Skynet/nixos
7
1
Fork 0
Code Issues 45 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Update file dns.nix

Browse source
This commit is contained in:
pio 2023-10-19 15:20:54 +00:00
parent 75a886b461
commit 1718aebf6f
1 changed files with 29 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

45
applications/dns.nix
View file

@ -60,7 +60,7 @@
@ NS ns1.${domain}.
@ NS ns2.${domain}.
; @ stands for teh root domain so teh A record below is where ${domain} points to
; @ stands for the root domain so the A record below is where ${domain} points to
;@ A 193.1.99.76
;@ MX 5 ${domain}.
@ -128,7 +128,7 @@
''
);
# domains we dont have proper ownship over, only here to ensure the logs dont get cluttered.
# domains we dont have proper ownership over, only here to ensure the logs dont get cluttered.
get_config_file_old_domains = (
domain: ''
$TTL 60 ; 1 minute
@ -148,7 +148,7 @@
''
);
# arrys of teh two nameservers
# arrys of the two nameservers
tmp1 = ["193.1.99.109"];
tmp2 = ["193.1.99.120"];
@ -171,10 +171,10 @@
else []
);
# small function to tidy up the spam of the cache networks, would use teh subnet except all external traffic has the ip of teh router
# small function to tidy up the spam of the cache networks, would use the subnet except all external traffic has the ip of the router
create_cache_networks = map (x: "193.1.99.${toString x}/32") (lib.lists.range 71 126);
# standard function to create the etc file, pass in the text and domain and it makes it
# standard function to create the file in /etc/ ; pass in the text and domain and the function creates that file
create_entry_etc_sub = domain: text: {
# Creates /etc/skynet/dns/domain
"skynet/dns/${domain}" = {
@ -189,7 +189,7 @@
};
# (text.owned "csn.ul.ie")
# standard function to create the etc file, pass in the text and domain and it makes it
# standard function to create the file in /etc/ ; pass in the text and domain and the function creates that file
create_entry_etc = domain: type:
if type == "owned"
then create_entry_etc_sub domain (text.owned domain)
@ -206,7 +206,7 @@
// for bumping the config
// ${current_date}
'';
# really wish teh nixos config didnt use master/slave
# really wish the nixos config didnt use master/slave
master = cfg.server.primary;
masters = primaries;
slaves = secondaries;
@ -249,7 +249,7 @@
if builtins.hasAttr "skynet_dns" value.config
then
(
# got to handle habing a dns record for the dns serves themselves.
# got to handle having a dns record for the dns serves themselves.
if details_server.enable
then
(
@ -314,7 +314,7 @@ in {
};
records = lib.mkOption {
description = "Records, sorted based on therir type";
description = "Records, sorted based on type";
type = with lib.types;
listOf (submodule {
options = {
@ -390,13 +390,26 @@ in {
# set the upstream dns servers
# overrides the default dns servers
# (pio - recommending HEANet and (Quad9 Filtered or quad9 Unfiltered) instead of Cloudflare and Google.)
# Google could stop DNS service at any time, and Cloudflare use your data..
forwarders = [
# Cloudflare
"1.1.1.1"
# Google
"8.8.8.8"
# Quad9
"9.9.9.9"
# HEANet - ns.heanet.ie / auth-ns2.heanet.ie / auth-ns3.heanet.ie
#
"193.1.193.194"
# "193.1.247.198"
# "5.196.22.225"
# Quad9 - malware/phish filtered, has DNSSEC validation. Pri / sec, then their IPV6 servers
# https://dns.quad9.net/dns-query
# "9.9.9.9"
# "149.112.112.112"
# # "2620:fe::11
# # "2620:fe::fe:11"
# Quad9 unfiltered, no DNSSEC validation. Pri / sec, then their IPV6 servers
# https://dns10.quad9.net/dns-query
"9.9.9.10"
"149.112.112.10"
# # "2620:fe::10"
# # "2620:fe::fe:10"
];
cacheNetworks =
@ -421,7 +434,7 @@ in {
};
systemd.services.bind = {
# deletes teh journal files evey start so it no longer stalls out
# deletes the journal files evey start so it no longer stalls out
preStart = ''
rm -vf /etc/skynet/dns/*.jnl
rm -vf /etc/skynet/dns/*.jbk