diff --git a/applications/dns.nix b/applications/dns.nix index f6a2ad7..df6afe6 100644 --- a/applications/dns.nix +++ b/applications/dns.nix @@ -125,6 +125,57 @@ let # small function to tidy up the spam of the cache networks, would use teh subnet except all external traffic has the ip of teh router create_cache_networks = (map (x: "193.1.99.${toString x}/32" ) (lib.lists.range 71 126) ); + # standard function to create the etc file, pass in the text and domain and it makes it + create_entry_etc = domain: text: { + # Creates /etc/skynet/dns/domain + + "skynet/dns/${domain}" = { + user = "named"; + group = "named"; + + # The UNIX file mode bits + mode = "0644"; + + text = text; + }; + }; + + create_entry_zone = (domain: extraConfig: { + "${domain}" = { + extraConfig = '' + ${extraConfig} + // for bumping the config + // ${current_date} + ''; + # really wish teh nixos config didnt use master/slave + master = cfg.primary; + masters = primaries; + slaves = secondaries; + # need to write this to a file + # using the date in it so it will trigger a restart + file = "/etc/skynet/dns/${domain}"; + # no leading whitespace for first line + }; + }); + + text = { + owned = domain: get_config_file domain; + }; + + extraConfig = { + owned = + if cfg.primary then + '' + allow-update { key rfc2136key.skynet.ie.; }; + + dnssec-policy default; + inline-signing yes; + '' + else + ""; + + }; + in { options = { skynet_dns = { @@ -266,63 +317,12 @@ in { */ ] ++ create_cache_networks; - zones = { - /* - put any other zones above skynet and link to their files like so: + zones = - example.ie = { - extraConfig = ""; - file = ./dns/example; - master = true; - masters = []; - slaves = [ ]; - }; - - Skynet is handled a bit more dynamically since it is the key one we should focus on - */ - - "skynet.ie" = { - extraConfig = if cfg.primary then '' - allow-update { key rfc2136key.skynet.ie.; }; - - dnssec-policy default; - inline-signing yes; - - // for bumping the config - // ${current_date} - '' else ""; - # really wish teh nixos config didnt use master/slave - master = cfg.primary; - masters = primaries; - slaves = secondaries; - # need to write this to a file - # using the date in it so it will trigger a restart - file = "/etc/dns_custom/dns_zone_skynet.ie"; - # no leading whitespace for first line - - }; - - "csn.ul.ie" = { - extraConfig = if cfg.primary then '' - allow-update { key rfc2136key.skynet.ie.; }; - - dnssec-policy default; - inline-signing yes; - - // for bumping the config - // ${current_date} - '' else ""; - # really wish teh nixos config didnt use master/slave - master = cfg.primary; - masters = primaries; - slaves = secondaries; - # need to write this to a file - # using the date in it so it will trigger a restart - file = "/etc/dns_custom/dns_zone_csn.ul.ie"; - # no leading whitespace for first line - - }; + (create_entry_zone "csn.ul.ie" extraConfig.owned )// + (create_entry_zone "skynet.ie" extraConfig.owned )// + { "99.1.193.in-addr.arpa"= { extraConfig = '' //allow-update { key rfc2136key.skynet.ie.; }; @@ -385,39 +385,21 @@ in { # no leading whitespace for first line }; - }; }; # creates a folder in /etc for the dns to use users.users.named = { createHome = true; - home = "/etc/dns_custom"; + home = "/etc/skynet/dns"; }; - environment.etc = { - # Creates /etc/dns_custom/dns_zone_skynet + environment.etc = - "dns_custom/dns_zone_skynet.ie" = { - user = "named"; - group = "named"; - - # The UNIX file mode bits - mode = "0644"; - - text = get_config_file "skynet.ie"; - }; - - "dns_custom/dns_zone_csn.ul.ie" = { - user = "named"; - group = "named"; - - # The UNIX file mode bits - mode = "0644"; - - text = get_config_file "csn.ul.ie"; - }; + (create_entry_etc "csn.ul.ie" (text.owned "csn.ul.ie")) // + (create_entry_etc "skynet.ie" (text.owned "skynet.ie")) // + { "dns_custom/dns_zone_99.1.193.in-addr.arpa" = { user = "named"; group = "named";