dns: a function to give thw whitelist for the cache networks

This commit is contained in:
silver 2023-05-21 20:22:54 +01:00
parent 126db6e3cb
commit e47f2c85f2

View file

@ -5,6 +5,7 @@ let
# reads that date to a string (will need to be fixed in 2038) # reads that date to a string (will need to be fixed in 2038)
current_date = toString builtins.currentTime; current_date = toString builtins.currentTime;
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
get_config_file = (domain: get_config_file = (domain:
'' ''
$TTL 60 ; 1 minute $TTL 60 ; 1 minute
@ -56,6 +57,7 @@ let
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/4/html/reference_guide/s2-bind-configuration-zone-reverse # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/4/html/reference_guide/s2-bind-configuration-zone-reverse
# config for our reverse dnspointers (not properly working)
get_config_file_rev = (domain: get_config_file_rev = (domain:
'' ''
$ORIGIN 99.1.193.in-addr.arpa. $ORIGIN 99.1.193.in-addr.arpa.
@ -77,6 +79,7 @@ let
'' ''
); );
# domains we dont have proper ownship over, only here to ensure the logs dont get cluttered.
get_config_file_old_domains = (domain: get_config_file_old_domains = (domain:
'' ''
$TTL 60 ; 1 minute $TTL 60 ; 1 minute
@ -119,6 +122,8 @@ let
[] []
); );
# small function to tidy up the spam of the cache networks, would use teh subnet except all external traffic has the ip of teh router
create_cache_networks = (map (x: "193.1.99.${toString x}/32" ) (lib.lists.range 71 126) );
in { in {
options = { options = {
@ -256,78 +261,10 @@ in {
So to fix this we need to allow smaller ranges? - Didnt work So to fix this we need to allow smaller ranges? - Didnt work
Fallback is explisitly listing each ip we have Fallback is explisitly listing each ip we have
Now have a function for it
*/ */
] ++ create_cache_networks;
"193.1.99.71/32"
"193.1.99.72/32"
"193.1.99.73/32"
"193.1.99.71/32"
"193.1.99.74/32"
"193.1.99.75/32"
"193.1.99.76/32"
"193.1.99.77/32"
"193.1.99.78/32"
"193.1.99.79/32"
"193.1.99.80/32"
"193.1.99.81/32"
"193.1.99.82/32"
"193.1.99.83/32"
"193.1.99.81/32"
"193.1.99.84/32"
"193.1.99.85/32"
"193.1.99.86/32"
"193.1.99.87/32"
"193.1.99.88/32"
"193.1.99.89/32"
"193.1.99.90/32"
"193.1.99.91/32"
"193.1.99.92/32"
"193.1.99.93/32"
"193.1.99.91/32"
"193.1.99.94/32"
"193.1.99.95/32"
"193.1.99.96/32"
"193.1.99.97/32"
"193.1.99.98/32"
"193.1.99.99/32"
"193.1.99.100/32"
"193.1.99.101/32"
"193.1.99.102/32"
"193.1.99.103/32"
"193.1.99.101/32"
"193.1.99.104/32"
"193.1.99.105/32"
"193.1.99.106/32"
"193.1.99.107/32"
"193.1.99.108/32"
"193.1.99.109/32"
"193.1.99.110/32"
"193.1.99.111/32"
"193.1.99.112/32"
"193.1.99.113/32"
"193.1.99.111/32"
"193.1.99.114/32"
"193.1.99.115/32"
"193.1.99.116/32"
"193.1.99.117/32"
"193.1.99.118/32"
"193.1.99.119/32"
"193.1.99.120/32"
"193.1.99.121/32"
"193.1.99.122/32"
"193.1.99.123/32"
"193.1.99.121/32"
"193.1.99.124/32"
"193.1.99.125/32"
"193.1.99.126/32"
];
zones = { zones = {
/* /*