From 0025511b6a179e7d364d6f8f13ed97524393f615 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Sat, 23 May 2026 08:53:52 +0000 Subject: [PATCH] =?UTF-8?q?docs:=20Technitium=20DNS=20IP=20=E2=80=94=2010.?= =?UTF-8?q?0.20.101=20=E2=86=92=2010.0.20.201?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Stragglers from the same drift as commit b288a59 (monorepo) / the 2026-05-22 viktorbarzin.me apex incident — the `.101` references were left over from the NodePort exposure era. Technitium's actual MetalLB LB IP is `.201` (in pool 10.0.20.200-220). - architecture/vpn.md — Technitium component cell + AdGuard forwarder example + nslookup troubleshooting hint - architecture/networking.md — 502 ingress troubleshooting snippet - plans/2026-02-22-talos-linux-migration-evaluation.md — nameservers example --- docs/architecture/networking.md | 2 +- docs/architecture/vpn.md | 6 +++--- docs/plans/2026-02-22-talos-linux-migration-evaluation.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/architecture/networking.md b/docs/architecture/networking.md index 68834017..7a5e8aed 100644 --- a/docs/architecture/networking.md +++ b/docs/architecture/networking.md @@ -416,7 +416,7 @@ Containerd on all K8s nodes uses `hosts.toml` to redirect pulls to the local cac ### Ingress Returns 502 Bad Gateway -**Symptoms**: Cloudflared tunnel is up, Traefik logs show `dial tcp: lookup on 10.0.20.101:53: no such host`. +**Symptoms**: Cloudflared tunnel is up, Traefik logs show `dial tcp: lookup on 10.0.20.201:53: no such host`. **Diagnosis**: DNS resolution failed. Check: 1. Is Technitium pod running? `kubectl get pod -n technitium` diff --git a/docs/architecture/vpn.md b/docs/architecture/vpn.md index 5d2f22ad..82491f99 100644 --- a/docs/architecture/vpn.md +++ b/docs/architecture/vpn.md @@ -86,7 +86,7 @@ sequenceDiagram | Authentik | OIDC provider | K8s | SSO authentication for Headscale | | DERP Relay | Embedded in Headscale | K8s (region 999) | Relay for NAT traversal | | AdGuard DNS | Container | K8s | Global DNS resolver with ad-blocking | -| Technitium DNS | Container | K8s (10.0.20.101) | Internal .lan domain resolver | +| Technitium DNS | Container | K8s (10.0.20.201) | Internal .lan domain resolver | ## How It Works @@ -224,7 +224,7 @@ dns_config: - Google: `8.8.8.8`, `8.8.4.4` **Conditional forwarding**: -- `viktorbarzin.lan` → `10.0.20.101` (Technitium) +- `viktorbarzin.lan` → `10.0.20.201` (Technitium) **Ad-blocking lists**: - AdGuard DNS filter @@ -377,7 +377,7 @@ dns_config: **Steps**: 1. Verify AdGuard is running: `kubectl get pod -n adguard` 2. Check AdGuard conditional forwarding: Query AdGuard directly: `nslookup nextcloud.viktorbarzin.lan ` -3. Check Technitium: `nslookup nextcloud.viktorbarzin.lan 10.0.20.101` +3. Check Technitium: `nslookup nextcloud.viktorbarzin.lan 10.0.20.201` **Common causes**: 1. **AdGuard not forwarding .lan**: Conditional forwarding rule missing or misconfigured. diff --git a/docs/plans/2026-02-22-talos-linux-migration-evaluation.md b/docs/plans/2026-02-22-talos-linux-migration-evaluation.md index 699a8762..87afe1fb 100644 --- a/docs/plans/2026-02-22-talos-linux-migration-evaluation.md +++ b/docs/plans/2026-02-22-talos-linux-migration-evaluation.md @@ -106,7 +106,7 @@ machine: - network: 0.0.0.0/0 gateway: 10.0.20.1 nameservers: - - 10.0.20.101 # Technitium + - 10.0.20.201 # Technitium - 1.1.1.1 registries: mirrors: