WAN and VPN requests are served by local port 1053 and `wan.uninsane.org`. LAN requests are served by port 53 and `servo.lan.uninsane.org`. i'm not *super* fond of this. a recursive resolver of uninsane.org via the VPN will only ever get WAN addresses (broken). we may prefer to do IP-based responses, maybe via the same Linux firewall rules that forward from VPN namespace to root namespace |
||
---|---|---|
.. | ||
by-name | ||
common | ||
modules | ||
instantiate.nix | ||
README.md |
directory structure
- by-name/: configuration which is evaluated only for the given hostname
- common/: configuration which applies to all hosts
- modules/: nixpkgs-style modules which may be used by multiple hosts, but configured separately per host.
- ideally no module here has effect unless
enable
d- however,
enable
may default to true - and in practice some of these modules surely aren't fully "disableable"
- however,
- ideally no module here has effect unless