feat(whitby): Hardcode Google DNS servers

The Hetzner DNS servers were unhappy after today's Cloudflare outage, and that broke some of our builds - this wouldn't have happened with Google DNS! Change-Id: Ib74c6de9526e739f55d4a9830d945ece35b72138 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1259 Tested-by: BuildkiteCI Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-17 23:25:20 +01:00 · 2020-07-17 23:25:20 +01:00 · 67f0fbfcea
commit 67f0fbfcea
parent 8138621b11
1 changed files with 18 additions and 2 deletions
--- a/ops/nixos/whitby/default.nix
+++ b/ops/nixos/whitby/default.nix
@ -12,7 +12,7 @@ let
    mkdir -p $out/bin
    ln -s ${depot.ops.besadii}/bin/besadii $out/bin/post-command
  '';
-in {
+in lib.fix(self: {
  inherit depot;
  imports = [
    "${depot.depotPath}/ops/nixos/clbot.nix"
@ -106,9 +106,16 @@ in {
    # Glass is boring, but Luke doesn't like Wapping - the Prospect of
    # Whitby, however, is quite a pleasant establishment.
    hostName = "whitby";
+    domain = "tvl.fyi";
    hostId = "b38ca543";
    useDHCP = false;

+    # Don't use Hetzner's DNS servers.
+    nameservers = [
+      "8.8.8.8"
+      "8.8.4.4"
+    ];
+
    defaultGateway6 = {
      address = "fe80::1";
      interface = "enp196s0";
@ -125,6 +132,15 @@ in {
    ];
  };

+  # Generate an immutable /etc/resolv.conf from the nameserver settings
+  # above (otherwise DHCP overwrites it):
+  environment.etc."resolv.conf" = with lib; {
+    source = depot.third_party.writeText "resolv.conf" ''
+      ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)}
+      options edns0
+    '';
+  };
+
  time.timeZone = "UTC";

  nix = {
@ -298,4 +314,4 @@ in {
  };

  system.stateVersion = "20.03";
-}
+})