rift: allow port 53 for CoreDNS, vade: use rift as DNS

rift: sysctl to allow rootless containers to bind port 53, open firewall for DNS queries from LAN clients. vade: point nameservers at rift (LAN + Tailscale) for internal service resolution via CoreDNS (MCNS precursor). Falls back to 1.1.1.1/8.8.8.8 via systemd-resolved. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 19:19:02 -07:00
parent b49b7ca2e3
commit eecb3973b1
2 changed files with 12 additions and 0 deletions
--- a/hw/vade/default.nix
+++ b/hw/vade/default.nix
@@ -38,4 +38,10 @@
      Driver "libinput"
    ''
  ];
+
+  # Use rift's CoreDNS (MCNS precursor) for internal service resolution.
+  networking.nameservers = [
+    "192.168.88.181"
+    "100.95.252.120"
+  ];
 }