Skynet/nixos
6
1
Fork 0
Code Issues 45 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Fixing the semicolon comment delimiters to octothorpe comment delimiters, and improving readability.

Browse source
This commit is contained in:
pio 2023-10-22 21:57:44 +00:00
parent dd122729bb
commit bbe81fcd3e
1 changed files with 97 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

169
applications/dns.nix
View file

@ -47,55 +47,55 @@
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
get_config_file = (
domain: ''
$TTL 60 ; 1 minute
; hostmaster@${domain} is an email address that recieves stuff related to dns
$TTL 60 # 1 minute
# hostmaster@${domain} is an email address that recieves stuff related to dns
@ IN SOA ${nameserver}.${domain}. hostmaster.${domain}. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
# Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
600 # Refresh (10 minutes)
300 # Retry (5 minutes)
604800 # Expire (1 week)
3600 # Minimum (1 hour)
)
@ NS ns1.${domain}.
@ NS ns2.${domain}.
; @ stands for the root domain so the A record below is where ${domain} points to
;@ A 193.1.99.76
;@ MX 5 ${domain}.
# @ stands for the root domain so the A record below is where ${domain} points to
#@ A 193.1.99.76
#@ MX 5 ${domain}.
; can have multiple mailserves
# can have multiple mailserves
@ MX 10 mail.${domain}.
; ------------------------------------------
; Server Names (A Records)
; ------------------------------------------
# ------------------------------------------
# Server Names (A Records)
# ------------------------------------------
${format_records sort_records_server 31}
; ------------------------------------------
; A (non server names
; ------------------------------------------
# ------------------------------------------
# A (non server names)
# ------------------------------------------
${format_records sort_records_a 31}
; ------------------------------------------
; CNAMES
; ------------------------------------------
# ------------------------------------------
# CNAMES
# ------------------------------------------
${format_records sort_records_cname 31}
; ------------------------------------------
; TXT
; ------------------------------------------
# ------------------------------------------
# TXT
# ------------------------------------------
${format_records (filter_records_type "TXT") 31}
; ------------------------------------------
; MX
; ------------------------------------------
# ------------------------------------------
# MX
# ------------------------------------------
${format_records (filter_records_type "MX") 31}
; ------------------------------------------
; SRV
; ------------------------------------------
# ------------------------------------------
# SRV
# ------------------------------------------
${format_records sort_records_srv 31}
@ -107,23 +107,23 @@
get_config_file_rev = (
domain: ''
$ORIGIN 64-64.99.1.193.in-addr.arpa.
$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
$TTL 60 # 1 minute
# hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
# Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
600 # Refresh (10 minutes)
300 # Retry (5 minutes)
604800 # Expire (1 week)
3600 # Minimum (1 hour)
)
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
; ------------------------------------------
; PTR
; ------------------------------------------
# ------------------------------------------
# PTR
# ------------------------------------------
${format_records sort_records_ptr 3}
''
);
@ -131,15 +131,15 @@
# domains we dont have proper ownership over, only here to ensure the logs dont get cluttered.
get_config_file_old_domains = (
domain: ''
$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
$TTL 60 # 1 minute
# hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
# Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
600 # Refresh (10 minutes)
300 # Retry (5 minutes)
604800 # Expire (1 week)
3600 # Minimum (1 hour)
)
@ NS ns1.skynet.ie.
@ -174,7 +174,7 @@
# small function to tidy up the spam of the cache networks, would use the subnet except all external traffic has the ip of the router
create_cache_networks = map (x: "193.1.99.${toString x}/32") (lib.lists.range 71 126);
# standard function to create the file in /etc/ ; pass in the text and domain and the function creates that file
# standard function to create the file in /etc/ - pass in the text and domain and the function creates that file
create_entry_etc_sub = domain: text: {
# Creates /etc/skynet/dns/domain
"skynet/dns/${domain}" = {
@ -189,7 +189,7 @@
};
# (text.owned "csn.ul.ie")
# standard function to create the file in /etc/ ; pass in the text and domain and the function creates that file
# standard function to create the file in /etc/ - pass in the text and domain and the function creates that file
create_entry_etc = domain: type:
if type == "owned"
then create_entry_etc_sub domain (text.owned domain)
@ -390,38 +390,63 @@ in {
# set the upstream dns servers
# overrides the default dns servers
# Set for HEANet and Quad9 IPv4 servers, x4 total
forwarders = [
; Name: HEANet
; DNSSEC: not known
; Details: ISP for UL, should be a good candidate for primary upstream. If they aren't available, we've no connectivity anyway.
; Server: ns.heanet.ie HEANet primary
# Name: HEANet
# DNSSEC: not known
# Details: ISP for UL, should be a good candidate for primary upstream. If they aren't available, we've no connectivity anyway.
# IPv4
# Server: ns.heanet.ie HEANet primary
"193.1.193.194"
; Server: auth-ns2.heanet.ie HEANet secondary (Located Germany)
# Server: auth-ns2.heanet.ie HEANet secondary (Ireland location)
"193.1.247.198"
; Server: auth-ns3.heanet.ie HEANet tertiary (Ireland located)
# Server: auth-ns3.heanet.ie HEANet tertiary (Germany location)
# "5.196.22.225"
; Name: Quad9.net (free service - this one is malware/phish blocked). Suggesting using unfiltered as below.
; DNSSEC: available
; Details: Based in Switzerland, zero cost, stated as no tracking data saved. Also has https https://dns.quad9.net/dns-query
; Server: dns9.quad9.net Primary
# "9.9.9.9"
; Server: dns.quad9.net Secondary
# "149.112.112.112"
; Server: dns9.quad9.net IPV6 Primary server
# "2620:fe::9"
; Server: dns.quad9.net IPV6 Secondary server
# "2620:fe::fe"
; Name: Quad9.net (free service - this one is unfiltered).
; DNSSEC: not available
; Details: Based in Switzerland, zero cost, stated as no tracking data saved. Also has https https://dns10.quad9.net/dns-query
; Server: dns10.quad9.net Primary
# IPV6
# Server: ns.heanet.ie HEANet IPv4 primary
# "2001:770:18:4::c101:c1c2"
# Server: auth-ns2.heanet.ie HEANet IPv4 secondary (Ireland location)
# "2001:770:1c:4::c101:f7c6"
# Server: auth-ns3.heanet.ie HEANet IPv4 tertiary (Germany location)
# "2001:41d0:52:900::871"
# Name: Quad9.net (free service - this one is unfiltered).
# DNSSEC: not available
# Details: Based in Switzerland, zero cost, stated as no tracking data saved. Also has https https://dns10.quad9.net/dns-query
# IPv4
# Server: dns10.quad9.net IPv4 Primary
"9.9.9.10"
; Server: dns10.quad9.net Secondary
# Server: dns10.quad9.net IPv4 Secondary
"149.112.112.10"
; Server: dns10.quad9.net IPV6 Primary server
# IPV6
# Server: dns10.quad9.net IPV6 Primary server
# "2620:fe::10"
; Server: dns10.quad9.net IPV6 Secondary server
# Server: dns10.quad9.net IPV6 Secondary server
# "2620:fe::fe:10"
# Name: Quad9.net (free service - this one is malware/phish blocked). Suggesting using the unfiltered set just above.
# DNSSEC: available
# Details: Based in Switzerland, zero cost, stated as no tracking data saved. Also has https https://dns.quad9.net/dns-query
# IPv4
# Server: dns9.quad9.net IPv4 Primary
# "9.9.9.9"
# Server: dns.quad9.net IPv4 Secondary
# "149.112.112.112"
# IPv6
# Server: dns9.quad9.net IPV6 Primary server
# "2620:fe::9"
# Server: dns.quad9.net IPV6 Secondary server
# "2620:fe::fe"
];
cacheNetworks =