Skynet/nixos
7
1
Fork 0
Code Issues 45 Pull requests 1 Projects Releases Packages Wiki Activity Actions

dns: cleaned up teh implmentation of the dns, partly to make it easier toa dd records and partly to make it really neat config files.

Browse source
This commit is contained in:
silver 2023-07-16 01:53:21 +01:00
parent d683598060
commit bc2e781586
18 changed files with 163 additions and 202 deletions
Download patch file Download diff file Expand all files Collapse all files

165
applications/dns.nix
View file

@ -5,6 +5,38 @@ let
# reads that date to a string (will need to be fixed in 2038)
current_date = toString builtins.currentTime;
# gets a list of records that match this type
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A");
filter_records_a = builtins.filter (x: builtins.hasAttr "server" x && !x.server) (filter_records_type "A");
process_ptr = records: lib.lists.forEach records (x: process_ptr_sub x);
process_ptr_sub = record: {record=(builtins.substring 9 3 record.record); r_type="PTR"; value=record.value;};
ip_ptr_to_int = ip: lib.strings.toInt (builtins.substring 9 3 ip);
sort_records_server = builtins.sort (a: b: a.record < b.record) filter_records_server;
sort_records_a = builtins.sort (a: b: (ip_ptr_to_int a.value) < (ip_ptr_to_int b.value)) filter_records_a;
sort_records_cname = builtins.sort (a: b: a.value < b.value) (filter_records_type "CNAME");
sort_records_ptr = builtins.sort (a: b: (lib.strings.toInt a.record) < (lib.strings.toInt b.record)) (process_ptr (filter_records_type "PTR"));
format_records = records: offset: lib.strings.concatMapStrings (x: "${padString x.record offset} IN ${padString x.r_type 5} ${x.value}\n") records;
# small function to trim it down a tad
padString = text: length: fixedWidthString_post length " " text;
# like lib.strings.fixedWidthString but postfix
fixedWidthString_post = width: filler: str:
let
strw = lib.stringLength str;
reqWidth = width - (lib.stringLength filler);
in
assert lib.assertMsg (strw <= width) "fixedWidthString_post: requested string length (${toString width}) must not be shorter than actual length (${toString strw})";
if strw == width
then str
else (fixedWidthString_post reqWidth filler str) + filler;
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
get_config_file = (domain:
''$TTL 60 ; 1 minute
@ -29,20 +61,24 @@ let
; ------------------------------------------
; Server Names
; Server Names (A Records)
; ------------------------------------------
${lib.strings.concatMapStrings (x: x + "\n") records.external}
${format_records sort_records_server 11}
; internal addresses
; ------------------------------------------
; May come back to this idea in teh future
; agentjones.int A 172.20.20.1
; cname's
; A (non server names
; ------------------------------------------
${lib.strings.concatMapStrings (x: x + "\n") records.cname}
${format_records sort_records_a 18}
; ------------------------------------------
; CNAMES
; ------------------------------------------
${format_records sort_records_cname 31}
; ------------------------------------------
; TXT
; ------------------------------------------
${format_records (filter_records_type "TXT") 29}
''
);
@ -66,7 +102,10 @@ $TTL 60 ; 1 minute
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
${lib.strings.concatMapStrings (x: x + "\n") records.reverse}
; ------------------------------------------
; PTR
; ------------------------------------------
${format_records sort_records_ptr 3}
''
);
@ -185,50 +224,26 @@ inline-signing yes;
old = "";
};
records = {
# using the same logic as the firewall, comments there
external = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
let
details_server = value.config.skynet_dns.server;
details_records = value.config.skynet_dns.records;
in
if builtins.hasAttr "skynet_dns" value.config
records = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
let
details_server = value.config.skynet_dns.server;
details_records = value.config.skynet_dns.records;
in
if builtins.hasAttr "skynet_dns" value.config
then (
# got to handle habing a dns record for the dns serves themselves.
if details_server.enable
then (
if details_server.enable
then (
if details_server.primary
then details_records.external ++ ["ns1 A ${details_server.ip}"]
else details_records.external ++ ["ns2 A ${details_server.ip}"]
)
else details_records.external
if details_server.primary
then details_records ++ [ {record="ns1"; r_type="A"; value=details_server.ip; server=false;} ]
else details_records ++ [ {record="ns2"; r_type="A"; value=details_server.ip; server=false;} ]
)
else []
) nodes
);
cname = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
let
details_records = value.config.skynet_dns.records;
in
if builtins.hasAttr "skynet_dns" value.config
then details_records.cname
else []
) nodes
);
reverse = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
let
details_records = value.config.skynet_dns.records;
in
if builtins.hasAttr "skynet_dns" value.config
then details_records.reverse
else []
) nodes
);
};
else details_records
)
else []
) nodes
);
nameserver = if cfg.server.primary then "ns1" else "ns2";
@ -260,30 +275,26 @@ in {
};
};
records = {
external = lib.mkOption {
default = [ ];
type = lib.types.listOf lib.types.str;
description = ''
External records like: agentjones A 193.1.99.72
'';
};
cname = lib.mkOption {
default = [ ];
type = lib.types.listOf lib.types.str;
description = ''
External records like: ns1 CNAME ns1
'';
};
reverse = lib.mkOption {
default = [ ];
type = lib.types.listOf lib.types.str;
description = ''
External records like: 20 IN PTR vigil
'';
};
records = lib.mkOption {
description = "Records, sorted based on therir type";
type = with lib.types; listOf (submodule {
options = {
record = lib.mkOption {
type = str;
};
r_type = lib.mkOption {
type = enum ["A" "CNAME" "TXT" "PTR"];
};
value = lib.mkOption {
type = str;
};
server = lib.mkOption {
description = "Core record for a server";
type = bool;
default = false;
};
};
});
};
};