diff --git a/gate-traefik/make.sh b/gate-traefik/make.sh index a5143b7..4a15a85 100755 --- a/gate-traefik/make.sh +++ b/gate-traefik/make.sh @@ -89,12 +89,15 @@ fi TEMPLATE=($(ls /var/lib/vz/template/cache/alpine-3.18*.tar.xz)) +# XXX should we set the initial ip as 10.x.x.2/23, dhcp or empty??? +# --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=10.1.1.2/24,type=veth \ +# --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=10.0.0.2/24,type=veth \ OPTS_STAGE_1="\ --hostname $CTHOSTNAME \ --memory 128 \ --swap 128 \ --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,type=veth \ + --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \ --storage local-lvm \ --rootfs local-lvm:0.5 \ --unprivileged 1 \ diff --git a/gate-traefik/templates/etc/network/interfaces b/gate-traefik/templates/etc/network/interfaces index e566ee3..7a21af8 100644 --- a/gate-traefik/templates/etc/network/interfaces +++ b/gate-traefik/templates/etc/network/interfaces @@ -4,10 +4,12 @@ iface lo inet6 loopback auto lan iface lan inet dhcp + #address 10.1.1.2 hostname $(hostname) auto admin iface admin inet dhcp + #address 10.0.0.2 hostname $(hostname) auto wan diff --git a/ns/assets/etc/dnsmasq.conf b/ns/assets/etc/dnsmasq.conf index b82e84f..dd965f4 100644 --- a/ns/assets/etc/dnsmasq.conf +++ b/ns/assets/etc/dnsmasq.conf @@ -1,4 +1,6 @@ - +#---------------------------------------------------------------------- +# +#---------------------------------------------------------------------- # DNS # Never forward plain names (without a dot or domain part) @@ -10,49 +12,56 @@ resolv-file=/etc/resolv.conf local-service -listen-address=::1,127.0.0.1,10.1.1.1,10.0.0.1 +listen-address=::1,127.0.0.1,10.0.0.1,10.1.1.1 expand-hosts +domain-needed +#local=/adm/ local=/srv/ + +domain=adm,admin +domain=adm,10.0.0.0/24 + +domain=srv,lan +domain=srv,10.1.1.0/24 + domain=srv +#---------------------------------------------------------------------- # DHCP -#no-dhcp-interface=admin - +dhcp-fqdn dhcp-authoritative -#dhcp-range=192.168.1.0,static +dhcp-range=192.168.1.0,static dhcp-range=interface:admin,10.0.0.20,10.0.0.200,12h dhcp-range=interface:lan,10.1.1.20,10.1.1.200,12h -#dhcp-lease-max=150 -#dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases - - # ns address=/ns/10.0.0.1 +address=/ns/10.1.1.1 # gate address=/gate/10.0.0.2 -dhcp-option=option:router,10.0.0.2 -dhcp-option=3,10.0.0.2 +address=/gate/10.1.1.2 +dhcp-option=admin,option:router,10.0.0.2 +dhcp-option=lan,option:router,10.1.1.2 +dhcp-host=admin,gate,10.0.0.2,infinite +dhcp-host=lan,gate,10.1.1.2,infinite # pve address=/pve/10.0.0.254 -# directly routed services get specific IPs... -# NOTE: this is needed to reliably forward ports to these services. -dhcp-host=ssh,10.0.0.4,infinite -dhcp-host=wireguard,10.0.0.5,infinite - +#---------------------------------------------------------------------- # MISC # Include all files in a directory which end in .conf conf-dir=/etc/dnsmasq.d/,*.conf + +#----------------------------------------------------------------------