Migration ZeroTier → Tailscale: URLs .talloires.local, ajout doc réseau (dnsmasq, cloudflared, AdGuard DoH)
This commit is contained in:
92
docs/config/network.md
Normal file
92
docs/config/network.md
Normal file
@@ -0,0 +1,92 @@
|
||||
# Architecture Réseau
|
||||
|
||||
## Vue d'ensemble
|
||||
|
||||
Tous les appareils Tailscale utilisent Talloires comme serveur DNS.
|
||||
|
||||
- `go` et `*.talloires.local` → résolus localement par dnsmasq
|
||||
- Autres requêtes → cloudflared → AdGuard DoH (filtrage pub/tracking)
|
||||
|
||||
## Composants
|
||||
|
||||
### Tailscale
|
||||
|
||||
VPN mesh reliant tous les appareils.
|
||||
|
||||
| Machine | IP Tailscale | OS |
|
||||
|---------|--------------|-----|
|
||||
| talloires | 100.116.198.105 | Raspberry Pi 5 (Debian) |
|
||||
| annecy | 100.118.210.128 | Synology DS620slim |
|
||||
| olympou | 100.125.242.58 | macOS |
|
||||
| pentamodi | 100.78.237.78 | iOS |
|
||||
| perce | 100.69.7.78 | tvOS (Apple TV) |
|
||||
|
||||
**Tailnet:** tailfd281f.ts.net
|
||||
|
||||
### dnsmasq
|
||||
|
||||
Serveur DNS local sur Talloires.
|
||||
|
||||
**Config:** `/etc/dnsmasq.d/tailscale.conf`
|
||||
|
||||
```ini
|
||||
address=/.talloires.tailfd281f.ts.net/100.116.198.105
|
||||
address=/.talloires.local/100.116.198.105
|
||||
address=/go/100.116.198.105
|
||||
listen-address=127.0.0.1,100.116.198.105
|
||||
bind-dynamic
|
||||
server=127.0.0.1#5053
|
||||
no-resolv
|
||||
```
|
||||
|
||||
**Commandes:**
|
||||
|
||||
```bash
|
||||
sudo systemctl status dnsmasq
|
||||
sudo systemctl restart dnsmasq
|
||||
sudo journalctl -u dnsmasq -f
|
||||
```
|
||||
|
||||
### cloudflared
|
||||
|
||||
Proxy DNS-over-HTTPS vers AdGuard DNS.
|
||||
|
||||
**Config:** `/etc/cloudflared/config.yml`
|
||||
|
||||
**Commandes:**
|
||||
|
||||
```bash
|
||||
sudo systemctl status cloudflared-dns
|
||||
sudo systemctl restart cloudflared-dns
|
||||
sudo journalctl -u cloudflared-dns -f
|
||||
```
|
||||
|
||||
## Configuration Tailscale Admin
|
||||
|
||||
Dans Tailscale Admin Console, DNS, Nameservers :
|
||||
|
||||
- **Global nameserver:** 100.116.198.105 (Talloires)
|
||||
- **Override local DNS:** activé
|
||||
|
||||
## Domaines
|
||||
|
||||
| Domaine | Usage |
|
||||
|---------|-------|
|
||||
| `*.talloires.local` | Services sur Talloires (recommandé) |
|
||||
| `go` | Raccourcis Shlink |
|
||||
|
||||
## Dépannage
|
||||
|
||||
### Test résolution DNS
|
||||
|
||||
```bash
|
||||
nslookup go 100.116.198.105
|
||||
nslookup docs.talloires.local 100.116.198.105
|
||||
nslookup google.com 100.116.198.105
|
||||
```
|
||||
|
||||
### Cache DNS macOS
|
||||
|
||||
```bash
|
||||
sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder
|
||||
```
|
||||
Reference in New Issue
Block a user