diff --git a/systems/resolv-dns.noc.eh22.intern/system.nix b/systems/resolv-dns.noc.eh22.intern/system.nix
index c6fa428..b70e327 100644
--- a/systems/resolv-dns.noc.eh22.intern/system.nix
+++ b/systems/resolv-dns.noc.eh22.intern/system.nix
@@ -3,6 +3,17 @@
lib,
...
}:
+let
+ renameLink = macAddr: newName: {
+ matchConfig = {
+ MACAddress = macAddr;
+ Type = "ether";
+ };
+ linkConfig = {
+ Name = newName;
+ };
+ };
+in
{
imports = [ ];
@@ -10,15 +21,31 @@
networking.useDHCP = false;
systemd.network = {
enable = true;
+ links = {
+ "10-ethMgmt" = renameLink "BC:24:11:61:E3:D9" "ethMgmt";
+ "10-ethPubUser" = renameLink "BC:24:11:AD:52:B1" "ethPubUsr";
+ };
networks = {
"10-mgmtNet" = {
- matchConfig.MACAddress = "BC:24:11:61:E3:D9";
+ matchConfig.Name = "ethMgmt";
address = [ "10.20.25.5/24" ];
gateway = [ "10.20.25.2" ];
};
+ "10-pubUsr" = {
+ matchConfig.Name = "ethPubUsr";
+ address = [ "10.0.0.2/24" ];
+ gateway = [ "10.0.0.1" ];
+ };
};
};
+ # configure remaining network to work
+ services.resolved.enable = false;
+ networking.firewall = {
+ allowedTCPPorts = [ 53 ];
+ allowedUDPPorts = [ 53 ];
+ };
+
# enable knot resolv server
# ref: https://search.nüschtos.de/?query=services.kresd
# https://www.knot-resolver.cz/documentation/stable/
diff --git a/systems/sketchy-router.noc.eh22.intern.nix b/systems/sketchy-router.noc.eh22.intern.nix
index f178809..c5db4c5 100644
--- a/systems/sketchy-router.noc.eh22.intern.nix
+++ b/systems/sketchy-router.noc.eh22.intern.nix
@@ -76,6 +76,7 @@ in
authoritative = true;
shared-networks = [
{
+ # management network
name = "mgmtNet";
interface = "ethMgmt";
option-data = [
@@ -102,6 +103,7 @@ in
}
{
+ # public user network (only temporary setup)
name = "tempPublicUser";
interface = "ethPubUsr";
option-data = [