dns: cleaned up teh implmentation of the dns, partly to make it easier toa dd records and partly to make it really neat config files.
This commit is contained in:
parent
d683598060
commit
bc2e781586
18 changed files with 163 additions and 202 deletions
|
@ -5,6 +5,38 @@ let
|
||||||
# reads that date to a string (will need to be fixed in 2038)
|
# reads that date to a string (will need to be fixed in 2038)
|
||||||
current_date = toString builtins.currentTime;
|
current_date = toString builtins.currentTime;
|
||||||
|
|
||||||
|
# gets a list of records that match this type
|
||||||
|
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
|
||||||
|
filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A");
|
||||||
|
filter_records_a = builtins.filter (x: builtins.hasAttr "server" x && !x.server) (filter_records_type "A");
|
||||||
|
|
||||||
|
process_ptr = records: lib.lists.forEach records (x: process_ptr_sub x);
|
||||||
|
process_ptr_sub = record: {record=(builtins.substring 9 3 record.record); r_type="PTR"; value=record.value;};
|
||||||
|
ip_ptr_to_int = ip: lib.strings.toInt (builtins.substring 9 3 ip);
|
||||||
|
|
||||||
|
sort_records_server = builtins.sort (a: b: a.record < b.record) filter_records_server;
|
||||||
|
sort_records_a = builtins.sort (a: b: (ip_ptr_to_int a.value) < (ip_ptr_to_int b.value)) filter_records_a;
|
||||||
|
sort_records_cname = builtins.sort (a: b: a.value < b.value) (filter_records_type "CNAME");
|
||||||
|
sort_records_ptr = builtins.sort (a: b: (lib.strings.toInt a.record) < (lib.strings.toInt b.record)) (process_ptr (filter_records_type "PTR"));
|
||||||
|
|
||||||
|
format_records = records: offset: lib.strings.concatMapStrings (x: "${padString x.record offset} IN ${padString x.r_type 5} ${x.value}\n") records;
|
||||||
|
|
||||||
|
# small function to trim it down a tad
|
||||||
|
padString = text: length: fixedWidthString_post length " " text;
|
||||||
|
|
||||||
|
# like lib.strings.fixedWidthString but postfix
|
||||||
|
fixedWidthString_post = width: filler: str:
|
||||||
|
let
|
||||||
|
strw = lib.stringLength str;
|
||||||
|
reqWidth = width - (lib.stringLength filler);
|
||||||
|
in
|
||||||
|
assert lib.assertMsg (strw <= width) "fixedWidthString_post: requested string length (${toString width}) must not be shorter than actual length (${toString strw})";
|
||||||
|
if strw == width
|
||||||
|
then str
|
||||||
|
else (fixedWidthString_post reqWidth filler str) + filler;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
|
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
|
||||||
get_config_file = (domain:
|
get_config_file = (domain:
|
||||||
''$TTL 60 ; 1 minute
|
''$TTL 60 ; 1 minute
|
||||||
|
@ -29,20 +61,24 @@ let
|
||||||
|
|
||||||
|
|
||||||
; ------------------------------------------
|
; ------------------------------------------
|
||||||
; Server Names
|
; Server Names (A Records)
|
||||||
; ------------------------------------------
|
; ------------------------------------------
|
||||||
${lib.strings.concatMapStrings (x: x + "\n") records.external}
|
${format_records sort_records_server 11}
|
||||||
|
|
||||||
|
|
||||||
; internal addresses
|
|
||||||
; ------------------------------------------
|
; ------------------------------------------
|
||||||
; May come back to this idea in teh future
|
; A (non server names
|
||||||
; agentjones.int A 172.20.20.1
|
|
||||||
|
|
||||||
|
|
||||||
; cname's
|
|
||||||
; ------------------------------------------
|
; ------------------------------------------
|
||||||
${lib.strings.concatMapStrings (x: x + "\n") records.cname}
|
${format_records sort_records_a 18}
|
||||||
|
|
||||||
|
; ------------------------------------------
|
||||||
|
; CNAMES
|
||||||
|
; ------------------------------------------
|
||||||
|
${format_records sort_records_cname 31}
|
||||||
|
|
||||||
|
; ------------------------------------------
|
||||||
|
; TXT
|
||||||
|
; ------------------------------------------
|
||||||
|
${format_records (filter_records_type "TXT") 29}
|
||||||
|
|
||||||
''
|
''
|
||||||
);
|
);
|
||||||
|
@ -66,7 +102,10 @@ $TTL 60 ; 1 minute
|
||||||
@ NS ns1.skynet.ie.
|
@ NS ns1.skynet.ie.
|
||||||
@ NS ns2.skynet.ie.
|
@ NS ns2.skynet.ie.
|
||||||
|
|
||||||
${lib.strings.concatMapStrings (x: x + "\n") records.reverse}
|
; ------------------------------------------
|
||||||
|
; PTR
|
||||||
|
; ------------------------------------------
|
||||||
|
${format_records sort_records_ptr 3}
|
||||||
''
|
''
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -185,9 +224,7 @@ inline-signing yes;
|
||||||
old = "";
|
old = "";
|
||||||
};
|
};
|
||||||
|
|
||||||
records = {
|
records = builtins.concatLists (
|
||||||
# using the same logic as the firewall, comments there
|
|
||||||
external = builtins.concatLists (
|
|
||||||
lib.attrsets.mapAttrsToList (key: value:
|
lib.attrsets.mapAttrsToList (key: value:
|
||||||
let
|
let
|
||||||
details_server = value.config.skynet_dns.server;
|
details_server = value.config.skynet_dns.server;
|
||||||
|
@ -195,41 +232,19 @@ inline-signing yes;
|
||||||
in
|
in
|
||||||
if builtins.hasAttr "skynet_dns" value.config
|
if builtins.hasAttr "skynet_dns" value.config
|
||||||
then (
|
then (
|
||||||
|
# got to handle habing a dns record for the dns serves themselves.
|
||||||
if details_server.enable
|
if details_server.enable
|
||||||
then (
|
then (
|
||||||
if details_server.primary
|
if details_server.primary
|
||||||
then details_records.external ++ ["ns1 A ${details_server.ip}"]
|
then details_records ++ [ {record="ns1"; r_type="A"; value=details_server.ip; server=false;} ]
|
||||||
else details_records.external ++ ["ns2 A ${details_server.ip}"]
|
else details_records ++ [ {record="ns2"; r_type="A"; value=details_server.ip; server=false;} ]
|
||||||
)
|
)
|
||||||
else details_records.external
|
else details_records
|
||||||
)
|
)
|
||||||
else []
|
else []
|
||||||
) nodes
|
) nodes
|
||||||
);
|
);
|
||||||
|
|
||||||
cname = builtins.concatLists (
|
|
||||||
lib.attrsets.mapAttrsToList (key: value:
|
|
||||||
let
|
|
||||||
details_records = value.config.skynet_dns.records;
|
|
||||||
in
|
|
||||||
if builtins.hasAttr "skynet_dns" value.config
|
|
||||||
then details_records.cname
|
|
||||||
else []
|
|
||||||
) nodes
|
|
||||||
);
|
|
||||||
|
|
||||||
reverse = builtins.concatLists (
|
|
||||||
lib.attrsets.mapAttrsToList (key: value:
|
|
||||||
let
|
|
||||||
details_records = value.config.skynet_dns.records;
|
|
||||||
in
|
|
||||||
if builtins.hasAttr "skynet_dns" value.config
|
|
||||||
then details_records.reverse
|
|
||||||
else []
|
|
||||||
) nodes
|
|
||||||
);
|
|
||||||
};
|
|
||||||
|
|
||||||
nameserver = if cfg.server.primary then "ns1" else "ns2";
|
nameserver = if cfg.server.primary then "ns1" else "ns2";
|
||||||
|
|
||||||
in {
|
in {
|
||||||
|
@ -260,30 +275,26 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
records = {
|
records = lib.mkOption {
|
||||||
external = lib.mkOption {
|
description = "Records, sorted based on therir type";
|
||||||
default = [ ];
|
type = with lib.types; listOf (submodule {
|
||||||
type = lib.types.listOf lib.types.str;
|
options = {
|
||||||
description = ''
|
record = lib.mkOption {
|
||||||
External records like: agentjones A 193.1.99.72
|
type = str;
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
r_type = lib.mkOption {
|
||||||
cname = lib.mkOption {
|
type = enum ["A" "CNAME" "TXT" "PTR"];
|
||||||
default = [ ];
|
|
||||||
type = lib.types.listOf lib.types.str;
|
|
||||||
description = ''
|
|
||||||
External records like: ns1 CNAME ns1
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
value = lib.mkOption {
|
||||||
reverse = lib.mkOption {
|
type = str;
|
||||||
default = [ ];
|
|
||||||
type = lib.types.listOf lib.types.str;
|
|
||||||
description = ''
|
|
||||||
External records like: 20 IN PTR vigil
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
server = lib.mkOption {
|
||||||
|
description = "Core record for a server";
|
||||||
|
type = bool;
|
||||||
|
default = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
|
@ -95,22 +95,19 @@
|
||||||
age.secrets.ldap_pw.file = ../secrets/ldap/pw.age;
|
age.secrets.ldap_pw.file = ../secrets/ldap/pw.age;
|
||||||
|
|
||||||
# set up dns record for it
|
# set up dns record for it
|
||||||
skynet_dns.records.external = [
|
skynet_dns.records = [
|
||||||
# basic one
|
# basic one
|
||||||
"mail A ${cfg.host.ip}"
|
{record="mail"; r_type="A"; value=cfg.host.ip;}
|
||||||
|
|
||||||
|
# TXT records, all tehse are inside escaped strings to allow using ""
|
||||||
# SPF record
|
# SPF record
|
||||||
''${cfg.domain}. IN TXT "v=spf1 a:${cfg.sub}.${cfg.domain} -all"''
|
{record="${cfg.domain}."; r_type="TXT"; value=''"v=spf1 a:${cfg.sub}.${cfg.domain} -all"'';}
|
||||||
|
|
||||||
# DKIM
|
# DKIM
|
||||||
''mail._domainkey.${cfg.domain}. IN TXT "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl8ptSASx37t5sfmU2d2Y6yi9AVrsNFBZDmJ2uaLa4NuvAjxGQCw4wx+1Jui/HOuKYLpntLsjN851wgPR+3i51g4OblqBDvcHn9NYgWRZfHj9AASANQjdsaAbkXuyKuO46hZqeWlpESAcD6a4Evam4fkm+kiZC0+rccb4cWgsuLwIDAQAB"''
|
{record="mail._domainkey.${cfg.domain}."; r_type="TXT"; value=''"v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl8ptSASx37t5sfmU2d2Y6yi9AVrsNFBZDmJ2uaLa4NuvAjxGQCw4wx+1Jui/HOuKYLpntLsjN851wgPR+3i51g4OblqBDvcHn9NYgWRZfHj9AASANQjdsaAbkXuyKuO46hZqeWlpESAcD6a4Evam4fkm+kiZC0+rccb4cWgsuLwIDAQAB"'';}
|
||||||
|
|
||||||
# DMARC
|
# DMARC
|
||||||
''_dmarc.${cfg.domain}. IN TXT "v=DMARC1; p=none"''
|
{record="_dmarc.${cfg.domain}."; r_type="TXT"; value=''"v=DMARC1; p=none"'';}
|
||||||
];
|
|
||||||
|
|
||||||
skynet_dns.records.reverse = [
|
{record=cfg.host.ip; r_type="PTR"; value="${cfg.sub}.${cfg.domain}.";}
|
||||||
"${builtins.substring 9 3 cfg.host.ip} IN PTR ${cfg.sub}.${cfg.domain}."
|
|
||||||
];
|
];
|
||||||
|
|
||||||
mailserver = {
|
mailserver = {
|
||||||
|
|
|
@ -44,12 +44,10 @@
|
||||||
|
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
cname = [
|
|
||||||
# need a base domain
|
# need a base domain
|
||||||
"${cfg.domain.sub} CNAME ${cfg.host.name}"
|
{record=cfg.domain.sub; r_type="CNAME"; value=cfg.host.name;}
|
||||||
];
|
];
|
||||||
};
|
|
||||||
|
|
||||||
# the minecraft servers
|
# the minecraft servers
|
||||||
services.skynet_games_minecraft = {
|
services.skynet_games_minecraft = {
|
||||||
|
|
|
@ -52,22 +52,18 @@
|
||||||
"ip daddr ${cfg.host.ip} tcp dport 25565 counter packets 0 bytes 0 accept"
|
"ip daddr ${cfg.host.ip} tcp dport 25565 counter packets 0 bytes 0 accept"
|
||||||
];
|
];
|
||||||
|
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [];
|
# the minecraft (web) config server
|
||||||
cname = [
|
{record="config.${cfg.domain.sub}"; r_type="CNAME"; value=cfg.host.name;}
|
||||||
"config.${cfg.domain.sub} CNAME ${cfg.host.name}"
|
|
||||||
|
|
||||||
# create a sub-subdomain for each game
|
# our own minecraft hosts
|
||||||
# compsoc_classic.minecraft.games.skynet.ie
|
{record="compsoc_classic.${cfg.domain.sub}"; r_type="CNAME"; value=cfg.host.name;}
|
||||||
"compsoc_classic.${cfg.domain.sub} CNAME ${cfg.host.name}"
|
{record="compsoc.${cfg.domain.sub}"; r_type="CNAME"; value=cfg.host.name;}
|
||||||
"compsoc.${cfg.domain.sub} CNAME ${cfg.host.name}"
|
|
||||||
|
|
||||||
# gsoc.minecraft.games.skynet.ie
|
|
||||||
"gsoc.${cfg.domain.sub} CNAME ${cfg.host.name}"
|
|
||||||
"gsoc_abridged.${cfg.domain.sub} CNAME ${cfg.host.name}"
|
|
||||||
|
|
||||||
|
# gsoc servers
|
||||||
|
{record="gsoc.${cfg.domain.sub}"; r_type="CNAME"; value=cfg.host.name;}
|
||||||
|
{record="gsoc_abridged.${cfg.domain.sub}"; r_type="CNAME"; value=cfg.host.name;}
|
||||||
];
|
];
|
||||||
};
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
# for the proxy
|
# for the proxy
|
||||||
|
|
|
@ -94,13 +94,10 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# using https://nixos.org/manual/nixos/stable/index.html#module-services-gitlab as a guide
|
# using https://nixos.org/manual/nixos/stable/index.html#module-services-gitlab as a guide
|
||||||
skynet_dns.records.cname = [
|
skynet_dns.records = [
|
||||||
"${cfg.domain.sub} CNAME ${cfg.host.name}"
|
{record=cfg.domain.sub; r_type="CNAME"; value=cfg.host.name;}
|
||||||
];
|
|
||||||
|
|
||||||
skynet_dns.records.external = [
|
|
||||||
# for gitlab pages
|
# for gitlab pages
|
||||||
"*.pages.${cfg.domain.base}.${cfg.domain.tld}. 1800 IN A ${cfg.host.ip}"
|
{record="*.pages.${cfg.domain.base}.${cfg.domain.tld}."; r_type="A"; value=cfg.host.ip;}
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
|
|
@ -77,8 +77,8 @@ Gonna use a priper nixos module for this
|
||||||
group = "openldap";
|
group = "openldap";
|
||||||
};
|
};
|
||||||
|
|
||||||
skynet_dns.records.cname = [
|
skynet_dns.records = [
|
||||||
"${cfg.domain.sub} CNAME ${cfg.host.name}"
|
{record=cfg.domain.sub; r_type="CNAME"; value=cfg.host.name;}
|
||||||
];
|
];
|
||||||
|
|
||||||
# firewall on teh computer itself
|
# firewall on teh computer itself
|
||||||
|
|
|
@ -48,8 +48,8 @@
|
||||||
|
|
||||||
age.secrets.ldap_self_service.file = ../../secrets/ldap/self_service.age;
|
age.secrets.ldap_self_service.file = ../../secrets/ldap/self_service.age;
|
||||||
|
|
||||||
skynet_dns.records.cname = [
|
skynet_dns.records = [
|
||||||
"${cfg.domain.sub} CNAME ${cfg.host.name}"
|
{record=cfg.domain.sub; r_type="CNAME"; value=cfg.host.name;}
|
||||||
];
|
];
|
||||||
|
|
||||||
services.nginx.virtualHosts."${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
|
services.nginx.virtualHosts."${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = {
|
||||||
|
|
|
@ -50,8 +50,8 @@
|
||||||
8000
|
8000
|
||||||
];
|
];
|
||||||
|
|
||||||
skynet_dns.records.cname = [
|
skynet_dns.records = [
|
||||||
"${cfg.domain.sub} CNAME ${cfg.host.name}"
|
{record=cfg.domain.sub; r_type="CNAME"; value=cfg.host.name;}
|
||||||
];
|
];
|
||||||
|
|
||||||
skynet_firewall.forward = [
|
skynet_firewall.forward = [
|
||||||
|
|
|
@ -31,15 +31,10 @@ in {
|
||||||
tags = [ "active" ];
|
tags = [ "active" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
cname = [];
|
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
|
@ -30,14 +30,10 @@ in {
|
||||||
tags = [ "active" ];
|
tags = [ "active" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
|
@ -33,14 +33,10 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
# add this server to dns
|
# add this server to dns
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
|
@ -33,14 +33,10 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
|
@ -33,14 +33,10 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
# add this server to dns
|
# add this server to dns
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
|
@ -43,15 +43,10 @@ in {
|
||||||
tags = [ "active" ];
|
tags = [ "active" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
skynet_dns.records = [
|
||||||
skynet_dns.records = {
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
external = [
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
"${name} A ${ip_pub}"
|
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
server.enable = true;
|
server.enable = true;
|
||||||
|
|
|
@ -31,14 +31,10 @@ in {
|
||||||
tags = [ "active" ];
|
tags = [ "active" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
|
@ -60,14 +60,12 @@ in {
|
||||||
ip = ip_pub;
|
ip = ip_pub;
|
||||||
};
|
};
|
||||||
|
|
||||||
records = {
|
records = [
|
||||||
external = [
|
# vendetta IN A 193.1.99.120
|
||||||
"${name} A ${ip_pub}"
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
|
# 120 IN PTR vendetta.skynet.ie.
|
||||||
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,14 +45,12 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
# this server will have to have dns records
|
# this server will have to have dns records
|
||||||
records = {
|
records = [
|
||||||
external = [
|
# vigil IN A 193.1.99.109
|
||||||
"${name} A ${ip_pub}"
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
|
# 109 IN PTR vigil.skynet.ie.
|
||||||
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,14 +32,10 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
skynet_dns.records = {
|
skynet_dns.records = [
|
||||||
external = [
|
{record=name; r_type="A"; value=ip_pub; server=true;}
|
||||||
"${name} A ${ip_pub}"
|
{record=ip_pub; r_type="PTR"; value=hostname;}
|
||||||
];
|
];
|
||||||
reverse = [
|
|
||||||
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
services.skynet_backup = {
|
services.skynet_backup = {
|
||||||
host = {
|
host = {
|
||||||
|
|
Loading…
Reference in a new issue