fickit: dedicate an IP address to DNS/routing on frontend

configs/dhcpd.conf

@@ -4,11 +4,11 @@ authoritative;
 option subnet-mask 255.255.255.0;
 option broadcast-address 172.23.42.255;
 option routers 172.23.42.254;
-option domain-name-servers 9.9.9.9, 1.1.1.1;
+option domain-name-servers 172.23.42.254;
 option rfc3442-classless-static-routes code 121 = array of integer 8;
 option ms-classless-static-routes code 249 = array of integer 8;
 option rfc3442-classless-static-routes 32, 163, 5, 55, 58, 172, 23, 42, 1;
 option ms-classless-static-routes 32, 163, 5, 55, 58, 172, 23, 42, 1;
 subnet 172.23.42.0 netmask 255.255.255.0 {
-  range  172.23.42.10  172.23.42.254;
+  range  172.23.42.10  172.23.42.253;
 }

fickit-frontend.yml

@@ -42,7 +42,7 @@ onboot:
         net: /run/netns/nginx
 #  - name: frontal-ip-setup # without bonding
 #    image: linuxkit/ip:v0.6
-#    command: ["/bin/sh", "-c", "ip link set eth1 up; ip a add 172.23.42.1/24 dev eth1; ip a add 163.5.55.58/32 dev eth1; ip link add link eth1 name internet type vlan id 1; ip link set internet up;" ]
+#    command: ["/bin/sh", "-c", "ip link set eth1 up; ip a add 172.23.42.1/24 dev eth1; ip a add 172.23.42.254/24 dev eth1; ip a add 163.5.55.58/32 dev eth1; ip link add link eth1 name internet type vlan id 1; ip link set internet up;" ]
 #    net: /run/netns/nginx
 #    runtime:
 #      interfaces:
@@ -51,7 +51,7 @@ onboot:
 #        - name: eth3
   - name: frontal-ip-setup # with bonding
     image: linuxkit/ip:v0.6
-    command: ["/bin/sh", "-c", "ip link set bond-frontal up; ifenslave bond-frontal eth1 eth2 eth3; ip a add 172.23.42.1/24 dev bond-frontal; ip a add 163.5.55.58/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 1; ip link set internet up;" ]
+    command: ["/bin/sh", "-c", "ip link set bond-frontal up; ifenslave bond-frontal eth1 eth2 eth3; ip a add 172.23.42.1/24 dev bond-frontal; ip a add 172.23.42.254/24 dev bond-frontal; ip a add 163.5.55.58/32 dev bond-frontal; ip link add link bond-frontal name internet type vlan id 1; ip link set internet up;" ]
     net: /run/netns/nginx
     runtime:
       interfaces:
@@ -369,39 +369,18 @@ files:
 
   - path: etc/dhcpcd.conf
     contents: |
-      # Only configure standard external ethernet
       allowinterfaces internet
-      # Inform the DHCP server of our hostname for DDNS.
       hostname
-      # Use the hardware address of the interface for the Client ID.
       clientid
-      # or
-      # Use the same DUID + IAID as set in DHCPv6 for DHCPv4 ClientID as per RFC4361.
-      # Some non-RFC compliant DHCP servers do not reply with this set.
-      # In this case, comment out duid and enable clientid above.
-      #duid
-      # Persist interface configuration when dhcpcd exits.
       persistent
-      # Rapid commit support.
-      # Safe to enable by default because it requires the equivalent option set
-      # on the server to actually work.
       option rapid_commit
-      # A list of options to request from the DHCP server.
       option domain_name_servers, domain_name, domain_search, host_name
       option classless_static_routes
-      # Most distributions have NTP support.
-      option ntp_servers
-      # Respect the network MTU. This is applied to DHCP routes.
       option interface_mtu
-      # A ServerID is required by RFC2131.
       require dhcp_server_identifier
-      # Generate Stable Private IPv6 Addresses instead of hardware based ones
       slaac private
-      # Do not wait
       nodelay
-      # Do not arp to check IP
       noarp
-      # wait for ipv4 address
       waitip 4
     mode: "0440"
   - path: etc/unbound/unbound.d/access-control.conf