Skynet/nixos
6
1
Fork 0
Code Issues 43 Pull requests 1 Projects Releases Packages Wiki Activity Actions

dns: remove leading spaces

Browse source
This commit is contained in:
silver 2023-07-08 10:27:30 +01:00
parent 60ec19284d
commit 6cb3fcf409
1 changed files with 70 additions and 73 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

143
applications/dns.nix
View file

@ -7,96 +7,93 @@ let
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
get_config_file = (domain:
''
$TTL 60 ; 1 minute
; hostmaster@${domain} is an email address that recieves stuff related to dns
@ IN SOA ${cfg.own.nameserver}.${domain}. hostmaster.${domain}. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
''$TTL 60 ; 1 minute
; hostmaster@${domain} is an email address that recieves stuff related to dns
@ IN SOA ${cfg.own.nameserver}.${domain}. hostmaster.${domain}. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
@ NS ns1.${domain}.
@ NS ns2.${domain}.
; @ stands for teh root domain so teh A record below is where ${domain} points to
;@ A 193.1.99.76
;@ MX 5 ${domain}.
@ NS ns1.${domain}.
@ NS ns2.${domain}.
; @ stands for teh root domain so teh A record below is where ${domain} points to
;@ A 193.1.99.76
;@ MX 5 ${domain}.
; can have multiple mailserves
@ MX 10 mail.${domain}.
; can have multiple mailserves
@ MX 10 mail.${domain}.
; ------------------------------------------
; Server Names
; ------------------------------------------
; ------------------------------------------
; Server Names
; ------------------------------------------
; External addresses
; ------------------------------------------
${lib.strings.concatMapStrings (x: x + "\n") cfg.records.external}
; External addresses
; ------------------------------------------
${lib.strings.concatMapStrings (x: x + "\n") cfg.records.external}
; this is fixed for now
wintermute A 193.1.101.148
; this is fixed for now
wintermute A 193.1.101.148
; internal addresses
; ------------------------------------------
; May come back to this idea in teh future
; agentjones.int A 172.20.20.1
; internal addresses
; ------------------------------------------
; May come back to this idea in teh future
; agentjones.int A 172.20.20.1
; cname's
; ------------------------------------------
${lib.strings.concatMapStrings (x: x + "\n") cfg.records.cname}
; cname's
; ------------------------------------------
${lib.strings.concatMapStrings (x: x + "\n") cfg.records.cname}
''
''
);
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/4/html/reference_guide/s2-bind-configuration-zone-reverse
# config for our reverse dnspointers (not properly working)
get_config_file_rev = (domain:
''
$ORIGIN 99.1.193.in-addr.arpa.
$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${cfg.own.nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
''$ORIGIN 99.1.193.in-addr.arpa.
$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${cfg.own.nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
${lib.strings.concatMapStrings (x: x + "\n") cfg.records.reverse}
''
${lib.strings.concatMapStrings (x: x + "\n") cfg.records.reverse}
''
);
# domains we dont have proper ownship over, only here to ensure the logs dont get cluttered.
get_config_file_old_domains = (domain:
''
$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${cfg.own.nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
''$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${cfg.own.nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
''
''
);
# arrys of teh two nameservers
@ -156,10 +153,10 @@ let
create_entry_zone = (domain: extraConfig: {
"${domain}" = {
extraConfig = ''
${extraConfig}
// for bumping the config
// ${current_date}
'';
${extraConfig}
// for bumping the config
// ${current_date}
'';
# really wish teh nixos config didnt use master/slave
master = cfg.primary;
masters = primaries;
@ -180,12 +177,12 @@ let
extraConfig = {
owned =
if cfg.primary then
''
allow-update { key rfc2136key.skynet.ie.; };
''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
''
dnssec-policy default;
inline-signing yes;
''
else
"";