fix: Don't use tailscale DNS for physical servers

fix: Don't do rolling updates for pihole
chore: Update flake inputs
This commit is contained in:
Pim Kunis 2024-07-30 20:33:07 +02:00
parent 8067d9a301
commit 6794fce2a2
3 changed files with 31 additions and 21 deletions

View file

@ -50,11 +50,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1720661479, "lastModified": 1722217815,
"narHash": "sha256-nsGgA14vVn0GGiqEfomtVgviRJCuSR3UEopfP8ixW1I=", "narHash": "sha256-8r5AJ3n8WEDw3rsZLALSuFQ5kJyWOcssNZvPxYLr2yc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "786965e1b1ed3fd2018d78399984f461e2a44689", "rev": "1e6f8a7b4634fc051cc9361959bf414fcf17e094",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -347,11 +347,11 @@
"poetry2nix": "poetry2nix" "poetry2nix": "poetry2nix"
}, },
"locked": { "locked": {
"lastModified": 1720746402, "lastModified": 1722301678,
"narHash": "sha256-+dGh0ruRbwZLymQQkvK1iqgg7J6gRp4wHxa8OqsNUlU=", "narHash": "sha256-dlsJGdLiXGgBSr/7Y+invyY/9+jJsFF6UkUpD7WMXRM=",
"owner": "farcaller", "owner": "farcaller",
"repo": "nixhelm", "repo": "nixhelm",
"rev": "6fbf227d6b6b17e14a50c84ae66e9541306d4c98", "rev": "5a983d9da254b178ac5b689405fb5b179815ef91",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -362,11 +362,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1720737798, "lastModified": 1722332872,
"narHash": "sha256-G/OtEAts7ZUvW5lrGMXSb8HqRp2Jr9I7reBuvCOL54w=", "narHash": "sha256-2xLM4sc5QBfi0U/AANJAW21Bj4ZX479MHPMPkB+eKBU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "c5013aa7ce2c7ec90acee5d965d950c8348db751", "rev": "14c333162ba53c02853add87a0000cbd7aa230c2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -394,11 +394,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1720282526, "lastModified": 1721524707,
"narHash": "sha256-dudRkHPRivMNOhd04YI+v4sWvn2SnN5ODSPIu5IVbco=", "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "550ac3e955c30fe96dd8b2223e37e0f5d225c927", "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -410,11 +410,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1720687749, "lastModified": 1722141560,
"narHash": "sha256-nqJ+iK/zyqCJ/YShqCpZ2cJKE1UtjZIEUWLUFZqvxcA=", "narHash": "sha256-Ul3rIdesWaiW56PS/Ak3UlJdkwBrD4UcagCmXZR9Z7Y=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6af55cb91ca2005516b9562f707bb99c8f79bf77", "rev": "038fb464fcfa79b4f08131b07f2d8c9a6bcc4160",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -426,11 +426,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1720691131, "lastModified": 1722221733,
"narHash": "sha256-CWT+KN8aTPyMIx8P303gsVxUnkinIz0a/Cmasz1jyIM=", "narHash": "sha256-sga9SrrPb+pQJxG1ttJfMPheZvDOxApFfwXCFO0H9xw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a046c1202e11b62cbede5385ba64908feb7bfac4", "rev": "12bf09802d77264e441f48e25459c10c93eada2e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -489,11 +489,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1720479166, "lastModified": 1722114803,
"narHash": "sha256-jqvhLDXzTLTHq9ZviFOpcTmXXmnbLfz7mWhgMNipMN4=", "narHash": "sha256-s6YhI8UHwQvO4cIFLwl1wZ1eS5Cuuw7ld2VzUchdFP0=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "67035a355b1d52d2d238501f8cc1a18706979760", "rev": "eb34eb588132d653e4c4925d862f1e5a227cc2ab",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -5,6 +5,15 @@
deployments.pihole.spec = { deployments.pihole.spec = {
selector.matchLabels.app = "pihole"; selector.matchLabels.app = "pihole";
strategy = {
type = "RollingUpdate";
rollingUpdate = {
maxSurge = 0;
maxUnavailable = 1;
};
};
template = { template = {
metadata.labels.app = "pihole"; metadata.labels.app = "pihole";

View file

@ -18,6 +18,7 @@ in
openFirewall = true; openFirewall = true;
extraUpFlags = [ extraUpFlags = [
"--accept-dns=false"
"--hostname=${config.networking.hostName}" "--hostname=${config.networking.hostName}"
] ++ lib.lists.optional cfg.advertiseExitNode "--advertise-exit-node" ] ++ lib.lists.optional cfg.advertiseExitNode "--advertise-exit-node"
++ lib.lists.optional cfg.advertiseExitNode "--advertise-routes=192.168.30.0/24"; ++ lib.lists.optional cfg.advertiseExitNode "--advertise-routes=192.168.30.0/24";