add mast route to box

2024-10-25 16:15:05 -07:00
parent 3c3236cd2d
commit 8d2f747337
4 changed files with 94 additions and 87 deletions
@@ -3,13 +3,12 @@ let
  adblockLocalZones = pkgs.stdenv.mkDerivation {
    name = "unbound-zones-adblock";

-    src = (pkgs.fetchFromGitHub
-      {
-        owner = "StevenBlack";
-        repo = "hosts";
-        rev = "3.12.21";
-        sha256 = "Yzr6PY/zqQE+AHH0J6ioHTsgkikM+dz4aelbGpQJa1s=";
-      } + "/hosts");
+    src = (pkgs.fetchFromGitHub {
+      owner = "StevenBlack";
+      repo = "hosts";
+      rev = "3.12.21";
+      sha256 = "Yzr6PY/zqQE+AHH0J6ioHTsgkikM+dz4aelbGpQJa1s=";
+    } + "/hosts");

    phases = [ "installPhase" ];

@@ -19,7 +18,7 @@ let
  };

  mossnet = "192.168.1.240"; # The local lan-ip for box
-  wg-mossnet = "10.0.69.4";  # The wireguard ip for box
+  wg-mossnet = "10.0.69.4"; # The wireguard ip for box
  mossnet-hosts = [
    "mossnet.lan"
    "headphones.mossnet.lan"
@@ -40,10 +39,10 @@ let
    "grasp.mossnet.lan"
    "photos.mossnet.lan"
    "pod.mossnet.lan"
+    "mast.mossnet.lan"
  ];

-in
-{
+in {
  services.unbound = {
    enable = true;
    settings = {
@@ -55,7 +54,8 @@ in
        cache-min-ttl = 0;
        serve-expired = "yes";
        interface = [ "0.0.0.0" ];
-        access-control = [ "127.0.0.0/8 allow" "192.168.1.0/24 allow" "10.0.69.0/24 allow" ];
+        access-control =
+          [ "127.0.0.0/8 allow" "192.168.1.0/24 allow" "10.0.69.0/24 allow" ];
        access-control-view = "10.0.69.0/24 wireguard";
        # so-reuseport = "yes";
        tls-upstream = "yes";
@@ -65,7 +65,10 @@ in
      };
      forward-zone = [{
        name = ".";
-        forward-addr = [ "45.90.28.0#6939b9.dns.nextdns.io" "1.1.1.1@853#cloudflare-dns.com" ];
+        forward-addr = [
+          "45.90.28.0#6939b9.dns.nextdns.io"
+          "1.1.1.1@853#cloudflare-dns.com"
+        ];
        # non-tls
        # forward-addr = ["45.90.30.49" "45.90.28.49" "1.1.1.1" "8.8.8.8"] 
      }];