Update file dns.nix
This commit is contained in:
parent
75a886b461
commit
1718aebf6f
1 changed files with 29 additions and 16 deletions
|
|
@ -60,7 +60,7 @@
|
||||||
|
|
||||||
@ NS ns1.${domain}.
|
@ NS ns1.${domain}.
|
||||||
@ NS ns2.${domain}.
|
@ NS ns2.${domain}.
|
||||||
; @ stands for teh root domain so teh A record below is where ${domain} points to
|
; @ stands for the root domain so the A record below is where ${domain} points to
|
||||||
;@ A 193.1.99.76
|
;@ A 193.1.99.76
|
||||||
;@ MX 5 ${domain}.
|
;@ MX 5 ${domain}.
|
||||||
|
|
||||||
|
|
@ -128,7 +128,7 @@
|
||||||
''
|
''
|
||||||
);
|
);
|
||||||
|
|
||||||
# domains we dont have proper ownship over, only here to ensure the logs dont get cluttered.
|
# domains we dont have proper ownership over, only here to ensure the logs dont get cluttered.
|
||||||
get_config_file_old_domains = (
|
get_config_file_old_domains = (
|
||||||
domain: ''
|
domain: ''
|
||||||
$TTL 60 ; 1 minute
|
$TTL 60 ; 1 minute
|
||||||
|
|
@ -148,7 +148,7 @@
|
||||||
''
|
''
|
||||||
);
|
);
|
||||||
|
|
||||||
# arrys of teh two nameservers
|
# arrys of the two nameservers
|
||||||
tmp1 = ["193.1.99.109"];
|
tmp1 = ["193.1.99.109"];
|
||||||
tmp2 = ["193.1.99.120"];
|
tmp2 = ["193.1.99.120"];
|
||||||
|
|
||||||
|
|
@ -171,10 +171,10 @@
|
||||||
else []
|
else []
|
||||||
);
|
);
|
||||||
|
|
||||||
# small function to tidy up the spam of the cache networks, would use teh subnet except all external traffic has the ip of teh router
|
# small function to tidy up the spam of the cache networks, would use the subnet except all external traffic has the ip of the router
|
||||||
create_cache_networks = map (x: "193.1.99.${toString x}/32") (lib.lists.range 71 126);
|
create_cache_networks = map (x: "193.1.99.${toString x}/32") (lib.lists.range 71 126);
|
||||||
|
|
||||||
# standard function to create the etc file, pass in the text and domain and it makes it
|
# standard function to create the file in /etc/ ; pass in the text and domain and the function creates that file
|
||||||
create_entry_etc_sub = domain: text: {
|
create_entry_etc_sub = domain: text: {
|
||||||
# Creates /etc/skynet/dns/domain
|
# Creates /etc/skynet/dns/domain
|
||||||
"skynet/dns/${domain}" = {
|
"skynet/dns/${domain}" = {
|
||||||
|
|
@ -189,7 +189,7 @@
|
||||||
};
|
};
|
||||||
# (text.owned "csn.ul.ie")
|
# (text.owned "csn.ul.ie")
|
||||||
|
|
||||||
# standard function to create the etc file, pass in the text and domain and it makes it
|
# standard function to create the file in /etc/ ; pass in the text and domain and the function creates that file
|
||||||
create_entry_etc = domain: type:
|
create_entry_etc = domain: type:
|
||||||
if type == "owned"
|
if type == "owned"
|
||||||
then create_entry_etc_sub domain (text.owned domain)
|
then create_entry_etc_sub domain (text.owned domain)
|
||||||
|
|
@ -206,7 +206,7 @@
|
||||||
// for bumping the config
|
// for bumping the config
|
||||||
// ${current_date}
|
// ${current_date}
|
||||||
'';
|
'';
|
||||||
# really wish teh nixos config didnt use master/slave
|
# really wish the nixos config didnt use master/slave
|
||||||
master = cfg.server.primary;
|
master = cfg.server.primary;
|
||||||
masters = primaries;
|
masters = primaries;
|
||||||
slaves = secondaries;
|
slaves = secondaries;
|
||||||
|
|
@ -249,7 +249,7 @@
|
||||||
if builtins.hasAttr "skynet_dns" value.config
|
if builtins.hasAttr "skynet_dns" value.config
|
||||||
then
|
then
|
||||||
(
|
(
|
||||||
# got to handle habing a dns record for the dns serves themselves.
|
# got to handle having a dns record for the dns serves themselves.
|
||||||
if details_server.enable
|
if details_server.enable
|
||||||
then
|
then
|
||||||
(
|
(
|
||||||
|
|
@ -314,7 +314,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
records = lib.mkOption {
|
records = lib.mkOption {
|
||||||
description = "Records, sorted based on therir type";
|
description = "Records, sorted based on type";
|
||||||
type = with lib.types;
|
type = with lib.types;
|
||||||
listOf (submodule {
|
listOf (submodule {
|
||||||
options = {
|
options = {
|
||||||
|
|
@ -390,13 +390,26 @@ in {
|
||||||
|
|
||||||
# set the upstream dns servers
|
# set the upstream dns servers
|
||||||
# overrides the default dns servers
|
# overrides the default dns servers
|
||||||
|
# (pio - recommending HEANet and (Quad9 Filtered or quad9 Unfiltered) instead of Cloudflare and Google.)
|
||||||
|
# Google could stop DNS service at any time, and Cloudflare use your data..
|
||||||
forwarders = [
|
forwarders = [
|
||||||
# Cloudflare
|
# HEANet - ns.heanet.ie / auth-ns2.heanet.ie / auth-ns3.heanet.ie
|
||||||
"1.1.1.1"
|
#
|
||||||
# Google
|
"193.1.193.194"
|
||||||
"8.8.8.8"
|
# "193.1.247.198"
|
||||||
# Quad9
|
# "5.196.22.225"
|
||||||
"9.9.9.9"
|
# Quad9 - malware/phish filtered, has DNSSEC validation. Pri / sec, then their IPV6 servers
|
||||||
|
# https://dns.quad9.net/dns-query
|
||||||
|
# "9.9.9.9"
|
||||||
|
# "149.112.112.112"
|
||||||
|
# # "2620:fe::11
|
||||||
|
# # "2620:fe::fe:11"
|
||||||
|
# Quad9 unfiltered, no DNSSEC validation. Pri / sec, then their IPV6 servers
|
||||||
|
# https://dns10.quad9.net/dns-query
|
||||||
|
"9.9.9.10"
|
||||||
|
"149.112.112.10"
|
||||||
|
# # "2620:fe::10"
|
||||||
|
# # "2620:fe::fe:10"
|
||||||
];
|
];
|
||||||
|
|
||||||
cacheNetworks =
|
cacheNetworks =
|
||||||
|
|
@ -421,7 +434,7 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services.bind = {
|
systemd.services.bind = {
|
||||||
# deletes teh journal files evey start so it no longer stalls out
|
# deletes the journal files evey start so it no longer stalls out
|
||||||
preStart = ''
|
preStart = ''
|
||||||
rm -vf /etc/skynet/dns/*.jnl
|
rm -vf /etc/skynet/dns/*.jnl
|
||||||
rm -vf /etc/skynet/dns/*.jbk
|
rm -vf /etc/skynet/dns/*.jbk
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue