openwrt add ddns
This commit is contained in:
parent
ebd5523d6a
commit
d7dc93c8a9
4
.envrc
4
.envrc
@ -1,3 +1,7 @@
|
||||
if ! has nix_direnv_version || ! nix_direnv_version 2.1.0; then
|
||||
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.1.0/direnvrc" "sha256-FAT2R9yYvVg516v3LiogjIc8YfsbWbMM/itqWsm5xTA="
|
||||
fi
|
||||
|
||||
use flake
|
||||
|
||||
use_sops() {
|
||||
|
||||
@ -32,6 +32,7 @@ in {
|
||||
#- id: acme
|
||||
# algorithm: hmac-sha256
|
||||
# secret: 00000000000000000000000000000000000000000000
|
||||
#nix-shell -p knot-dns --run 'keymgr -t my_name hmac-sha256'
|
||||
sops.secrets."knot-keys.conf".owner = "knot";
|
||||
|
||||
services.knot = {
|
||||
@ -70,6 +71,10 @@ in {
|
||||
key: turingmachine
|
||||
action: update
|
||||
|
||||
- id: rauter_acl
|
||||
key: rauter
|
||||
action: update
|
||||
|
||||
- id: bernie_acl
|
||||
key: bernie
|
||||
action: update
|
||||
@ -188,6 +193,10 @@ in {
|
||||
file: "${dyndns "turingmachine.thalheim.io"}"
|
||||
template: dyndns
|
||||
acl: [ turingmachine_acl ]
|
||||
- domain: rauter.thalheim.io
|
||||
file: "${dyndns "rauter.thalheim.io"}"
|
||||
template: dyndns
|
||||
acl: [ rauter_acl ]
|
||||
- domain: _acme-challenge.thalheim.io
|
||||
file: "${acmeChallenge "thalheim.io"}"
|
||||
template: acme
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
@ 3600 IN SOA thalheim.io. root.thalheim.io. 2022032300 7200 3600 86400 3600
|
||||
@ 3600 IN SOA thalheim.io. root.thalheim.io. 2022050700 7200 3600 86400 3600
|
||||
|
||||
;;@ 3600 IN NS ns1
|
||||
@ 3600 IN NS ns2
|
||||
@ -64,6 +64,7 @@ jarvis IN NS ns2.thalheim.io.
|
||||
turingmachine IN NS ns2.thalheim.io.
|
||||
bernie IN NS ns2.thalheim.io.
|
||||
matchbox IN NS ns2.thalheim.io.
|
||||
rauter IN NS ns2.thalheim.io.
|
||||
|
||||
@ IN CAA 0 issue "letsencrypt.org"
|
||||
@ IN CAA 0 iodef "mailto:joerg.caa@thalheim.io"
|
||||
|
||||
@ -16,7 +16,7 @@ lego-knot-credentials: ENC[AES256_GCM,data:UzcCv6gJkJbo9n+pa1tabzymX661wbjSPl6Rr
|
||||
home-assistant-ldap: ENC[AES256_GCM,data:ltdF9MTlNGaChlsqinvBaHJsq+5r3A7mfakHxWaDiSI=,iv:Q9R+oxecr44b0BRGjqNG/gLkKRjoerz0AFupJ5Amis4=,tag:lnCRkyXLKa0wv281oGpkIA==,type:str]
|
||||
home-assistant-secrets.yaml: ENC[AES256_GCM,data:Dhtb+OM+Ij8FnUNzO2NtgCBBuMLWgNVQmCFD7qpv0BxPmbCG1pbWmgrtD+UumsdVxt6Wo0t6Dcn8VQRM5UMLGDRXZENJgSmkWk0gJdgpX8HsYCINFFnFbKV0WH3r87Qj8EBWsH5IQ+f8kilZrhZhfkhE5oQM9icRqX+1a50oGnjhIE2y70jgfOcvAMcFCKy4bGKqTiDgJ8tMb4DWiccSVFOrEoQoXQk6JJS8TnQZZ0yr+gnoAOU7ocEMNuK6ReADjjmL0TnDKW4IsF7GLbN3E/tdUl3MlSig5cp/r3FKrgv1tWleigaCdsSiGIU3PheYfiS4pOhRf1sUQmM3Abd++Alq201oQRhyjMjzjrlw9YQPQYA2Gte70p4vfIo+U1afYGbKPeVEA4jjrnAWCim9xF5bBWHYYRI5jw1SNQexDAHOwuDIeBVg3v6szbU0aTT+OE8I4Bx0QQjUWlBVj3UF7/0KqkMZBz4K2b5zkYRNp/EafMz67OTCndCchk+3cDA/l+vFTvEb3CTg6No9vnQ+kY9PSTc2CUy/s6+u015bEq1TqNBiz7MYFgOaRLhLC1WUmMJ1PgXF6eLkaNrf5ODibRDyFzRqBQw3DudnQ3lEAMO6ETvt/+p5uDQtKZ5lJteWRqtkuWFYC0mQxHbXuYlnlo8lxMZ3dvMrflA1mCiHIPhL3zPAKRjiCOdevJ7h3cl/r9EpkUpSn8zfzPgq+Y50PzR90xR1m6ufWuKcVZ2UQQXu26E4LyampEY1eArgIkOq6dAtuC8mCDN1Ee618PRI+Ej8m+IIYTp+,iv:Nlksuy0Myuk82dYhfvN+52NtBAa1QGu770cIs9IexBM=,tag:gtuIVrG/5Pw38Z5sLj50sQ==,type:str]
|
||||
initrd-ssh-key: ENC[AES256_GCM,data:L08Br2PyqeNCI0WhpdKiW2QOdIwC5krjsHM6AdCcHypzz1mUJOoub4wvzUX5yL9g70Ok0Sgh7HGmqcjbdXpsx1Y0Z0n6e8/wj76izaAa3dnjnklTOrYcQ7hZSVrYgvxkigryjxFk5yOQVtvJ+F8QPUxa5nG/oDmFFUylsbHNrC5K7ZUgjS8602rQf6iP8RThxJWstAVJy7Y9Cv6sMogTBhTZFhqnpb5ULWRNEWKlec7VbjCVPPO1hC9VX0/jGaOykE+fw5l27ZS66AiZ6hgt8QrQ1/6fMsSpu+BGxpA9VOiAxSjU7yeNO9wwuGo6lWMtATmE8VRclFOg8qNwAFIqHYNogwmryA/HUSC/DdMYdfk73xkw5gYC7efte49/OKLPc5Scqb1LXB1x8gpeC9B0PsLYy7CVI3c3/Y/QNO+biE63Ts56XvM6m0IxZZVh8ZlCweyvhGa2nmyCDpWPfmvJuYqHVeOa/s1e94cXTxaG2bIL06fL/lBpdP0+E90gmh6yTRNmd4/uRqAa485iJUSu1l+UG9DqoglsKXhL,iv:dm44XXW991ikrv47alyxQAoMJKDInxW6g6/onobWIt8=,tag:4CSvm7ppQeD62wJepBEujw==,type:str]
|
||||
knot-keys.conf: ENC[AES256_GCM,data:8CkOJZy0uCLMAx0cd4OM3liRlpJN94gPA8+lHBzJc2uBwfbfzrSysY7KQLWNhEoQrL0Sr/QSet2bPo+xpPqdsxSWcMprEkcDOF7Bj3zUY7ODgRFbGDnv/TQpOCKyDlc0CjUul1k3ciwj6mZcPpNQCQmNPnAe8Cxhi2AuYURvGSfMzy0r/hHezzKXG8Bdkmul6YPc/Dhl1VsdJ1l7MFas9YUxh6stZBQGSvsO/cBc2JmrlG4nat4lrHwl51vJldwd4Da0laO8GXwB9uAHE73pPTB9m2XweBlvi6WxhMiXdRz7JKSBhUj/6lbsgncu7NdO+G04V8jr3lHg/6GspZTM13W8IoDoAYzKrG+gIFRCl5q7lopLGgSvo8TUqeGH/8+AQMhAGlLczB2q9QHof5fROsl/1vTDkP/prgCI/bBn9abaQW56oB0rpzj6eyYoF8NHUR4dvr9CbpcyKzRG8h+DxmV3uxfVkqxlOFFKOUVXdxiMaxJpBdef6G5uj5lbvYcdKM5PyHQz8FUUN8B5DZEi53Z8FeM522zwnqXxK+5LYMfhpm0+p1hXvd8NB7zBpt/UB4KEejZYxTxGmlxHGDcFhLCyEZRUgYyXpXV19ORhHy0WomDmo1AXkOnR9JnwcAPaSRoYIgcPCH/0zPsXNwgxWvccsdxkWTfrJrXTcR5dd11BECrT2cjcxzcOUQkiqJDkjiiooikK4CDr3J6lQUB/4XapeP141wCDznB1R+eqa8KGyXvOir3nczi8zBUlD4FWl1MYUId2sGXYfYoc23ctDYVYx21JfUUlRjFYCzAaZLTJsx4zN1qHsbJ0aKWtZemttF31zxxNJwlTAHKzfOG8SEfDQG5fggOJdVzbWZok2zAkAGPrjLm7YSOzkr9x+rxEZm5XUAppjiY1W3HsioKDtuQa4qvigpOhhdqOQtp0tT8EBVt1vmPVBTViVKX/D4h0dPqEiAzvkec60MvCtZpoBs+BzVvGI69oh874oJWf6u5zCg2H1ryXNrRIhJAz6y/0QTQqRHW3U6y55xYT+tfe0XOE6VfXu37xo7uYoT6vTQCTHCgFO7H15wjicU5G8SuZ/FeImM4VWXGJ5/9aXrtDG7Q/KsR5bXfRFeXylHCfvRuOhVzOYHCLHfJ8nFsfyeTOeUlxTcrgdsm5SNyX/DtpyIbpDF0=,iv:khBYNtU5SLv4RP/5MSCnRuXeyGFBn9dOxpbfu7ApwXs=,tag:bu8EO5RDkkM3NrnAOIE7XA==,type:str]
|
||||
knot-keys.conf: ENC[AES256_GCM,data:HDvMFqJjdheC8MUE6Ce3gVCQNY3Ez2j0CWvMDJSWfdWiTUM9RJqwNqGn37Sj383+wbChZ/4COBQANbeG5aLyjD1ZDi03ZOuS+F4lpeS+6MoVpVN5hCJltwFGBvga5G09tKvM+YeDuS1sreZXAQjjkjGdd2mY9DIqU3z3igv5xLJH/pNGBSyLF8u1faeoIRZtXHIKKKvJmH7D20gZVP3yyPzmErbNrLOy+XgTJzByB+HDX0Y555PKg6gHfHqZq2hRIRDMsyI0nNIX4S5hFsAjafS71pAVjfoZi0c/YyqcrSxsp609aStjxYvwJboXKUlDD318TH/jMMNq8lBV0P67j/RUXQd+8IJPHnCAN21L74QA+YAiaerjZwzinTHkJXg6lokw3z9KQ8eSgK0xZmeLZuWWJmNZJsvHQk3L0s0iABDy1DONkHrHzf1Uu2LrI9to1Own8VsFiTEbYmCYiSqPybgPPfkOX4tMAgr6hzXiHvOz3qZJUvtFTysC38hb3I420HyCV+vSAcF9593Z7WNDbe1IdMsuEkMjDlJZZOODa0TDGVi3KSJeXcwWLJSgxLJVCMrcu/fMQ4RTkwRJpkCIMzSnBZLOWFeMlJxadtpAeKsZev6Uah1SXqWbAKnT5jqzds9VYI4MZq1rnDfGbAt/ZQIJv2phUycPS9icqw2X4aQSmIM2jq76mTVhNV72Btmo+pw/qWW+2axPSc7j1ckURAqh7yO2yv8Ygrvjm1xw9f/fAW1IccwYtD+t18hH8jXq3xWQP40IWilTFu+nYa92RNuzjvx/QQ1ewOwFxDilDZZRL/IZbewxY3lyxPaYPHo9lKaFBMuvTG0lR13doYt40sTGIQ0AtYe0fGUsj/3+pxbLY9hTeDIb4QxpqcDKa+Qnyl6omyJ53V0hvaBVU5uboy9wBEoVoa6w+sJ6mFFUeWzktyQYGG+3DTLxuU4cWVN2nDUkEePb4Yh9zkCmqUjcczXa4bKuLvVLRbHoFrgRZkJz6Jv9GiDw9IISjWkHoe7sf32DSRsgnyenMablA0a8Wy5aomp2ZXgRdBH17B4eVNExkC0Yl92euVtFCQfWv73omiVV9ng17XW4SXxUmXsx9PYpwCRjV2/59k4e7l7lDUuvfqYt9XwNP6G8VIg/FWE7H9+tW0DXbhmggEufQwa6LR2BkKTs+vGxNvaRK6QC4EJgxMZuE2/mruugQw0T3UlkDI3Jfticda40ZSdl/zhgUJRg/IJ3CfGRSLEKyahXp+GDn8jsNiC8QD4Y8NJ3SC0UPGynNb0nVvBHwLV+bBSVOaRMJScLRTxClvohhhwqJefJpLrlj30j7lQeGoNet1SLY1i4U0wWBKfX6NHXLeCGTR7OUd+thBX8ebh++zw/2WPMti4uLEomcvaGsM9m,iv:w2BkCwIyE1cA3iRK2CzGILuPGDle+xSLVPAsGAg9EE8=,tag:jnXfeOluyhRlDaoo3KITEA==,type:str]
|
||||
ldap-login: ENC[AES256_GCM,data:JSAMvLz0Jxtg1Cj0YcCO6BxpVq23FjGc5nG6PALocA8=,iv:8QgIU+lyTpIRs2xKcsjIcrWe+r/KNotMEr77o5XshpU=,tag:/mSftIZbx0wi38dep+JVTg==,type:str]
|
||||
nas-wakeup-password: ENC[AES256_GCM,data:hedQ6MrtmD1SlU5h9Ut1PDgEZQFUpyRlwcSg2r0G5NjHWb14cqnPAGzJmgI=,iv:A9WK/cbaRSsomgXEfwqGHpxwGvcW5Qyt9/L5ocFjpBM=,tag:XtTkym506r64tMT3XT+jVw==,type:str]
|
||||
netdata-openldap-password: ENC[AES256_GCM,data:SHYjGaKble37acenE9A8pXchOdqbcWea+cxxum8mR4gM1Oz+w/O8r7E7qxboWUFH7xBakbcnMsnPI3uvLqPlvw9AfexdyCFmHq0JFIDB5UQbBYF25kjEwocmRVL3Bc9olg==,iv:i6Vk3ARZVswwJU5RIAYQ1ynU1Sjw3ZC4MJkK1WekbuA=,tag:voSh4OWf/mTpG3uCRjCooQ==,type:str]
|
||||
@ -47,8 +47,8 @@ sops:
|
||||
THN3dDVXanA4SzR1ZjVUdXE0Q05sZFkK8hVogQAzOnNvfZW5E+ZMHXgqZk2+719J
|
||||
/cuFzNQEzrbYfrAy9zd8vVGEpM+E9HAmQq+W36AlW2BvvhcYgbqgWQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-05-01T23:13:01Z"
|
||||
mac: ENC[AES256_GCM,data:iCfH7hfC0vwPhgKx0n2wOYtobFMcpwMJdq6ucWeosHBIK4ZAgXOAeQcOPcMLeaXTRmEnZf32vJ8p9IeAK1sT1SSwbNaww6kVrrho5hLlqv0vkvJekH/dIwPpLcbQ3WWoFLe3I6WFPB5Q8IDNQCJoic4ouuvroZKy7sooHuwb0dg=,iv:eyUqQkirO3x8Rb5m6MDoMQ+r4gKFvvubFlwFUglL6yk=,tag:mEfmfSSM+wmEFZfUjcl79g==,type:str]
|
||||
lastmodified: "2022-05-07T05:25:09Z"
|
||||
mac: ENC[AES256_GCM,data:l63OUuVn/GIlytemGdBVTV6m7RHKmQOemXLdRZk53R2Yt6le7g2GAz0+ChMiYMZ59uNsxjhR7k3JlFNO53VBf3gSGUtjqTrXJ3QVQOGD/mLDZJg0kN1EutMu6plGMebe6qeYFk5k+38jtv57k8zy9/rfwhBnWIjXBPn04rtXzp4=,iv:P2jx6pqVIjvcOOccC+0Zn3eqvZAKFTT1BNlfGjerUCE=,tag:8iOrWhfy56bshJx+mXdTQQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2021-11-21T17:53:50Z"
|
||||
enc: |
|
||||
@ -71,4 +71,4 @@ sops:
|
||||
-----END PGP MESSAGE-----
|
||||
fp: C5A6167F97F68FD053571E8B04188BA1509DCDC5
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.1
|
||||
version: 3.7.2
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
{ config, ... }:
|
||||
{
|
||||
uci.settings = {
|
||||
# The block below will translate to the following uci settings:
|
||||
@ -122,6 +123,45 @@
|
||||
"prism"
|
||||
];
|
||||
};
|
||||
|
||||
ddns = let
|
||||
common = {
|
||||
_type = "service";
|
||||
enabled = "1";
|
||||
service_name = "bind-nsupdate";
|
||||
lookup_host = "rauter.thalheim.io";
|
||||
domain = "rauter.thalheim.io.";
|
||||
ip_source = "network";
|
||||
dns_server = "ns2.thalheim.io";
|
||||
use_syslog = "2";
|
||||
username = "hmac-sha256:rauter";
|
||||
password = "@tsig_key@";
|
||||
check_unit = "minutes";
|
||||
force_unit = "minutes";
|
||||
retry_unit = "seconds";
|
||||
};
|
||||
in {
|
||||
global = {
|
||||
_type = "ddns";
|
||||
ddns_dateformat = "%F %R";
|
||||
ddns_loglines = "250";
|
||||
ddns_rundir = "/var/run/ddns";
|
||||
ddns_logdir = "/var/log/ddns";
|
||||
upd_privateip = "0";
|
||||
};
|
||||
|
||||
myddns_ipv4 = common // {
|
||||
use_ipv6 = "0";
|
||||
ip_network = "wan";
|
||||
interface = "wan";
|
||||
};
|
||||
|
||||
myddns_ipv6 = common // {
|
||||
use_ipv6 = "1";
|
||||
ip_network = "wan_6";
|
||||
interface = "wan_6";
|
||||
};
|
||||
};
|
||||
};
|
||||
uci.secrets = {
|
||||
sops.files = [
|
||||
|
||||
@ -2,6 +2,7 @@ wifi_password: ENC[AES256_GCM,data:p2k3L5Qc2ZfdoM9eQy/c0PXn0W+12BgKu5M=,iv:yF1K6
|
||||
pppoe_username: ENC[AES256_GCM,data:5qBOVZyjG8bKi8kyVTbB2P2XWUoMAuexheDTmowftjr3E0fClmO3u3Sy,iv:p7+ncs/Z95wbutAOQONOrI1+s2QGWhXsoXPE+mFR7pI=,tag:KIhf621wlCs+tdOHOQK4ag==,type:str]
|
||||
pppoe_password: ENC[AES256_GCM,data:26fKI5eTnPo=,iv:zDs/cJ9LRgIN+TxoMvTcRJdELPKpi7T42ZR7m15uBjI=,tag:dfW4yqsYmeoK7ok9BlyV7Q==,type:int]
|
||||
root_password: ENC[AES256_GCM,data:uOKGxipfnbcCl00osImoBkqZ1Id+bsRiLsGZ,iv:6dvw9QDLkM1UlqOToeKgmLxi2Jw44hNyLbwiksVbC5c=,tag:bNyhKRBvFAQDf+GlsPH4/A==,type:str]
|
||||
tsig_key: ENC[AES256_GCM,data:9r06HFoKsy+24V9T/timxs8C8gyympoaNdDeh8AXWF47KWoUQ+mFNymiMWU=,iv:530Ig5m+s9mkSpW78EzKPLbRP2NC14sqp5ix7L4Xf8g=,tag:l1D5D0oL7AmcU+GLloroHQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
@ -17,8 +18,8 @@ sops:
|
||||
TWlaS04xNnV0cW1NTzNYVzEwa3luZVUKD/UgJgXzRwolCjwmHyiZX0kbXbUT3Bt0
|
||||
C3xjOQo8A1r3Mz60XqXsXdWu6IuCxpUXKdfsmqO+Fb3+yBR+7Z4xFw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-05-01T16:08:06Z"
|
||||
mac: ENC[AES256_GCM,data:DYar3ANIrL3qHd9htHoS9oag0YyYopPAEMGd4v9u3aE0lH7zGCvrizNeUREQZ+xo/+iuqIwXQySXOaTxFbCC2CEjFtbYTE7XuT9LJigtUKtLe8Y9tEYOodao7VUePFkDVKe2Dav2ZSj3j4mFI2yLhoRwbAyk5q+EHXyAoZPj+aw=,iv:P8LtqBGe1e00pQrnfDRHANDf+6QZ63L5X7zzbmBVElQ=,tag:2YHsyGY/inttPbUmGoQXfQ==,type:str]
|
||||
lastmodified: "2022-05-07T05:13:25Z"
|
||||
mac: ENC[AES256_GCM,data:q9O5Rcs/6oOctxE5ILNT72CyoPcV9qfE3R3rDhvUNmVjtHAPeMNr8PEOqwRN7EwVRUJxqd7h/MTYKLqVe0SSeeDI8uwlYDTu6/1GJmRgeuU8UxmpSUAFFf2jD9OYoP15d4Fh9uEOaCtWGpuyl92lHP3WtrTzND0VrzfQU555vdc=,iv:d054O1aNp2O40RHnTDMSrlY7Ztj4Bfg+D6iJXYjSPBs=,tag:P3Yk7rhxMvLeBoRJ5O89CA==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.2
|
||||
|
||||
Loading…
Reference in New Issue
Block a user