dev/10.0.0.210 -# address=/bw.lyte.dev/10.0.0.210 -# address=/files.lyte.dev/10.0.0.210 -# address=/grafana.h.lyte.dev/10.0.0.210 +# address=/git.lyte.dev/10.0.0.5 +# address=/h.lyte.dev/10.0.0.5 +# address=/a.lyte.dev/10.0.0.5 +# address=/bw.lyte.dev/10.0.0.5 +# address=/files.lyte.dev/10.0.0.5 +# address=/grafana.h.lyte.dev/10.0.0.5 # address=/ourcraft.lyte.dev/10.0.0.244 -server=8.8.8.8 -server=8.8.4.4 +server=1.1.1.1 +server=1.0.0.1 expand-hosts diff --git a/etc-hosts b/etc-hosts old mode 100644 new mode 100755 diff --git a/install.sh b/install.sh old mode 100644 new mode 100755 index 149aded..4f858b1 --- a/install.sh +++ b/install.sh @@ -1,4 +1,4 @@ #!/usr/bin/env sh # install base packages from dotfiles first -pacman -S dnsmasq nftables fail2ban radvd mkinitcpio +pacman -S --needed dnsmasq nftables fail2ban radvd git dhcpcd diff --git a/lan0.link b/lan0.link old mode 100644 new mode 100755 index f010fe6..cb4934f --- a/lan0.link +++ b/lan0.link @@ -3,3 +3,4 @@ MACAddress=00:01:2e:82:73:5a [Link] Name=lan0 + diff --git a/link.fish b/link.fish index 27ef132..e9bf156 100755 --- a/link.fish +++ b/link.fish @@ -32,6 +32,6 @@ recopy wan0.link /etc/systemd/network/10-wan0.link recopy dhcpcd.conf /etc/dhcpcd.conf # hosts file -recopy ./etc-hosts /etc/hblock/header -recopy ./etc-hosts /etc/hosts +# recopy ./etc-hosts /etc/hblock/header +# recopy ./etc-hosts /etc/hosts # hblock # temporary disable hblock because Val loves ads diff --git a/nftables.conf b/nftables.conf old mode 100644 new mode 100755 index 460a806..cccea63 --- a/nftables.conf +++ b/nftables.conf @@ -47,9 +47,9 @@ table ip nat { type nat hook prerouting priority dstnat + 1; policy accept; fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport - # faceless - iifname $WAN tcp dport { 443, 80, 22, 8008, 8448 } dnat to 10.0.0.210 - iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210 + # chromebox + iifname $WAN tcp dport { 443, 80, 22, 8008, 8448 } dnat to 10.0.0.5 + iifname $WAN udp dport 60010-60019 dnat to 10.0.0.5 # dragon # iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10 @@ -65,8 +65,8 @@ table ip nat { iifname $WAN tcp dport { 8022 } dnat to 10.0.0.248 # ourcraft - iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.10 - iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.10 + iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100 + iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100 } chain output { diff --git a/readme.md b/readme.md old mode 100644 new mode 100755 index 4093b8a..c0ee295 --- a/readme.md +++ b/readme.md @@ -5,7 +5,7 @@ Yeah yeah I need to document this better. With a fresh Arch Linux system: -- Install base packages as from dotfiles (plus ones used below) +- Install needed packages via `./install.sh` - Run `./link.fish` script - Enable and restart the following services: - `nftables` @@ -13,7 +13,8 @@ With a fresh Arch Linux system: - `systemd-resolved` - `systemd-networkd` - `dnsmasq` - - `dhcpcd` + - `dhcpcd@lan0` + - `dhcpcd@wan0` - Run `mkinitcpio -p linux` - Add any needed hosts to `/etc/hosts` - May be use dnsmasq's `addn-hosts` directive and copy a file from this repo diff --git a/resolved.conf b/resolved.conf old mode 100644 new mode 100755 diff --git a/sysctl-configs b/sysctl-configs old mode 100644 new mode 100755 diff --git a/wan0.link b/wan0.link old mode 100644 new mode 100755