This commit is contained in:
Daniel Router 2023-04-04 04:57:43 +00:00
parent 201f49e750
commit 6674150b7c
12 changed files with 29 additions and 33 deletions

0
.gitignore vendored Normal file → Executable file
View file

2
dhcpcd.conf Normal file → Executable file
View file

@ -25,4 +25,4 @@ interface wan0
interface lan0 interface lan0
static ip_address=10.0.0.1/8 static ip_address=10.0.0.1/8
static routers=10.0.0.1 static routers=10.0.0.1
static domain_name_servers=10.0.0.1 8.8.8.8 8.8.4.4 static domain_name_servers=1.1.1.1 1.0.0.1

38
dnsmasq.conf Normal file → Executable file
View file

@ -11,37 +11,31 @@ dhcp-range=tag:lan0,::1,constructor:lan0,ra-names,12h
local=/h.lyte.dev/ local=/h.lyte.dev/
dhcp-host=dragon,10.0.0.10,12h dhcp-host=dragon,10.0.0.10,12h
dhcp-host=faceless,10.0.0.210,12h dhcp-host=chromebox,10.0.0.5,12h
dhcp-host=mnemonic,10.0.0.248,ea:1b:7a:fb:8b:b8,12h dhcp-host=mnemonic,10.0.0.248,ea:1b:7a:fb:8b:b8,12h
dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m # dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m
dhcp-host=velop1,10.0.0.49,24:f5:a2:b0:86:2e,120m address=/video.lyte.dev/10.0.0.5
dhcp-host=velop-kitchen,10.0.0.139,24:f5:a2:b0:8b:3e,120m address=/git.lyte.dev/10.0.0.5
dhcp-host=velop-upstairs,10.0.0.137,30:23:03:97:1c:43,120m address=/bw.lyte.dev/10.0.0.5
address=/.h.lyte.dev/10.0.0.5
# k8s nodes dhcp-host=AMC058BA_A75F1E,10.0.0.150,12h
dhcp-host=bald,10.0.0.244,d0:50:99:26:89:86,120m # formerly: ourcraft dhcp-host=AMC0587F_A2969A,10.0.0.151,12h
dhcp-host=chromebox,10.0.0.138,b4:a9:fc:17:86:a5,120m
dhcp-host=datto1,10.0.0.81,78:f2:9e:91:44:c9,120m
address=/.h.lyte.dev/10.0.0.210
dhcp-host=AMC058BA_A75F1E,10.0.0.241,12h
dhcp-host=AMC0587F_A2969A,10.0.0.103,12h
# dhcp-host=kubeworker3,d0:50:99:26:89:86,ourcraft,10.0.0.244,120m # dhcp-host=kubeworker3,d0:50:99:26:89:86,ourcraft,10.0.0.244,120m
# address=/dragon.h.lyte.dev/10.0.0.10 # address=/dragon.h.lyte.dev/10.0.0.10
# address=/git.lyte.dev/10.0.0.210 # address=/git.lyte.dev/10.0.0.5
# address=/h.lyte.dev/10.0.0.210 # address=/h.lyte.dev/10.0.0.5
# address=/a.lyte.dev/10.0.0.210 # address=/a.lyte.dev/10.0.0.5
# address=/bw.lyte.dev/10.0.0.210 # address=/bw.lyte.dev/10.0.0.5
# address=/files.lyte.dev/10.0.0.210 # address=/files.lyte.dev/10.0.0.5
# address=/grafana.h.lyte.dev/10.0.0.210 # address=/grafana.h.lyte.dev/10.0.0.5
# address=/ourcraft.lyte.dev/10.0.0.244 # address=/ourcraft.lyte.dev/10.0.0.244
server=8.8.8.8 server=1.1.1.1
server=8.8.4.4 server=1.0.0.1
expand-hosts expand-hosts

0
etc-hosts Normal file → Executable file
View file

2
install.sh Normal file → Executable file
View file

@ -1,4 +1,4 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# install base packages from dotfiles first # install base packages from dotfiles first
pacman -S dnsmasq nftables fail2ban radvd mkinitcpio pacman -S --needed dnsmasq nftables fail2ban radvd git dhcpcd

1
lan0.link Normal file → Executable file
View file

@ -3,3 +3,4 @@ MACAddress=00:01:2e:82:73:5a
[Link] [Link]
Name=lan0 Name=lan0

View file

@ -32,6 +32,6 @@ recopy wan0.link /etc/systemd/network/10-wan0.link
recopy dhcpcd.conf /etc/dhcpcd.conf recopy dhcpcd.conf /etc/dhcpcd.conf
# hosts file # hosts file
recopy ./etc-hosts /etc/hblock/header # recopy ./etc-hosts /etc/hblock/header
recopy ./etc-hosts /etc/hosts # recopy ./etc-hosts /etc/hosts
# hblock # temporary disable hblock because Val loves ads # hblock # temporary disable hblock because Val loves ads

10
nftables.conf Normal file → Executable file
View file

@ -47,9 +47,9 @@ table ip nat {
type nat hook prerouting priority dstnat + 1; policy accept; type nat hook prerouting priority dstnat + 1; policy accept;
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
# faceless # chromebox
iifname $WAN tcp dport { 443, 80, 22, 8008, 8448 } dnat to 10.0.0.210 iifname $WAN tcp dport { 443, 80, 22, 8008, 8448 } dnat to 10.0.0.5
iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210 iifname $WAN udp dport 60010-60019 dnat to 10.0.0.5
# dragon # dragon
# iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10 # iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10
@ -65,8 +65,8 @@ table ip nat {
iifname $WAN tcp dport { 8022 } dnat to 10.0.0.248 iifname $WAN tcp dport { 8022 } dnat to 10.0.0.248
# ourcraft # ourcraft
iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.10 iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100
iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.10 iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100
} }
chain output { chain output {

5
readme.md Normal file → Executable file
View file

@ -5,7 +5,7 @@ Yeah yeah I need to document this better.
With a fresh Arch Linux system: With a fresh Arch Linux system:
- Install base packages as from dotfiles (plus ones used below) - Install needed packages via `./install.sh`
- Run `./link.fish` script - Run `./link.fish` script
- Enable and restart the following services: - Enable and restart the following services:
- `nftables` - `nftables`
@ -13,7 +13,8 @@ With a fresh Arch Linux system:
- `systemd-resolved` - `systemd-resolved`
- `systemd-networkd` - `systemd-networkd`
- `dnsmasq` - `dnsmasq`
- `dhcpcd` - `dhcpcd@lan0`
- `dhcpcd@wan0`
- Run `mkinitcpio -p linux` - Run `mkinitcpio -p linux`
- Add any needed hosts to `/etc/hosts` - Add any needed hosts to `/etc/hosts`
- May be use dnsmasq's `addn-hosts` directive and copy a file from this repo - May be use dnsmasq's `addn-hosts` directive and copy a file from this repo

0
resolved.conf Normal file → Executable file
View file

0
sysctl-configs Normal file → Executable file
View file

0
wan0.link Normal file → Executable file
View file