redeploy
This commit is contained in:
Daniel Router
parent
201f49e750
commit
6674150b7c
12 changed files with 29 additions and 33 deletions
0
.gitignore
vendored
Normal file → Executable file
0
.gitignore
vendored
Normal file → Executable file
2
dhcpcd.conf
Normal file → Executable file
2
dhcpcd.conf
Normal file → Executable file
|
|
@ -25,4 +25,4 @@ interface wan0
|
|||
interface lan0
|
||||
static ip_address=10.0.0.1/8
|
||||
static routers=10.0.0.1
|
||||
static domain_name_servers=10.0.0.1 8.8.8.8 8.8.4.4
|
||||
static domain_name_servers=1.1.1.1 1.0.0.1
|
||||
|
|
|
|||
38
dnsmasq.conf
Normal file → Executable file
38
dnsmasq.conf
Normal file → Executable file
|
|
@ -11,37 +11,31 @@ dhcp-range=tag:lan0,::1,constructor:lan0,ra-names,12h
|
|||
local=/h.lyte.dev/
|
||||
|
||||
dhcp-host=dragon,10.0.0.10,12h
|
||||
dhcp-host=faceless,10.0.0.210,12h
|
||||
dhcp-host=chromebox,10.0.0.5,12h
|
||||
dhcp-host=mnemonic,10.0.0.248,ea:1b:7a:fb:8b:b8,12h
|
||||
dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m
|
||||
# dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m
|
||||
|
||||
dhcp-host=velop1,10.0.0.49,24:f5:a2:b0:86:2e,120m
|
||||
dhcp-host=velop-kitchen,10.0.0.139,24:f5:a2:b0:8b:3e,120m
|
||||
dhcp-host=velop-upstairs,10.0.0.137,30:23:03:97:1c:43,120m
|
||||
address=/video.lyte.dev/10.0.0.5
|
||||
address=/git.lyte.dev/10.0.0.5
|
||||
address=/bw.lyte.dev/10.0.0.5
|
||||
address=/.h.lyte.dev/10.0.0.5
|
||||
|
||||
# k8s nodes
|
||||
dhcp-host=bald,10.0.0.244,d0:50:99:26:89:86,120m # formerly: ourcraft
|
||||
dhcp-host=chromebox,10.0.0.138,b4:a9:fc:17:86:a5,120m
|
||||
dhcp-host=datto1,10.0.0.81,78:f2:9e:91:44:c9,120m
|
||||
|
||||
address=/.h.lyte.dev/10.0.0.210
|
||||
|
||||
dhcp-host=AMC058BA_A75F1E,10.0.0.241,12h
|
||||
dhcp-host=AMC0587F_A2969A,10.0.0.103,12h
|
||||
dhcp-host=AMC058BA_A75F1E,10.0.0.150,12h
|
||||
dhcp-host=AMC0587F_A2969A,10.0.0.151,12h
|
||||
|
||||
# dhcp-host=kubeworker3,d0:50:99:26:89:86,ourcraft,10.0.0.244,120m
|
||||
|
||||
# address=/dragon.h.lyte.dev/10.0.0.10
|
||||
# address=/git.lyte.dev/10.0.0.210
|
||||
# address=/h.lyte.dev/10.0.0.210
|
||||
# address=/a.lyte.dev/10.0.0.210
|
||||
# address=/bw.lyte.dev/10.0.0.210
|
||||
# address=/files.lyte.dev/10.0.0.210
|
||||
# address=/grafana.h.lyte.dev/10.0.0.210
|
||||
# address=/git.lyte.dev/10.0.0.5
|
||||
# address=/h.lyte.dev/10.0.0.5
|
||||
# address=/a.lyte.dev/10.0.0.5
|
||||
# address=/bw.lyte.dev/10.0.0.5
|
||||
# address=/files.lyte.dev/10.0.0.5
|
||||
# address=/grafana.h.lyte.dev/10.0.0.5
|
||||
# address=/ourcraft.lyte.dev/10.0.0.244
|
||||
|
||||
server=8.8.8.8
|
||||
server=8.8.4.4
|
||||
server=1.1.1.1
|
||||
server=1.0.0.1
|
||||
|
||||
expand-hosts
|
||||
|
||||
|
|
|
|||
0
etc-hosts
Normal file → Executable file
0
etc-hosts
Normal file → Executable file
2
install.sh
Normal file → Executable file
2
install.sh
Normal file → Executable file
|
|
@ -1,4 +1,4 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
# install base packages from dotfiles first
|
||||
pacman -S dnsmasq nftables fail2ban radvd mkinitcpio
|
||||
pacman -S --needed dnsmasq nftables fail2ban radvd git dhcpcd
|
||||
|
|
|
|||
1
lan0.link
Normal file → Executable file
1
lan0.link
Normal file → Executable file
|
|
@ -3,3 +3,4 @@ MACAddress=00:01:2e:82:73:5a
|
|||
|
||||
[Link]
|
||||
Name=lan0
|
||||
|
||||
|
|
|
|||
|
|
@ -32,6 +32,6 @@ recopy wan0.link /etc/systemd/network/10-wan0.link
|
|||
recopy dhcpcd.conf /etc/dhcpcd.conf
|
||||
|
||||
# hosts file
|
||||
recopy ./etc-hosts /etc/hblock/header
|
||||
recopy ./etc-hosts /etc/hosts
|
||||
# recopy ./etc-hosts /etc/hblock/header
|
||||
# recopy ./etc-hosts /etc/hosts
|
||||
# hblock # temporary disable hblock because Val loves ads
|
||||
|
|
|
|||
10
nftables.conf
Normal file → Executable file
10
nftables.conf
Normal file → Executable file
|
|
@ -47,9 +47,9 @@ table ip nat {
|
|||
type nat hook prerouting priority dstnat + 1; policy accept;
|
||||
fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport
|
||||
|
||||
# faceless
|
||||
iifname $WAN tcp dport { 443, 80, 22, 8008, 8448 } dnat to 10.0.0.210
|
||||
iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210
|
||||
# chromebox
|
||||
iifname $WAN tcp dport { 443, 80, 22, 8008, 8448 } dnat to 10.0.0.5
|
||||
iifname $WAN udp dport 60010-60019 dnat to 10.0.0.5
|
||||
|
||||
# dragon
|
||||
# iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10
|
||||
|
|
@ -65,8 +65,8 @@ table ip nat {
|
|||
iifname $WAN tcp dport { 8022 } dnat to 10.0.0.248
|
||||
|
||||
# ourcraft
|
||||
iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.10
|
||||
iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.10
|
||||
iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100
|
||||
iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100
|
||||
}
|
||||
|
||||
chain output {
|
||||
|
|
|
|||
5
readme.md
Normal file → Executable file
5
readme.md
Normal file → Executable file
|
|
@ -5,7 +5,7 @@ Yeah yeah I need to document this better.
|
|||
|
||||
With a fresh Arch Linux system:
|
||||
|
||||
- Install base packages as from dotfiles (plus ones used below)
|
||||
- Install needed packages via `./install.sh`
|
||||
- Run `./link.fish` script
|
||||
- Enable and restart the following services:
|
||||
- `nftables`
|
||||
|
|
@ -13,7 +13,8 @@ With a fresh Arch Linux system:
|
|||
- `systemd-resolved`
|
||||
- `systemd-networkd`
|
||||
- `dnsmasq`
|
||||
- `dhcpcd`
|
||||
- `dhcpcd@lan0`
|
||||
- `dhcpcd@wan0`
|
||||
- Run `mkinitcpio -p linux`
|
||||
- Add any needed hosts to `/etc/hosts`
|
||||
- May be use dnsmasq's `addn-hosts` directive and copy a file from this repo
|
||||
|
|
|
|||
0
resolved.conf
Normal file → Executable file
0
resolved.conf
Normal file → Executable file
0
sysctl-configs
Normal file → Executable file
0
sysctl-configs
Normal file → Executable file
0
wan0.link
Normal file → Executable file
0
wan0.link
Normal file → Executable file
Loading…
Reference in a new issue