Add some services to darkstar

2 files changed, 48 insertions, 0 deletions

diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix
index 4d9dbff..19d15a0 100644
--- a/hosts/darkstar/default.nix
+++ b/hosts/darkstar/default.nix
@@ -25,6 +25,7 @@
 
   imports = [
     ./hardware-configuration.nix
+    ./services.nix
     ../common/core
     #../common/optional/db.nix
     #../common/optional/dev.nix
diff --git a/hosts/darkstar/services.nix b/hosts/darkstar/services.nix
new file mode 100644
index 0000000..90face3
--- /dev/null
+++ b/hosts/darkstar/services.nix
@@ -0,0 +1,47 @@
+{
+  services.chrony = {
+    enable = true;
+    extraConfig = ''
+      local stratum 3
+      binddevice enp116s0
+      allow 192.168.1/24
+      server time.cloudflare.com iburst nts
+    '';
+  };
+
+  services.unbound = {
+    enable = true;
+    settings = {
+      server = {
+        access-control = [
+          "0.0.0.0/0 refuse"
+          "127.0.0.0/8 allow"
+          "::0/0 refuse"
+          "::1 allow"
+          "192.168.1.0/24 allow"
+        ];
+        hide-identity = true;
+        hide-version = true;
+        interface = [
+          "lo"
+          "enp116s0"
+        ];
+        local-data = [
+          "\"darkstar.bitgnome.net. IN A 192.168.1.1\""
+          "\"arrakis.bitgnome.net. IN A 192.168.1.2\""
+          "\"ginaz.bitgnome.net. IN A 192.168.1.17\""
+          "\"ginaz.bitgnome.net. IN A 192.168.1.17\""
+        ];
+        local-data-ptr = [
+          "\"192.168.1.1 darkstar.bitgnome.net\""
+          "\"192.168.1.2 arrakis.bitgnome.net\""
+          "\"192.168.1.17 ginaz.bitgnome.net\""
+        ];
+        local-zone = [
+          "\"bitgnome.net.\" transparent"
+          "\"1.168.192.in-addr.arpa.\" static"
+        ];
+      };
+    };
+  };
+}