Skynet/nixos
7
1
Fork 0
Code Issues 45 Pull requests 1 Projects Releases Packages Wiki Activity Actions

dns: abstracted away much of the dns logic into teh dns config file

Browse source
This commit is contained in:
silver 2023-07-15 15:54:42 +01:00
parent 6412a53070
commit d683598060
4 changed files with 94 additions and 178 deletions
Download patch file Download diff file Expand all files Collapse all files

71
machines/vendetta.nix
View file

@ -17,9 +17,6 @@ let
ip_pub = "193.1.99.120";
ip_priv = "172.20.20.3";
hostname = "${name}.skynet.ie";
# sets which nameserver it is
ns = "ns1";
in {
imports = [
./hardware/_base.nix
@ -56,64 +53,20 @@ in {
};
skynet_dns = {
enable = true;
# primary dns server
primary = true;
# this server will have to have dns records
own = {
nameserver = ns;
ip = ip_pub;
external = [
"${name} A ${ip_pub}"
"${ns} A ${ip_pub}"
];
cname = [
#"misc CNAME vendetta"
];
reverse = [
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
];
};
server = {
enable = true;
# primary dns server (ns1)
primary = true;
ip = ip_pub;
};
records = {
# using the same logic as the firewall, comments there
external = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
if builtins.hasAttr "skynet_dns" value.config
then (
if value.config.skynet_dns.enable
then value.config.skynet_dns.own.external
else value.config.skynet_dns.records.external
)
else []
) nodes
);
cname = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
if builtins.hasAttr "skynet_dns" value.config
then (
if value.config.skynet_dns.enable
then value.config.skynet_dns.own.cname
else value.config.skynet_dns.records.cname
)
else []
) nodes
);
reverse = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
if builtins.hasAttr "skynet_dns" value.config
then (
if value.config.skynet_dns.enable
then value.config.skynet_dns.own.reverse
else value.config.skynet_dns.records.reverse
)
else []
) nodes
);
external = [
"${name} A ${ip_pub}"
];
reverse = [
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
];
};
};

59
machines/vigil.nix
View file

@ -16,9 +16,6 @@ let
ip_pub = "193.1.99.109";
ip_priv = "172.20.20.4";
hostname = "${name}.skynet.ie";
# sets which nameserver it is
ns = "ns2";
in {
imports = [
@ -40,62 +37,22 @@ in {
};
skynet_dns = {
enable = true;
server = {
enable = true;
# secondary dns server (ns2)
primary = false;
ip = ip_pub;
};
# this server will have to have dns records
own = {
nameserver = ns;
ip = ip_pub;
records = {
external = [
"${name} A ${ip_pub}"
"${ns} A ${ip_pub}"
];
cname = [
#"misc CNAME vendetta"
"${name} A ${ip_pub}"
];
reverse = [
"${builtins.substring 9 3 ip_pub} IN PTR ${hostname}."
];
};
records = {
# using the same logic as the firewall, comments there
external = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
if builtins.hasAttr "skynet_dns" value.config
then (
if value.config.skynet_dns.enable
then value.config.skynet_dns.own.external
else value.config.skynet_dns.records.external
)
else []
) nodes
);
cname = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
if builtins.hasAttr "skynet_dns" value.config
then (
if value.config.skynet_dns.enable
then value.config.skynet_dns.own.cname
else value.config.skynet_dns.records.cname
)
else []
) nodes
);
reverse = builtins.concatLists (
lib.attrsets.mapAttrsToList (key: value:
if builtins.hasAttr "skynet_dns" value.config
then (
if value.config.skynet_dns.enable
then value.config.skynet_dns.own.reverse
else value.config.skynet_dns.records.reverse
)
else []
) nodes
);
};
};
}