diff --git a/hw/vade/default.nix b/hw/vade/default.nix index 3dce116..9848e0c 100644 --- a/hw/vade/default.nix +++ b/hw/vade/default.nix @@ -40,34 +40,17 @@ '' ]; - # Route internal Metacircular zones to rift's CoreDNS (MCNS precursor). - # Tailscale sets ~. (catch-all) on tailscale0, which overrides global - # domain routing. We need a per-link override that takes priority. - # This systemd service runs after tailscale and adds the routing domain - # to a virtual interface that points at rift's CoreDNS. - networking.nameservers = [ - "192.168.88.181" - "100.95.252.120" - ]; - - systemd.services.mcp-dns-route = { - description = "Route mcp.metacircular.net DNS to rift CoreDNS"; - after = [ "network-online.target" "tailscaled.service" ]; - wants = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - # Tailscale sets ~. (catch-all) on tailscale0, overriding all other - # DNS routing. We replace it with specific routes: Tailscale names - # stay on Tailscale DNS, and mcp.metacircular.net goes to rift's - # CoreDNS (via the Tailscale overlay). - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - script = '' - # Add rift's CoreDNS alongside Tailscale's DNS on the tailscale0 link - ${pkgs.systemd}/bin/resolvectl dns tailscale0 100.100.100.100 100.95.252.120 - # Replace ~. with specific routing domains - ${pkgs.systemd}/bin/resolvectl domain tailscale0 ~scylla-hammerhead.ts.net ~mcp.metacircular.net - ''; + # Internal Metacircular service addresses. Tailscale's MagicDNS intercepts + # *.mcp.metacircular.net queries (via its ~. catch-all on tailscale0) and + # returns wrong IPs. Static /etc/hosts entries bypass DNS entirely. + # When MCNS becomes a full service with proper DNS integration, this can + # be replaced with split-horizon DNS configuration. + networking.hosts = { + "100.95.252.120" = [ + "metacrypt.svc.mcp.metacircular.net" + "mcr.svc.mcp.metacircular.net" + "mcp-agent.svc.mcp.metacircular.net" + "rift.mcp.metacircular.net" + ]; }; }