search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
17.52k stars 13.7k forks source link

netclient: No support for DNS due to requiring modification of /etc/hosts #260817

Closed purepani closed 8 months ago

purepani commented 11 months ago

Describe the bug

When using netclient with a netmaker server configured with DNS, the domains are unable to populate the /etc/hosts file, rendering the feature unable to be used. This happens because the hosts file is symlinked into the nix store, and as such cannot be modified.

Steps To Reproduce

Steps to reproduce the behavior:

  1. Connect to a netmaker server with DNS enabled using netclient.
  2. Enable services.netclient and join the server.
  3. Check the journalctl logs for netclient to find issues modifying /etc/hosts due to being readonly.
  4. Try pinging one of the defined domains in netmaker, and see that the ping fails. However, when pinging the ip, it will succeed.

Expected behavior

Pinging the domain should succeed

Additional context

The service will likely need to be able to modify the hosts file dynamically in order to work correctly. I'm not sure what the solution would be in this case though.

Notify maintainers

@wexder

Metadata

Please run nix-shell -p nix-info --run "nix-info -m" and paste the result.

[user@system:~]$ nix-shell -p nix-info --run "nix-info -m"
this path will be fetched (0.00 MiB download, 0.00 MiB unpacked):
  /nix/store/wfsbr2vjijkr5nax29y83vizz36ym34a-nix-info
copying path '/nix/store/wfsbr2vjijkr5nax29y83vizz36ym34a-nix-info' from 'https://cache.nixos.org'...
 - system: `"x86_64-linux"`
 - host os: `Linux 6.1.54-rt15, NixOS, 23.11 (Tapir), 23.11pre-git`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.17.0`
 - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixos`
wexder commented 11 months ago

@purepani oh I've not been using the dns so I didn't noticed this. I can reproduce it easily, however I'm not sure how I can fix it. Will give it a shot in next couple of weeks

wexder commented 10 months ago

@purepani I don't think there's anything we can do to allow netclient to write to /etc/hosts

nazarewk commented 8 months ago

I am pretty sure this can be closed now that Netmaker abandoned the idea of using hosts file: https://github.com/gravitl/netclient/pull/655

I'm just not sure what should be configured instead.

nazarewk commented 8 months ago

Current documentation suggests pointing your client machine to the CoreDNS' IP address. I have confirmed this with Netmaker developers on Discord.

wexder commented 8 months ago

@nazarewk thanks for finding this.

nazarewk commented 8 months ago

FYI: solved DNS completely server-side without any client-side config (wired up CoreDNS as NS record) https://github.com/NixOS/nixpkgs/pull/283768#issuecomment-1912175838

Iv4nS commented 5 months ago

FYI: solved DNS completely server-side without any client-side config (wired up CoreDNS as NS record) #283768 (comment)

Hello there, would you be able to expand how or what did you do specifically?

I did 1, 2 and 3 from this: https://docs.netmaker.io/architecture.html#coredns

but where did you wire the NS record? an actual domain pointing (which one?) to the netmaker server public address or how?