Allow DNS for non skynet.ie domains #122

Merged
silver merged 12 commits from #55-non-skynet-dns into main 2024-07-17 19:08:53 +00:00
Showing only changes of commit 4c8ebb455e - Show all commits

View file

@ -28,9 +28,9 @@
]; ];
# gets a list of records that match this type # gets a list of records that match this type
filter_records_type = r_type: builtins.filter (x: x.r_type == r_type) records; filter_records_type = records: r_type: builtins.filter (x: x.r_type == r_type) records;
filter_records_server = builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type "A"); filter_records_server = records: builtins.filter (x: builtins.hasAttr "server" x && x.server) (filter_records_type records "A");
filter_records_a = builtins.filter (x: builtins.hasAttr "server" x && !x.server) (filter_records_type "A"); filter_records_a = records: builtins.filter (x: builtins.hasAttr "server" x && !x.server) (filter_records_type records "A");
process_ptr = records: lib.lists.forEach records (x: process_ptr_sub x); process_ptr = records: lib.lists.forEach records (x: process_ptr_sub x);
process_ptr_sub = record: { process_ptr_sub = record: {
@ -40,11 +40,11 @@
}; };
ip_ptr_to_int = ip: lib.strings.toInt (builtins.substring 9 3 ip); ip_ptr_to_int = ip: lib.strings.toInt (builtins.substring 9 3 ip);
sort_records_server = builtins.sort (a: b: a.record < b.record) filter_records_server; sort_records_server = records: builtins.sort (a: b: a.record < b.record) (filter_records_server records);
sort_records_a = builtins.sort (a: b: (ip_ptr_to_int a.value) < (ip_ptr_to_int b.value)) filter_records_a; sort_records_a = records: builtins.sort (a: b: (ip_ptr_to_int a.value) < (ip_ptr_to_int b.value)) (filter_records_a records);
sort_records_cname = builtins.sort (a: b: a.value < b.value) (filter_records_type "CNAME"); sort_records_cname = records: builtins.sort (a: b: a.value < b.value) (filter_records_type records "CNAME");
sort_records_ptr = builtins.sort (a: b: (lib.strings.toInt a.record) < (lib.strings.toInt b.record)) (process_ptr (filter_records_type "PTR")); sort_records_ptr = records: builtins.sort (a: b: (lib.strings.toInt a.record) < (lib.strings.toInt b.record)) (process_ptr (filter_records_type records "PTR"));
sort_records_srv = builtins.sort (a: b: a.record < b.record) (filter_records_type "SRV"); sort_records_srv = records: builtins.sort (a: b: a.record < b.record) (filter_records_type records "SRV");
max = x: y: max = x: y:
assert builtins.isInt x; assert builtins.isInt x;
@ -74,7 +74,7 @@
# base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie) # base config for domains we own (skynet.ie, csn.ul.ie, ulcompsoc.ie)
get_config_file = ( get_config_file = (
domain: '' domain: records: ''
$TTL 60 ; 1 minute $TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns ; hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${nameserver}.skynet.ie. hostmaster.skynet.ie. ( @ IN SOA ${nameserver}.skynet.ie. hostmaster.skynet.ie. (
@ -93,32 +93,32 @@
; ------------------------------------------ ; ------------------------------------------
; Server Names (A Records) ; Server Names (A Records)
; ------------------------------------------ ; ------------------------------------------
${format_records sort_records_server} ${format_records (sort_records_server records)}
; ------------------------------------------ ; ------------------------------------------
; A (non server names ; A (non server names
; ------------------------------------------ ; ------------------------------------------
${format_records sort_records_a} ${format_records (sort_records_a records)}
; ------------------------------------------ ; ------------------------------------------
; CNAMES ; CNAMES
; ------------------------------------------ ; ------------------------------------------
${format_records sort_records_cname} ${format_records (sort_records_cname records)}
; ------------------------------------------ ; ------------------------------------------
; TXT ; TXT
; ------------------------------------------ ; ------------------------------------------
${format_records (filter_records_type "TXT")} ${format_records (filter_records_type records "TXT")}
; ------------------------------------------ ; ------------------------------------------
; MX ; MX
; ------------------------------------------ ; ------------------------------------------
${format_records (filter_records_type "MX")} ${format_records (filter_records_type records "MX")}
; ------------------------------------------ ; ------------------------------------------
; SRV ; SRV
; ------------------------------------------ ; ------------------------------------------
${format_records sort_records_srv} ${format_records (sort_records_srv records)}
'' ''
@ -146,27 +146,7 @@
; ------------------------------------------ ; ------------------------------------------
; PTR ; PTR
; ------------------------------------------ ; ------------------------------------------
${format_records sort_records_ptr} ${format_records (sort_records_ptr records)}
''
);
# domains we dont have proper ownship over, only here to ensure the logs dont get cluttered.
get_config_file_old_domains = (
domain: ''
$TTL 60 ; 1 minute
; hostmaster@skynet.ie is an email address that recieves stuff related to dns
@ IN SOA ${nameserver}.skynet.ie. hostmaster.skynet.ie. (
; Serial (YYYYMMDDCC) this has to be updated for each time the record is updated
${current_date}
600 ; Refresh (10 minutes)
300 ; Retry (5 minutes)
604800 ; Expire (1 week)
3600 ; Minimum (1 hour)
)
@ NS ns1.skynet.ie.
@ NS ns2.skynet.ie.
'' ''
); );
@ -212,13 +192,13 @@
# (text.owned "csn.ul.ie") # (text.owned "csn.ul.ie")
# standard function to create the etc file, pass in the text and domain and it makes it # standard function to create the etc file, pass in the text and domain and it makes it
create_entry_etc = domain: type: create_entry_etc = domain: type: let
domain_records = lib.lists.filter (x: x.domain == domain) records;
in
if type == "owned" if type == "owned"
then create_entry_etc_sub domain (text.owned domain) then create_entry_etc_sub domain (get_config_file domain domain_records)
else if type == "reverse" else if type == "reverse"
then create_entry_etc_sub domain (text.reverse domain) then create_entry_etc_sub domain (get_config_file_rev domain)
else if type == "old"
then create_entry_etc_sub domain (text.old domain)
else {}; else {};
create_entry_zone = domain: let create_entry_zone = domain: let
@ -248,12 +228,6 @@
}; };
}; };
text = {
owned = domain: get_config_file domain;
reverse = domain: get_config_file_rev domain;
old = domain: get_config_file_old_domains domain;
};
records = records =
config.skynet.records config.skynet.records
++ builtins.concatLists ( ++ builtins.concatLists (
@ -362,13 +336,14 @@ in {
] ]
); );
environment.etc = environment.etc = lib.attrsets.mergeAttrsList (
(create_entry_etc "csn.ul.ie" "owned") # uses teh domains lsited in teh records
// (create_entry_etc "skynet.ie" "owned") (lib.lists.forEach domains (domain: (create_entry_etc domain "owned")))
// (create_entry_etc "ulcompsoc.ie" "owned") # we have to do a reverse dns
// (create_entry_etc "64-64.99.1.193.in-addr.arpa" "reverse") ++ [
// (create_entry_etc "conradcollins.net" "old") (create_entry_etc "64-64.99.1.193.in-addr.arpa" "reverse")
// (create_entry_etc "edelharty.net" "old"); ]
);
# secrets required # secrets required
age.secrets.dns_dnskeys = { age.secrets.dns_dnskeys = {