Modifications for shared zone gen
This commit is contained in:
parent
333db8717c
commit
9adef243c8
|
|
@ -125,7 +125,11 @@ in {
|
|||
in nameValuePair "${dom}." {
|
||||
dnssec = dom-cfg.dnssec;
|
||||
|
||||
data = pkgs.lib.dns.networkToZone dom dom-cfg;
|
||||
data =
|
||||
pkgs.lib.dns.zoneToZonefile
|
||||
config.instance.build-timestamp
|
||||
dom
|
||||
dom-cfg.zone-definition;
|
||||
|
||||
# data = ''
|
||||
# $ORIGIN ${dom}.
|
||||
|
|
|
|||
|
|
@ -78,12 +78,24 @@ let
|
|||
default = null;
|
||||
};
|
||||
|
||||
secondary-nameservers = mkOption {
|
||||
type = listOf str;
|
||||
description = "List of hostnames of slave nameservers for this domain.";
|
||||
default = [];
|
||||
};
|
||||
|
||||
primary-mailserver = mkOption {
|
||||
type = nullOr str;
|
||||
description = "Hostname of the primary mail server for this domain.";
|
||||
default = null;
|
||||
};
|
||||
|
||||
xmpp-servers = mkOption {
|
||||
type = listOf str;
|
||||
description = "Hostnames of the domain XMPP servers.";
|
||||
default = [];
|
||||
};
|
||||
|
||||
zone = mkOption {
|
||||
type = nullOr str;
|
||||
description = "Name of the DNS zone associated with domain.";
|
||||
|
|
|
|||
|
|
@ -230,23 +230,6 @@ in {
|
|||
target-file = "/run/ejabberd/environment/config-passwords.env";
|
||||
user = cfg.user;
|
||||
};
|
||||
|
||||
# system = {
|
||||
# services.ejabberd-config-generator = let
|
||||
# config-generator =
|
||||
# enter-secrets config-file-template cfg.secret-files cfg.config-file;
|
||||
# in {
|
||||
# script = "${config-generator}";
|
||||
# readWritePaths = [ config-dir ];
|
||||
# workingDirectory = config-dir;
|
||||
# user = cfg.user;
|
||||
# description = "Generate ejabberd config file with necessary passwords.";
|
||||
# postStart = ''
|
||||
# chown ${cfg.user}:${cfg.group} ${cfg.config-file}
|
||||
# chmod 0400 ${cfg.config-file}
|
||||
# '';
|
||||
# };
|
||||
# };
|
||||
};
|
||||
|
||||
systemd = {
|
||||
|
|
|
|||
|
|
@ -46,9 +46,8 @@ let
|
|||
};
|
||||
|
||||
hostRecords = hostname: nethost-data: let
|
||||
sshfp-records = optionals (hasAttr hosttname config.fudo.hosts)
|
||||
(map (sshfp: "${hostname} IN SSHFP ${sshfp}")
|
||||
config.fudo.hosts.${hostname}.ssh-fingerprints);
|
||||
sshfp-records = map (sshfp: "${hostname} IN SSHFP ${sshfp}")
|
||||
nethost-data.sshfp-records;
|
||||
a-record = optional (nethost-data.ipv4-address != null)
|
||||
"${hostname} IN A ${nethost-data.ipv4-address}";
|
||||
aaaa-record = optional (nethost-data.ipv6-address != null)
|
||||
|
|
@ -77,7 +76,7 @@ let
|
|||
"${host} IN A ${hostOpts.ipv4-address}";
|
||||
aaaa-record = host: hostOpts: optional (hostOpts.ipv6-address != null)
|
||||
"${host} IN A ${hostOpts.ipv6-address}";
|
||||
description-record = host: hostOpts: (hostOpts.description != null)
|
||||
description-record = host: hostOpts: optional (hostOpts.description != null)
|
||||
''${host} IN TXT "${hostOpts.description}"'';
|
||||
in flatmapAttrsToList
|
||||
(host: hostOpts:
|
||||
|
|
@ -94,34 +93,34 @@ let
|
|||
} ${record.host}.";
|
||||
};
|
||||
|
||||
domain-record = dom: domCfg: ''
|
||||
domain-record = dom: zone: ''
|
||||
$ORIGIN ${dom}.
|
||||
$TTL ${domCfg.default-ttl}
|
||||
$TTL ${zone.default-ttl}
|
||||
|
||||
${optionalString (domCfg.default-host != null)
|
||||
"@ IN A ${domCfg.default-host}"}
|
||||
${optionalString (zone.default-host != null)
|
||||
"@ IN A ${zone.default-host}"}
|
||||
|
||||
${mxRecords domCfg.mx}
|
||||
${join-lines (mxRecords zone.mx)}
|
||||
|
||||
${optionalString (domCfg.gssapi-realm != null)
|
||||
''_kerberos IN TXT "${domCfg.gssapi-realm}"''}
|
||||
${optionalString (zone.gssapi-realm != null)
|
||||
''_kerberos IN TXT "${zone.gssapi-realm}"''}
|
||||
|
||||
$TTL ${domCfg.host-record-ttl}
|
||||
$TTL ${zone.host-record-ttl}
|
||||
|
||||
${nsRecords dom domCfg.nameservers}
|
||||
${join-lines (nsRecords dom zone.nameservers)}
|
||||
|
||||
${nsARecords dom domCfg.nameservers}
|
||||
${join-lines (nsARecords dom zone.nameservers)}
|
||||
|
||||
${dmarcRecord domCfg.dmarc-report-address}
|
||||
${dmarcRecord zone.dmarc-report-address}
|
||||
|
||||
${join-lines (mapAttrsToList makeSrvProtocolRecords domCfg.srv-records)}
|
||||
${join-lines (mapAttrsToList hostRecords domCfg.hosts)}
|
||||
${join-lines (mapAttrsToList cnameRecord domCfg.aliases)}
|
||||
${join-lines domCfg.verbatim-dns-records}
|
||||
${join-lines (mapAttrsToList makeSrvProtocolRecords zone.srv-records)}
|
||||
${join-lines (mapAttrsToList hostRecords zone.hosts)}
|
||||
${join-lines (mapAttrsToList cnameRecord zone.aliases)}
|
||||
${join-lines zone.verbatim-dns-records}
|
||||
|
||||
${join-lines (mapAttrsToList
|
||||
(subdom: subdomCfg: subdomain-record "${subdom}.${dom}" subdomCfg)
|
||||
domCfg.subdomains)}
|
||||
zone.subdomains)}
|
||||
'';
|
||||
|
||||
in rec {
|
||||
|
|
@ -140,17 +139,17 @@ in rec {
|
|||
(service: records: map (srvRecordPair domain protocol service) records) services)
|
||||
srvRecords);
|
||||
|
||||
networkToZone = dom: domCfg: pkgs.writeText "zone-${dom}" ''
|
||||
$ORIGIN ${dom}
|
||||
$TTL ${domCfg.default-ttl}
|
||||
zoneToZonefile = timestamp: dom: zone: ''
|
||||
$ORIGIN ${dom}.
|
||||
$TTL ${zone.default-ttl}
|
||||
|
||||
@ IN SOA ns1.${dom}. hostmaster.${dom}. (
|
||||
${toString config.instance.build-timestamp}
|
||||
${toString timestamp}
|
||||
30m
|
||||
2m
|
||||
3w
|
||||
5m)
|
||||
|
||||
${domain-record dom domCfg}
|
||||
${domain-record dom zone}
|
||||
'';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,5 +28,11 @@ with lib;
|
|||
description = "Description of the host.";
|
||||
default = null;
|
||||
};
|
||||
|
||||
sshfp-records = mkOption {
|
||||
type = listOf str;
|
||||
description = "List of SSHFP records for this host.";
|
||||
default = [];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue