From 4c402d77a3f3c884e0bc32e3a3264bc74bdeaa4f Mon Sep 17 00:00:00 2001
From: Zen Fu <zen@systemli.org>
Date: Tue, 14 Jan 2025 11:06:15 -0300
Subject: [PATCH] add new IP address to monitor DNS from ecours

The main IP address of ecours doesn't allow for incoming UDP, so we need
to use a 2nd unfiltered one to do that.

refs tpo/tpa/team#41958
---
 hieradata/node/ecours.tails.net.yaml | 8 ++++++++
 modules/tails                        | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/hieradata/node/ecours.tails.net.yaml b/hieradata/node/ecours.tails.net.yaml
index 063c57c05..a48d0d40c 100644
--- a/hieradata/node/ecours.tails.net.yaml
+++ b/hieradata/node/ecours.tails.net.yaml
@@ -11,6 +11,14 @@ tails::profile::network::interfaces:
       broadcast: 209.51.180.255
       gateway: 209.51.180.225
       dns-nameservers: 209.51.180.254
+  'eth0:0':
+    method: static
+    ipaddress: 216.66.23.43
+    netmask: 255.255.255.224
+    options:
+      broadcast: 216.66.23.255
+      post-up: ip route add 185.52.224.15 via 216.66.23.33 dev eth0 src 216.66.23.43
+      pre-down: ip route del 185.52.224.15 via 216.66.23.33 dev eth0 src 216.66.23.43
 tails::profile::network::export_host: false
 tails::profile::apt::proxy: false
 tails::profile::base::monitoring_agent: false
diff --git a/modules/tails b/modules/tails
index 5238327b9..8100e9677 160000
--- a/modules/tails
+++ b/modules/tails
@@ -1 +1 @@
-Subproject commit 5238327b9d547d95ddca829b25d5dc25946ceb58
+Subproject commit 8100e96777982ca1cba4a2d5f59980ce1e574a1a
-- 
GitLab