Skynet/nixos
6
1
Fork 0
Code Issues 42 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat: simplify the zone creation

Browse source
This commit is contained in:
silver 2024-07-17 01:38:31 +01:00
parent 0b25b5ac54
commit 2a8a7cc7f4
Signed by: silver
GPG key ID: 54E2C71918E93B74
1 changed files with 33 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
applications/dns/dns.nix
View file

@ -11,6 +11,22 @@
# reads that date to a string (will need to be fixed in 2038) # reads that date to a string (will need to be fixed in 2038)
current_date = lib.readFile "${pkgs.runCommand "timestamp" {} "echo -n `date +%s` > $out"}"; current_date = lib.readFile "${pkgs.runCommand "timestamp" {} "echo -n `date +%s` > $out"}";
# this gets a list of all domains we have records for
domains = lib.lists.naturalSort (
lib.lists.unique (
lib.lists.forEach records (record: record.domain)
)
);
domains_owned = [
# for historic reasons we own this
"csn.ul.ie"
# the main one we use now
"skynet.ie"
# a backup
"ulcompsoc.ie"
];
# gets a list of records that match this type # gets a list of records that match this type
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records; filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A"); filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A");
@ -205,10 +221,19 @@
then create_entry_etc_sub domain (text.old domain) then create_entry_etc_sub domain (text.old domain)
else {}; else {};
create_entry_zone = domain: extraConfig: { create_entry_zone = domain: let
if_primary_and_owned =
if cfg.server.primary && (lib.lists.any (item: item == domain) domains_owned)
then ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
''
else "";
in {
"${domain}" = { "${domain}" = {
extraConfig = '' extraConfig = ''
${extraConfig} ${if_primary_and_owned}
// for bumping the config // for bumping the config
// ${current_date} // ${current_date}
''; '';
@ -229,23 +254,6 @@
old = domain: get_config_file_old_domains domain; old = domain: get_config_file_old_domains domain;
}; };
extraConfig = {
owned =
if cfg.server.primary
then ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
''
else "";
# no extra config for reverse
reverse = "";
old = "";
};
records = records =
config.skynet.records config.skynet.records
++ builtins.concatLists ( ++ builtins.concatLists (
@ -344,12 +352,12 @@ in {
]; ];
services.bind.zones = services.bind.zones =
(create_entry_zone "csn.ul.ie" extraConfig.owned) (create_entry_zone "csn.ul.ie")
// (create_entry_zone "skynet.ie" extraConfig.owned) // (create_entry_zone "skynet.ie")
// (create_entry_zone "ulcompsoc.ie" extraConfig.owned) // (create_entry_zone "ulcompsoc.ie")
// (create_entry_zone "64-64.99.1.193.in-addr.arpa" extraConfig.reverse) // (create_entry_zone "64-64.99.1.193.in-addr.arpa")
// (create_entry_zone "conradcollins.net" extraConfig.old) // (create_entry_zone "conradcollins.net")
// (create_entry_zone "edelharty.net" extraConfig.old); // (create_entry_zone "edelharty.net");
environment.etc = environment.etc =
(create_entry_etc "csn.ul.ie" "owned") (create_entry_etc "csn.ul.ie" "owned")