jahanson/vyos-config
Archived
1
0
Fork 0
Code Issues 1 Pull requests 1 Projects Releases Packages Wiki Activity

Renaming services to containers.

Browse source
This commit is contained in:
Joseph Hanson 2023-05-25 11:11:13 -05:00
parent 00e6b1492e
commit 21b1cee0bb
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
7 changed files with 88 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
config-parts/container.sh
View file

@ -1,7 +1,7 @@
#!/bin/vbash #!/bin/vbash
# Container networks # Container networks
set container network services prefix '10.5.0.0/24' set container network containers prefix '10.5.0.0/24'
# cloudflare-ddns # cloudflare-ddns
set container name cloudflare-ddns allow-host-networks set container name cloudflare-ddns allow-host-networks
@ -21,7 +21,7 @@ set container name bind cap-add 'net-bind-service'
set container name bind image 'docker.io/internetsystemsconsortium/bind9:9.19' set container name bind image 'docker.io/internetsystemsconsortium/bind9:9.19'
set container name bind command '/usr/sbin/named -4 -f -c /etc/bind/named.conf -u bind' set container name bind command '/usr/sbin/named -4 -f -c /etc/bind/named.conf -u bind'
set container name bind memory '0' set container name bind memory '0'
set container name bind network services address '10.5.0.3' set container name bind network containers address '10.5.0.3'
set container name bind restart 'on-failure' set container name bind restart 'on-failure'
set container name bind shared-memory '0' set container name bind shared-memory '0'
set container name bind volume config source '/config/containers/bind/config' set container name bind volume config source '/config/containers/bind/config'
@ -36,7 +36,7 @@ set container name dnsdist cap-add 'net-bind-service'
set container name dnsdist environment TZ value 'America/Chicago' set container name dnsdist environment TZ value 'America/Chicago'
set container name dnsdist image 'docker.io/powerdns/dnsdist-17:1.7.4' set container name dnsdist image 'docker.io/powerdns/dnsdist-17:1.7.4'
set container name dnsdist memory '0' set container name dnsdist memory '0'
set container name dnsdist network services address '10.5.0.4' set container name dnsdist network containers address '10.5.0.4'
set container name dnsdist restart 'on-failure' set container name dnsdist restart 'on-failure'
set container name dnsdist shared-memory '0' set container name dnsdist shared-memory '0'
set container name dnsdist volume config source '/config/containers/dnsdist/config/dnsdist.conf' set container name dnsdist volume config source '/config/containers/dnsdist/config/dnsdist.conf'
@ -46,7 +46,7 @@ set container name dnsdist volume config mode 'ro'
# haproxy-k8s-api # haproxy-k8s-api
set container name haproxy-k8s-api image 'docker.io/library/haproxy:2.7.8' set container name haproxy-k8s-api image 'docker.io/library/haproxy:2.7.8'
set container name haproxy-k8s-api memory '0' set container name haproxy-k8s-api memory '0'
set container name haproxy-k8s-api network services address '10.5.0.2' set container name haproxy-k8s-api network containers address '10.5.0.2'
set container name haproxy-k8s-api restart 'on-failure' set container name haproxy-k8s-api restart 'on-failure'
set container name haproxy-k8s-api shared-memory '0' set container name haproxy-k8s-api shared-memory '0'
set container name haproxy-k8s-api volume config source '/config/containers/haproxy/config/haproxy.cfg' set container name haproxy-k8s-api volume config source '/config/containers/haproxy/config/haproxy.cfg'
@ -113,7 +113,7 @@ set container name unifi environment UNIFI_STDOUT value 'true'
set container name unifi environment UNIFI_UID value '999' set container name unifi environment UNIFI_UID value '999'
set container name unifi image 'ghcr.io/jacobalberty/unifi-docker:v7.3.83' set container name unifi image 'ghcr.io/jacobalberty/unifi-docker:v7.3.83'
set container name unifi memory '0' set container name unifi memory '0'
set container name unifi network services address '10.5.0.10' set container name unifi network containers address '10.5.0.10'
set container name unifi restart 'on-failure' set container name unifi restart 'on-failure'
set container name unifi shared-memory '0' set container name unifi shared-memory '0'
set container name unifi volume data source '/config/containers/unifi' set container name unifi volume data source '/config/containers/unifi'
@ -124,7 +124,7 @@ set container name unifi volume data mode 'rw'
set container name onepassword-connect image 'docker.io/1password/connect-api:1.7.0' set container name onepassword-connect image 'docker.io/1password/connect-api:1.7.0'
set container name onepassword-connect environment TZ value 'America/Chicago' set container name onepassword-connect environment TZ value 'America/Chicago'
set container name onepassword-connect memory '0' set container name onepassword-connect memory '0'
set container name onepassword-connect network services address '10.5.0.5' set container name onepassword-connect network containers address '10.5.0.5'
set container name onepassword-connect shared-memory '0' set container name onepassword-connect shared-memory '0'
set container name onepassword-connect volume credentials source '/config/secrets/1password-credentials.json' set container name onepassword-connect volume credentials source '/config/secrets/1password-credentials.json'
set container name onepassword-connect volume credentials destination '/home/opuser/.op/1password-credentials.json' set container name onepassword-connect volume credentials destination '/home/opuser/.op/1password-credentials.json'
@ -138,7 +138,7 @@ set container name onepassword-sync image 'docker.io/1password/connect-sync:1.7.
set container name onepassword-sync environment TZ value 'America/Chicago' set container name onepassword-sync environment TZ value 'America/Chicago'
set container name onepassword-sync memory '0' set container name onepassword-sync memory '0'
set container name onepassword-sync shared-memory '0' set container name onepassword-sync shared-memory '0'
set container name onepassword-sync network services address '10.5.0.6' set container name onepassword-sync network containers address '10.5.0.6'
set container name onepassword-sync volume credentials source '/config/secrets/1password-credentials.json' set container name onepassword-sync volume credentials source '/config/secrets/1password-credentials.json'
set container name onepassword-sync volume credentials destination '/home/opuser/.op/1password-credentials.json' set container name onepassword-sync volume credentials destination '/home/opuser/.op/1password-credentials.json'
set container name onepassword-sync volume credentials mode 'ro' set container name onepassword-sync volume credentials mode 'ro'

108
config-parts/firewall-name.sh
View file

@ -38,13 +38,13 @@ set firewall name guest-servers description 'From GUEST to SERVERS'
set firewall name guest-servers enable-default-log set firewall name guest-servers enable-default-log
# From GUEST to SERVICES # From GUEST to SERVICES
set firewall name guest-services default-action 'drop' set firewall name guest-containers default-action 'drop'
set firewall name guest-services description 'From GUEST to SERVICES' set firewall name guest-containers description 'From GUEST to SERVICES'
set firewall name guest-services enable-default-log set firewall name guest-containers enable-default-log
set firewall name guest-services rule 1 action 'accept' set firewall name guest-containers rule 1 action 'accept'
set firewall name guest-services rule 1 description 'Rule: accept_dns' set firewall name guest-containers rule 1 description 'Rule: accept_dns'
set firewall name guest-services rule 1 destination port 'domain,domain-s' set firewall name guest-containers rule 1 destination port 'domain,domain-s'
set firewall name guest-services rule 1 protocol 'tcp_udp' set firewall name guest-containers rule 1 protocol 'tcp_udp'
# From GUEST to TRUSTED # From GUEST to TRUSTED
set firewall name guest-trusted default-action 'drop' set firewall name guest-trusted default-action 'drop'
@ -172,12 +172,12 @@ set firewall name iot-servers rule 10 protocol 'tcp'
set firewall name iot-servers rule 10 source group address-group 'vector_journald_allowed' set firewall name iot-servers rule 10 source group address-group 'vector_journald_allowed'
# From IOT to SERVICES # From IOT to SERVICES
set firewall name iot-services default-action 'accept' set firewall name iot-containers default-action 'accept'
set firewall name iot-services description 'From IOT to SERVICES' set firewall name iot-containers description 'From IOT to SERVICES'
set firewall name iot-services rule 1 action 'accept' set firewall name iot-containers rule 1 action 'accept'
set firewall name iot-services rule 1 description 'Rule: accept_dns' set firewall name iot-containers rule 1 description 'Rule: accept_dns'
set firewall name iot-services rule 1 destination port 'domain,domain-s' set firewall name iot-containers rule 1 destination port 'domain,domain-s'
set firewall name iot-services rule 1 protocol 'tcp_udp' set firewall name iot-containers rule 1 protocol 'tcp_udp'
# From IOT to TRUSTED # From IOT to TRUSTED
set firewall name iot-trusted default-action 'drop' set firewall name iot-trusted default-action 'drop'
@ -242,12 +242,12 @@ set firewall name lan-servers rule 1 description 'Rule: accept_icmp'
set firewall name lan-servers rule 1 protocol 'icmp' set firewall name lan-servers rule 1 protocol 'icmp'
# From LAN to SERVICES # From LAN to SERVICES
set firewall name lan-services default-action 'accept' set firewall name lan-containers default-action 'accept'
set firewall name lan-services description 'From LAN to SERVICES' set firewall name lan-containers description 'From LAN to SERVICES'
set firewall name lan-services rule 1 action 'accept' set firewall name lan-containers rule 1 action 'accept'
set firewall name lan-services rule 1 description 'Rule: accept_dns' set firewall name lan-containers rule 1 description 'Rule: accept_dns'
set firewall name lan-services rule 1 destination port 'domain,domain-s' set firewall name lan-containers rule 1 destination port 'domain,domain-s'
set firewall name lan-services rule 1 protocol 'tcp_udp' set firewall name lan-containers rule 1 protocol 'tcp_udp'
# From LAN to TRUSTED # From LAN to TRUSTED
set firewall name lan-trusted default-action 'drop' set firewall name lan-trusted default-action 'drop'
@ -314,12 +314,12 @@ set firewall name local-servers rule 4 destination port '6001'
set firewall name local-servers rule 4 protocol 'tcp' set firewall name local-servers rule 4 protocol 'tcp'
# From LOCAL to SERVICES # From LOCAL to SERVICES
set firewall name local-services default-action 'accept' set firewall name local-containers default-action 'accept'
set firewall name local-services description 'From LOCAL to SERVICES' set firewall name local-containers description 'From LOCAL to SERVICES'
set firewall name local-services rule 1 action 'accept' set firewall name local-containers rule 1 action 'accept'
set firewall name local-services rule 1 description 'Rule: accept_dns' set firewall name local-containers rule 1 description 'Rule: accept_dns'
set firewall name local-services rule 1 destination port 'domain,domain-s' set firewall name local-containers rule 1 destination port 'domain,domain-s'
set firewall name local-services rule 1 protocol 'tcp_udp' set firewall name local-containers rule 1 protocol 'tcp_udp'
# From LOCAL to TRUSTED # From LOCAL to TRUSTED
set firewall name local-trusted default-action 'drop' set firewall name local-trusted default-action 'drop'
@ -423,19 +423,25 @@ set firewall name servers-local rule 7 description 'Rule: accept_speedtest_expor
set firewall name servers-local rule 7 destination port '9798' set firewall name servers-local rule 7 destination port '9798'
set firewall name servers-local rule 7 protocol 'tcp' set firewall name servers-local rule 7 protocol 'tcp'
set firewall name servers-local rule 7 source group address-group 'k8s_nodes' set firewall name servers-local rule 7 source group address-group 'k8s_nodes'
# TODO: Needed because of MetalLB?
set firewall name servers-local rule 8 action 'accept'
set firewall name servers-local rule 8 description 'Rule: accept_bgp_2'
set firewall name servers-local rule 8 destination port '3784'
set firewall name servers-local rule 8 protocol 'udp'
set firewall name servers-local rule 8 source group address-group 'k8s_nodes'
# From SERVERS to SERVICES # From SERVERS to SERVICES
set firewall name servers-services default-action 'accept' set firewall name servers-containers default-action 'accept'
set firewall name servers-services description 'From SERVERS to SERVICES' set firewall name servers-containers description 'From SERVERS to SERVICES'
set firewall name servers-services enable-default-log set firewall name servers-containers enable-default-log
set firewall name servers-services rule 1 action 'accept' set firewall name servers-containers rule 1 action 'accept'
set firewall name servers-services rule 1 description 'Rule: accept_dns' set firewall name servers-containers rule 1 description 'Rule: accept_dns'
set firewall name servers-services rule 1 destination port 'domain,domain-s' set firewall name servers-containers rule 1 destination port 'domain,domain-s'
set firewall name servers-services rule 1 protocol 'tcp_udp' set firewall name servers-containers rule 1 protocol 'tcp_udp'
set firewall name servers-services rule 2 action 'accept' set firewall name servers-containers rule 2 action 'accept'
set firewall name servers-services rule 2 description 'Rule: accept_k8s_api' set firewall name servers-containers rule 2 description 'Rule: accept_k8s_api'
set firewall name servers-services rule 2 destination port '6443' set firewall name servers-containers rule 2 destination port '6443'
set firewall name servers-services rule 2 protocol 'tcp' set firewall name servers-containers rule 2 protocol 'tcp'
# From SERVERS to TRUSTED # From SERVERS to TRUSTED
set firewall name servers-trusted default-action 'drop' set firewall name servers-trusted default-action 'drop'
@ -596,12 +602,12 @@ set firewall name trusted-servers rule 1 description 'Rule: accept_icmp'
set firewall name trusted-servers rule 1 protocol 'icmp' set firewall name trusted-servers rule 1 protocol 'icmp'
# From TRUSTED to SERVICES # From TRUSTED to SERVICES
set firewall name trusted-services default-action 'accept' set firewall name trusted-containers default-action 'accept'
set firewall name trusted-services description 'From TRUSTED to SERVICES' set firewall name trusted-containers description 'From TRUSTED to SERVICES'
set firewall name trusted-services rule 1 action 'accept' set firewall name trusted-containers rule 1 action 'accept'
set firewall name trusted-services rule 1 description 'Rule: accept_dns' set firewall name trusted-containers rule 1 description 'Rule: accept_dns'
set firewall name trusted-services rule 1 destination port 'domain,domain-s' set firewall name trusted-containers rule 1 destination port 'domain,domain-s'
set firewall name trusted-services rule 1 protocol 'tcp_udp' set firewall name trusted-containers rule 1 protocol 'tcp_udp'
# From TRUSTED to VIDEO # From TRUSTED to VIDEO
set firewall name trusted-video default-action 'accept' set firewall name trusted-video default-action 'accept'
@ -649,12 +655,12 @@ set firewall name video-servers description 'From VIDEO to SERVERS'
set firewall name video-servers enable-default-log set firewall name video-servers enable-default-log
# From VIDEO to SERVICES # From VIDEO to SERVICES
set firewall name video-services default-action 'accept' set firewall name video-containers default-action 'accept'
set firewall name video-services description 'From VIDEO to SERVICES' set firewall name video-containers description 'From VIDEO to SERVICES'
set firewall name video-services rule 1 action 'accept' set firewall name video-containers rule 1 action 'accept'
set firewall name video-services rule 1 description 'Rule: accept_dns' set firewall name video-containers rule 1 description 'Rule: accept_dns'
set firewall name video-services rule 1 destination port 'domain,domain-s' set firewall name video-containers rule 1 destination port 'domain,domain-s'
set firewall name video-services rule 1 protocol 'tcp_udp' set firewall name video-containers rule 1 protocol 'tcp_udp'
# From VIDEO to TRUSTED # From VIDEO to TRUSTED
set firewall name video-trusted default-action 'drop' set firewall name video-trusted default-action 'drop'
@ -701,9 +707,9 @@ set firewall name wan-servers rule 10 protocol 'tcp'
set firewall name wan-servers rule 10 destination address 10.1.1.12 set firewall name wan-servers rule 10 destination address 10.1.1.12
# From WAN to SERVICES # From WAN to SERVICES
set firewall name wan-services default-action 'drop' set firewall name wan-containers default-action 'drop'
set firewall name wan-services description 'From WAN to SERVICES' set firewall name wan-containers description 'From WAN to SERVICES'
set firewall name wan-services enable-default-log set firewall name wan-containers enable-default-log
# From WAN to TRUSTED # From WAN to TRUSTED
set firewall name wan-trusted default-action 'drop' set firewall name wan-trusted default-action 'drop'

38
config-parts/firewall-zone.sh
View file

@ -5,7 +5,7 @@ set firewall zone guest from iot firewall name 'iot-guest'
set firewall zone guest from lan firewall name 'lan-guest' set firewall zone guest from lan firewall name 'lan-guest'
set firewall zone guest from local firewall name 'local-guest' set firewall zone guest from local firewall name 'local-guest'
set firewall zone guest from servers firewall name 'servers-guest' set firewall zone guest from servers firewall name 'servers-guest'
set firewall zone guest from services firewall name 'services-guest' set firewall zone guest from containers firewall name 'containers-guest'
set firewall zone guest from trusted firewall name 'trusted-guest' set firewall zone guest from trusted firewall name 'trusted-guest'
set firewall zone guest from video firewall name 'video-guest' set firewall zone guest from video firewall name 'video-guest'
set firewall zone guest from wan firewall name 'wan-guest' set firewall zone guest from wan firewall name 'wan-guest'
@ -16,7 +16,7 @@ set firewall zone iot from guest firewall name 'guest-iot'
set firewall zone iot from lan firewall name 'lan-iot' set firewall zone iot from lan firewall name 'lan-iot'
set firewall zone iot from local firewall name 'local-iot' set firewall zone iot from local firewall name 'local-iot'
set firewall zone iot from servers firewall name 'servers-iot' set firewall zone iot from servers firewall name 'servers-iot'
set firewall zone iot from services firewall name 'services-iot' set firewall zone iot from containers firewall name 'containers-iot'
set firewall zone iot from trusted firewall name 'trusted-iot' set firewall zone iot from trusted firewall name 'trusted-iot'
set firewall zone iot from video firewall name 'video-iot' set firewall zone iot from video firewall name 'video-iot'
set firewall zone iot from wan firewall name 'wan-iot' set firewall zone iot from wan firewall name 'wan-iot'
@ -27,7 +27,7 @@ set firewall zone lan from guest firewall name 'guest-lan'
set firewall zone lan from iot firewall name 'iot-lan' set firewall zone lan from iot firewall name 'iot-lan'
set firewall zone lan from local firewall name 'local-lan' set firewall zone lan from local firewall name 'local-lan'
set firewall zone lan from servers firewall name 'servers-lan' set firewall zone lan from servers firewall name 'servers-lan'
set firewall zone lan from services firewall name 'services-lan' set firewall zone lan from containers firewall name 'containers-lan'
set firewall zone lan from trusted firewall name 'trusted-lan' set firewall zone lan from trusted firewall name 'trusted-lan'
set firewall zone lan from video firewall name 'video-lan' set firewall zone lan from video firewall name 'video-lan'
set firewall zone lan from wan firewall name 'wan-lan' set firewall zone lan from wan firewall name 'wan-lan'
@ -39,7 +39,7 @@ set firewall zone local from guest firewall name 'guest-local'
set firewall zone local from iot firewall name 'iot-local' set firewall zone local from iot firewall name 'iot-local'
set firewall zone local from lan firewall name 'lan-local' set firewall zone local from lan firewall name 'lan-local'
set firewall zone local from servers firewall name 'servers-local' set firewall zone local from servers firewall name 'servers-local'
set firewall zone local from services firewall name 'services-local' set firewall zone local from containers firewall name 'containers-local'
set firewall zone local from trusted firewall name 'trusted-local' set firewall zone local from trusted firewall name 'trusted-local'
set firewall zone local from video firewall name 'video-local' set firewall zone local from video firewall name 'video-local'
set firewall zone local from wan firewall name 'wan-local' set firewall zone local from wan firewall name 'wan-local'
@ -50,23 +50,23 @@ set firewall zone servers from guest firewall name 'guest-servers'
set firewall zone servers from iot firewall name 'iot-servers' set firewall zone servers from iot firewall name 'iot-servers'
set firewall zone servers from lan firewall name 'lan-servers' set firewall zone servers from lan firewall name 'lan-servers'
set firewall zone servers from local firewall name 'local-servers' set firewall zone servers from local firewall name 'local-servers'
set firewall zone servers from services firewall name 'services-servers' set firewall zone servers from containers firewall name 'containers-servers'
set firewall zone servers from trusted firewall name 'trusted-servers' set firewall zone servers from trusted firewall name 'trusted-servers'
set firewall zone servers from video firewall name 'video-servers' set firewall zone servers from video firewall name 'video-servers'
set firewall zone servers from wan firewall name 'wan-servers' set firewall zone servers from wan firewall name 'wan-servers'
set firewall zone servers interface 'eth1.10' set firewall zone servers interface 'eth1.10'
set firewall zone services default-action 'drop' set firewall zone containers default-action 'drop'
set firewall zone services description 'VyOS services zone' set firewall zone containers description 'VyOS containers zone'
set firewall zone services from guest firewall name 'guest-services' set firewall zone containers from guest firewall name 'guest-containers'
set firewall zone services from iot firewall name 'iot-services' set firewall zone containers from iot firewall name 'iot-containers'
set firewall zone services from lan firewall name 'lan-services' set firewall zone containers from lan firewall name 'lan-containers'
set firewall zone services from local firewall name 'local-services' set firewall zone containers from local firewall name 'local-containers'
set firewall zone services from servers firewall name 'servers-services' set firewall zone containers from servers firewall name 'servers-containers'
set firewall zone services from trusted firewall name 'trusted-services' set firewall zone containers from trusted firewall name 'trusted-containers'
set firewall zone services from video firewall name 'video-services' set firewall zone containers from video firewall name 'video-containers'
set firewall zone services from wan firewall name 'wan-services' set firewall zone containers from wan firewall name 'wan-containers'
set firewall zone services interface 'pod-services' set firewall zone containers interface 'pod-containers'
set firewall zone trusted default-action 'drop' set firewall zone trusted default-action 'drop'
set firewall zone trusted from guest firewall name 'guest-trusted' set firewall zone trusted from guest firewall name 'guest-trusted'
@ -74,7 +74,7 @@ set firewall zone trusted from iot firewall name 'iot-trusted'
set firewall zone trusted from lan firewall name 'lan-trusted' set firewall zone trusted from lan firewall name 'lan-trusted'
set firewall zone trusted from local firewall name 'local-trusted' set firewall zone trusted from local firewall name 'local-trusted'
set firewall zone trusted from servers firewall name 'servers-trusted' set firewall zone trusted from servers firewall name 'servers-trusted'
set firewall zone trusted from services firewall name 'services-trusted' set firewall zone trusted from containers firewall name 'containers-trusted'
set firewall zone trusted from video firewall name 'video-trusted' set firewall zone trusted from video firewall name 'video-trusted'
set firewall zone trusted from wan firewall name 'wan-trusted' set firewall zone trusted from wan firewall name 'wan-trusted'
set firewall zone trusted interface 'eth1.20' set firewall zone trusted interface 'eth1.20'
@ -86,7 +86,7 @@ set firewall zone video from iot firewall name 'iot-video'
set firewall zone video from lan firewall name 'lan-video' set firewall zone video from lan firewall name 'lan-video'
set firewall zone video from local firewall name 'local-video' set firewall zone video from local firewall name 'local-video'
set firewall zone video from servers firewall name 'servers-video' set firewall zone video from servers firewall name 'servers-video'
set firewall zone video from services firewall name 'services-video' set firewall zone video from containers firewall name 'containers-video'
set firewall zone video from trusted firewall name 'trusted-video' set firewall zone video from trusted firewall name 'trusted-video'
set firewall zone video from wan firewall name 'wan-video' set firewall zone video from wan firewall name 'wan-video'
set firewall zone video interface 'eth1.50' set firewall zone video interface 'eth1.50'
@ -97,7 +97,7 @@ set firewall zone wan from iot firewall name 'iot-wan'
set firewall zone wan from lan firewall name 'lan-wan' set firewall zone wan from lan firewall name 'lan-wan'
set firewall zone wan from local firewall name 'local-wan' set firewall zone wan from local firewall name 'local-wan'
set firewall zone wan from servers firewall name 'servers-wan' set firewall zone wan from servers firewall name 'servers-wan'
set firewall zone wan from services firewall name 'services-wan' set firewall zone wan from containers firewall name 'containers-wan'
set firewall zone wan from trusted firewall name 'trusted-wan' set firewall zone wan from trusted firewall name 'trusted-wan'
set firewall zone wan from video firewall name 'video-wan' set firewall zone wan from video firewall name 'video-wan'
set firewall zone wan interface 'eth0' set firewall zone wan interface 'eth0'

4
config-parts/interfaces.sh
View file

@ -2,11 +2,11 @@
set interfaces ethernet eth0 address 'dhcp' set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth0 description 'WAN' set interfaces ethernet eth0 description 'WAN'
set interfaces ethernet eth0 hw-id 'a0:42:3f:2f:a9:68' set interfaces ethernet eth0 hw-id '04:42:1a:ef:35:75'
set interfaces ethernet eth1 address '10.1.0.1/24' set interfaces ethernet eth1 address '10.1.0.1/24'
set interfaces ethernet eth1 description 'LAN' set interfaces ethernet eth1 description 'LAN'
set interfaces ethernet eth1 hw-id 'a0:42:3f:2f:a9:69' set interfaces ethernet eth1 hw-id '04:42:1a:ef:35:74'
set interfaces ethernet eth1 vif 10 address '10.1.1.1/24' set interfaces ethernet eth1 vif 10 address '10.1.1.1/24'
set interfaces ethernet eth1 vif 10 description 'SERVERS' set interfaces ethernet eth1 vif 10 description 'SERVERS'
set interfaces ethernet eth1 vif 20 address '10.1.2.1/24' set interfaces ethernet eth1 vif 20 address '10.1.2.1/24'

2
containers/bind/config/named.conf
View file

@ -7,7 +7,7 @@ acl "trusted" {
10.1.4.0/24; # VIDEO 10.1.4.0/24; # VIDEO
192.168.2.0/24; # GUEST 192.168.2.0/24; # GUEST
10.0.11.0/24; # WIREGUARD 10.0.11.0/24; # WIREGUARD
10.5.0.0/24; # SERVICES 10.5.0.0/24; # CONTAINERS
}; };
options { options {

2
containers/bind/config/zones/db.hsn.dev
View file

@ -15,7 +15,7 @@ $ORIGIN hsn.dev.
; NS Records ; NS Records
@ IN NS gateway.jahanson.tech. @ IN NS gateway.jahanson.tech.
; Services ; Containers
onepassword-connect IN A 10.5.0.5 onepassword-connect IN A 10.5.0.5
; CNAME Records ; CNAME Records

2
containers/bind/config/zones/db.jahanson.tech
View file

@ -33,7 +33,7 @@ livingroom-vacuum IN A 10.1.3.18
; Video ; Video
driveway-camera IN A 10.1.4.12 driveway-camera IN A 10.1.4.12
; Services ; Containers
cluster-0 IN A 10.5.0.2 cluster-0 IN A 10.5.0.2
; CNAME records ; CNAME records