From 627a4c9d4ed38a84c1ba721d5c5f44cfa2c2eeb4 Mon Sep 17 00:00:00 2001 From: Lionel Date: Fri, 2 Jan 2026 01:20:01 +0100 Subject: [PATCH] Auto-sync Fri 2 Jan 01:20:01 CET 2026 --- configs/annecy-dns/dnsmasq.conf | 34 +++++++++++++++++++++ configs/annecy-dns/docker-compose.yml | 14 +++++++++ docs/infra/network.md | 43 +++++++++++++++++++++++++++ sync.log | 5 ++++ 4 files changed, 96 insertions(+) create mode 100644 configs/annecy-dns/dnsmasq.conf create mode 100644 configs/annecy-dns/docker-compose.yml diff --git a/configs/annecy-dns/dnsmasq.conf b/configs/annecy-dns/dnsmasq.conf new file mode 100644 index 0000000..b3ba86c --- /dev/null +++ b/configs/annecy-dns/dnsmasq.conf @@ -0,0 +1,34 @@ +# DNSMASQ SECONDAIRE - ANNECY +# Slave de Talloires pour redondance DNS + +# === Machines Tailscale === +address=/talloires/100.116.198.105 +address=/annecy/100.69.227.96 +address=/olympou/100.125.242.58 +address=/pentamodi/100.78.237.78 +address=/perce/100.69.7.78 + +# === Machines LAN === +address=/talloires.lan/10.171.171.7 +address=/annecy.lan/10.171.171.50 +address=/theseus.lan/10.171.171.1 + +# === Wildcard services Talloires === +address=/.talloires.local/100.116.198.105 + +# === Go-links === +address=/go/100.116.198.105 + +# === Bind explicite sur IP LAN (requis pour Synology OVS) === +listen-address=10.171.171.50,10.171.171.51,127.0.0.1 +bind-interfaces +port=53 + +# === Upstream DNS === +server=10.171.171.7#53 +server=1.1.1.1 +server=8.8.8.8 + +cache-size=1000 +log-queries +log-facility=- diff --git a/configs/annecy-dns/docker-compose.yml b/configs/annecy-dns/docker-compose.yml new file mode 100644 index 0000000..296ec98 --- /dev/null +++ b/configs/annecy-dns/docker-compose.yml @@ -0,0 +1,14 @@ +# DNS Secondaire pour Annecy (Synology) +# Déployer: sudo docker compose up -d + +services: + dnsmasq: + image: andyshinn/dnsmasq:latest + container_name: dnsmasq + restart: unless-stopped + network_mode: host + cap_add: + - NET_ADMIN + volumes: + - ./dnsmasq.conf:/etc/dnsmasq.conf:ro + command: ["--log-facility=-", "--log-queries"] diff --git a/docs/infra/network.md b/docs/infra/network.md index bb5d92a..387eb70 100644 --- a/docs/infra/network.md +++ b/docs/infra/network.md @@ -112,3 +112,46 @@ docker exec transmission curl -s ifconfig.me # IP locale curl -s ifconfig.me ``` + +## DNS Redondant + +### Architecture + +``` +┌─────────────────────┐ ┌─────────────────────┐ +│ Talloires │ │ Annecy │ +│ dnsmasq (primaire) │ │ dnsmasq (slave) │ +│ 100.116.198.105:53 │◄────│ 10.171.171.50:53 │ +└─────────────────────┘ └─────────────────────┘ + │ │ + └───────────┬───────────────┘ + ▼ + Upstream DNS + (1.1.1.1, 8.8.8.8) +``` + +### Talloires (Primaire) +- **IP**: 100.116.198.105 (Tailscale) +- **Config**: `/etc/dnsmasq.d/tailscale.conf` +- **Upstream**: AdGuard DoH via cloudflared (127.0.0.1:5053) + +### Annecy (Secondaire) +- **IP**: 10.171.171.50 (LAN) +- **Config**: `/volume1/docker/dnsmasq/dnsmasq.conf` +- **Container**: `andyshinn/dnsmasq` (Docker, network_mode: host) +- **Upstream**: Talloires, puis 1.1.1.1 / 8.8.8.8 + +### Test +```bash +# Depuis le LAN +dig @10.171.171.50 talloires.local +short +dig @10.171.171.50 go +short + +# Depuis Tailscale +dig @100.116.198.105 talloires.local +short +``` + +### Configuration client +Pour utiliser les deux DNS en failover, configurer : +- DNS primaire: 10.171.171.50 (Annecy - LAN) +- DNS secondaire: 10.171.171.7 (Talloires - si LAN listen activé) diff --git a/sync.log b/sync.log index f2a8bcc..9f26edd 100644 --- a/sync.log +++ b/sync.log @@ -148,3 +148,8 @@ Fri 2 Jan 01:05:02 CET 2026: Triggered MkDocs rebuild Fri 2 Jan 01:10:01 CET 2026: Pushed local changes to Gitea mkdocs Fri 2 Jan 01:10:01 CET 2026: Triggered MkDocs rebuild +[main 12b3048] Auto-sync Fri 2 Jan 01:15:01 CET 2026 + 1 file changed, 5 insertions(+) +Fri 2 Jan 01:15:01 CET 2026: Pushed local changes to Gitea +mkdocs +Fri 2 Jan 01:15:01 CET 2026: Triggered MkDocs rebuild