Allow DNS for non skynet.ie domains #122

Merged
silver merged 12 commits from #55-non-skynet-dns into main 2024-07-17 19:08:53 +00:00
Showing only changes of commit 2a8a7cc7f4 - Show all commits

View file

@ -11,6 +11,22 @@
# reads that date to a string (will need to be fixed in 2038)
current_date = lib.readFile "${pkgs.runCommand "timestamp" {} "echo -n `date +%s` > $out"}";
# this gets a list of all domains we have records for
domains = lib.lists.naturalSort (
lib.lists.unique (
lib.lists.forEach records (record: record.domain)
)
);
domains_owned = [
# for historic reasons we own this
"csn.ul.ie"
# the main one we use now
"skynet.ie"
# a backup
"ulcompsoc.ie"
];
# gets a list of records that match this type
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A");
@ -205,10 +221,19 @@
then create_entry_etc_sub domain (text.old domain)
else {};
create_entry_zone = domain: extraConfig: {
create_entry_zone = domain: let
if_primary_and_owned =
if cfg.server.primary && (lib.lists.any (item: item == domain) domains_owned)
then ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
''
else "";
in {
"${domain}" = {
extraConfig = ''
${extraConfig}
${if_primary_and_owned}
// for bumping the config
// ${current_date}
'';
@ -229,23 +254,6 @@
old = domain: get_config_file_old_domains domain;
};
extraConfig = {
owned =
if cfg.server.primary
then ''
allow-update { key rfc2136key.skynet.ie.; };
dnssec-policy default;
inline-signing yes;
''
else "";
# no extra config for reverse
reverse = "";
old = "";
};
records =
config.skynet.records
++ builtins.concatLists (
@ -344,12 +352,12 @@ in {
];
services.bind.zones =
(create_entry_zone "csn.ul.ie" extraConfig.owned)
// (create_entry_zone "skynet.ie" extraConfig.owned)
// (create_entry_zone "ulcompsoc.ie" extraConfig.owned)
// (create_entry_zone "64-64.99.1.193.in-addr.arpa" extraConfig.reverse)
// (create_entry_zone "conradcollins.net" extraConfig.old)
// (create_entry_zone "edelharty.net" extraConfig.old);
(create_entry_zone "csn.ul.ie")
// (create_entry_zone "skynet.ie")
// (create_entry_zone "ulcompsoc.ie")
// (create_entry_zone "64-64.99.1.193.in-addr.arpa")
// (create_entry_zone "conradcollins.net")
// (create_entry_zone "edelharty.net");
environment.etc =
(create_entry_etc "csn.ul.ie" "owned")