Allow DNS for non skynet.ie domains #122
1 changed files with 33 additions and 25 deletions
|
@ -11,6 +11,22 @@
|
|||
# reads that date to a string (will need to be fixed in 2038)
|
||||
current_date = lib.readFile "${pkgs.runCommand "timestamp" {} "echo -n `date +%s` > $out"}";
|
||||
|
||||
# this gets a list of all domains we have records for
|
||||
domains = lib.lists.naturalSort (
|
||||
lib.lists.unique (
|
||||
lib.lists.forEach records (record: record.domain)
|
||||
)
|
||||
);
|
||||
|
||||
domains_owned = [
|
||||
# for historic reasons we own this
|
||||
"csn.ul.ie"
|
||||
# the main one we use now
|
||||
"skynet.ie"
|
||||
# a backup
|
||||
"ulcompsoc.ie"
|
||||
];
|
||||
|
||||
# gets a list of records that match this type
|
||||
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records;
|
||||
filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A");
|
||||
|
@ -205,10 +221,19 @@
|
|||
then create_entry_etc_sub domain (text.old domain)
|
||||
else {};
|
||||
|
||||
create_entry_zone = domain: extraConfig: {
|
||||
create_entry_zone = domain: let
|
||||
if_primary_and_owned =
|
||||
if cfg.server.primary && (lib.lists.any (item: item == domain) domains_owned)
|
||||
then ''
|
||||
allow-update { key rfc2136key.skynet.ie.; };
|
||||
dnssec-policy default;
|
||||
inline-signing yes;
|
||||
''
|
||||
else "";
|
||||
in {
|
||||
"${domain}" = {
|
||||
extraConfig = ''
|
||||
${extraConfig}
|
||||
${if_primary_and_owned}
|
||||
// for bumping the config
|
||||
// ${current_date}
|
||||
'';
|
||||
|
@ -229,23 +254,6 @@
|
|||
old = domain: get_config_file_old_domains domain;
|
||||
};
|
||||
|
||||
extraConfig = {
|
||||
owned =
|
||||
if cfg.server.primary
|
||||
then ''
|
||||
allow-update { key rfc2136key.skynet.ie.; };
|
||||
|
||||
dnssec-policy default;
|
||||
inline-signing yes;
|
||||
''
|
||||
else "";
|
||||
|
||||
# no extra config for reverse
|
||||
reverse = "";
|
||||
|
||||
old = "";
|
||||
};
|
||||
|
||||
records =
|
||||
config.skynet.records
|
||||
++ builtins.concatLists (
|
||||
|
@ -344,12 +352,12 @@ in {
|
|||
];
|
||||
|
||||
services.bind.zones =
|
||||
(create_entry_zone "csn.ul.ie" extraConfig.owned)
|
||||
// (create_entry_zone "skynet.ie" extraConfig.owned)
|
||||
// (create_entry_zone "ulcompsoc.ie" extraConfig.owned)
|
||||
// (create_entry_zone "64-64.99.1.193.in-addr.arpa" extraConfig.reverse)
|
||||
// (create_entry_zone "conradcollins.net" extraConfig.old)
|
||||
// (create_entry_zone "edelharty.net" extraConfig.old);
|
||||
(create_entry_zone "csn.ul.ie")
|
||||
// (create_entry_zone "skynet.ie")
|
||||
// (create_entry_zone "ulcompsoc.ie")
|
||||
// (create_entry_zone "64-64.99.1.193.in-addr.arpa")
|
||||
// (create_entry_zone "conradcollins.net")
|
||||
// (create_entry_zone "edelharty.net");
|
||||
|
||||
environment.etc =
|
||||
(create_entry_etc "csn.ul.ie" "owned")
|
||||
|
|
Loading…
Reference in a new issue