35 lines
974 B
Nix
35 lines
974 B
Nix
{ config, pkgs, ... }:
|
|
{
|
|
networking.networkmanager.enable = true;
|
|
networking.extraHosts = ''
|
|
192.168.50.217 gitlab.bareksa.com
|
|
192.168.50.205 apicurio.prod.bareksa.local
|
|
192.168.3.50 kafka.dev.bareksa.local
|
|
192.168.3.109 redpanda.dev.bareksa.local kafka-console.dev.bareksa.local
|
|
192.168.50.102 kafka1.prod.bareksa.local
|
|
192.168.50.103 kafka2.prod.bareksa.local
|
|
192.168.50.104 kafka3.prod.bareksa.local
|
|
'';
|
|
networking.firewall =
|
|
let
|
|
cfg = config.profile.networking.firewall;
|
|
in
|
|
{
|
|
enable = cfg.enable;
|
|
allowedTCPPorts = cfg.allowedTCPPorts;
|
|
allowedUDPPorts = [ 53 ];
|
|
};
|
|
|
|
services.resolved = {
|
|
enable = true;
|
|
};
|
|
|
|
environment.etc."systemd/resolved.conf.d/10-bareksa.conf".source = (pkgs.formats.ini { }).generate "10-bareksa.conf" {
|
|
Resolve = {
|
|
# This dns server is only available when VPN is connected.
|
|
DNS = "192.168.3.215";
|
|
Domains = "~bareksa.local";
|
|
};
|
|
};
|
|
}
|