dns: new functions work well

Will try to figure out if the two functions can be merged so its a single function called
This commit is contained in:
silver 2023-05-21 21:48:30 +01:00
parent f8f2f6fa15
commit 693043b081

View file

@ -146,6 +146,10 @@ let
create_entry_etc = domain: type:
if type == "owned" then
create_entry_etc_sub domain (text.owned domain)
else if type == "reverse" then
create_entry_etc_sub domain (text.reverse domain)
else if type == "old" then
create_entry_etc_sub domain (text.old domain)
else
{};
@ -169,6 +173,8 @@ let
text = {
owned = domain: get_config_file domain;
reverse = domain: get_config_file_rev domain;
old = domain: get_config_file_old_domains domain;
};
extraConfig = {
@ -183,6 +189,10 @@ let
else
"";
# no extra config for reverse
reverse = "";
old = "";
};
in {
@ -273,6 +283,26 @@ in {
};
config = lib.mkIf cfg.enable {
services.bind.zones =
(create_entry_zone "csn.ul.ie" extraConfig.owned ) //
(create_entry_zone "skynet.ie" extraConfig.owned )//
(create_entry_zone "99.1.193.in-addr.arpa" extraConfig.reverse )//
(create_entry_zone "conradcollins.net" extraConfig.old )//
(create_entry_zone "edelharty.net" extraConfig.old );
environment.etc =
(create_entry_etc "csn.ul.ie" "owned") //
(create_entry_etc "skynet.ie" "owned") //
(create_entry_etc "99.1.193.in-addr.arpa" "reverse") //
(create_entry_etc "conradcollins.net" "old") //
(create_entry_etc "edelharty.net" "old");
# secrets required
age.secrets.dns_dnskeys = {
file = ../secrets/dns_dnskeys.conf.age;
@ -325,76 +355,6 @@ in {
Now have a function for it
*/
] ++ create_cache_networks;
zones =
(create_entry_zone "csn.ul.ie" extraConfig.owned )//
(create_entry_zone "skynet.ie" extraConfig.owned )//
{
"99.1.193.in-addr.arpa"= {
extraConfig = ''
//allow-update { key rfc2136key.skynet.ie.; };
//dnssec-policy default;
//inline-signing yes;
// for bumping the config
// ${current_date}
'';
# really wish teh nixos config didnt use master/slave
master = cfg.primary;
masters = primaries;
slaves = secondaries;
# need to write this to a file
# using the date in it so it will trigger a restart
file = "/etc/dns_custom/dns_zone_99.1.193.in-addr.arpa";
# no leading whitespace for first line
};
"conradcollins.net" = {
extraConfig = if cfg.primary then ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
// for bumping the config
// ${current_date}
'' else "";
# really wish teh nixos config didnt use master/slave
master = cfg.primary;
masters = primaries;
slaves = secondaries;
# need to write this to a file
# using the date in it so it will trigger a restart
file = "/etc/dns_custom/dns_zone_conradcollins.net";
# no leading whitespace for first line
};
"edelharty.net" = {
extraConfig = if cfg.primary then ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
// for bumping the config
// ${current_date}
'' else "";
# really wish teh nixos config didnt use master/slave
master = cfg.primary;
masters = primaries;
slaves = secondaries;
# need to write this to a file
# using the date in it so it will trigger a restart
file = "/etc/dns_custom/dns_zone_edelharty.net";
# no leading whitespace for first line
};
};
};
# creates a folder in /etc for the dns to use
@ -403,41 +363,5 @@ in {
home = "/etc/skynet/dns";
};
environment.etc =
(create_entry_etc "csn.ul.ie" "owned") //
(create_entry_etc "skynet.ie" "owned") //
{
"dns_custom/dns_zone_99.1.193.in-addr.arpa" = {
user = "named";
group = "named";
# The UNIX file mode bits
mode = "0644";
text = get_config_file_rev "skynet.ie";
};
"dns_custom/dns_zone_conradcollins.net" = {
user = "named";
group = "named";
# The UNIX file mode bits
mode = "0644";
text = get_config_file_old_domains "conradcollins.net";
};
"dns_custom/dns_zone_edelharty.net" = {
user = "named";
group = "named";
# The UNIX file mode bits
mode = "0644";
text = get_config_file_old_domains "edelharty.net";
};
};
};
}