/* Name: https://masseffect.fandom.com/wiki/Vendetta Why: Vendetta held troves of important data waiting for folks to request it. Type: Physical Hardware: PowerEdge r210 From: 2011 (?) Role: DNS Server Notes: Using the server that used to be called Earth */ { pkgs, lib, nodes, ... }: let # name of the server, sets teh hostname and record for it name = "vendetta"; ip_pub = "193.1.99.120"; ip_priv = "172.20.20.3"; hostname = "${name}.skynet.ie"; # sets which nameserver it is ns = "ns1"; in { imports = [ # the physical hardware for this ./hardware/RM002.nix # applications for this particular server ../applications/firewall.nix ../applications/dns.nix ]; deployment = { targetHost = hostname; targetPort = 22; targetUser = "root"; tags = [ "active" "dns" ]; }; networking = { # needs to have an address statically assigned interfaces = { eno1 = { ipv4.addresses = [ { address = "193.1.99.120"; prefixLength = 26; } ]; }; }; }; # open the firewall for this skynet_firewall.forward = [ "ip daddr ${ip_pub} tcp dport 53 counter packets 0 bytes 0 accept" "ip daddr ${ip_pub} udp dport 53 counter packets 0 bytes 0 accept" ]; skynet_dns = { enable = true; # this server will have to have dns records own = { nameserver = ns; external = [ "${name} A ${ip_pub}" "${ns} A ${ip_pub}" # needs this, temporally "mail A ${ip_pub}" ]; cname = [ #"misc CNAME vendetta" ]; reverse = [ "${builtins.substring 9 3 ip_pub} IN PTR ${name}" ]; }; records = { # using the same logic as the firewall, comments there external = builtins.concatLists ( lib.attrsets.mapAttrsToList (key: value: if builtins.hasAttr "skynet_dns" value.config then ( if value.config.skynet_dns.enable then value.config.skynet_dns.own.external else value.config.skynet_dns.records.external ) else [] ) nodes ); cname = builtins.concatLists ( lib.attrsets.mapAttrsToList (key: value: if builtins.hasAttr "skynet_dns" value.config then ( if value.config.skynet_dns.enable then value.config.skynet_dns.own.cname else value.config.skynet_dns.records.cname ) else [] ) nodes ); }; }; }