nix/lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow specifying specific upstreams per-domain

Browse Source
This commit is contained in:
niten 2024-08-18 12:00:07 -07:00
parent ef116b2b14
commit 9eaea4c641
1 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
lib/fudo/adguard-dns-proxy.nix
View File

@ -4,7 +4,7 @@ with lib;
let let
cfg = config.fudo.adguard-dns-proxy; cfg = config.fudo.adguard-dns-proxy;
hostname = config.instance.hostname; inherit (config.instance) hostname;
get-basename = filename: get-basename = filename:
head (builtins.match "^[a-zA-Z0-9]+-(.+)$" (baseNameOf filename)); head (builtins.match "^[a-zA-Z0-9]+-(.+)$" (baseNameOf filename));
@ -41,7 +41,12 @@ let
}; };
generate-config = { dns, http, filters, verbose, upstream-dns, bootstrap-dns generate-config = { dns, http, filters, verbose, upstream-dns, bootstrap-dns
, blocked-hosts, enable-dnssec, local-domain-name, ... }: { , blocked-hosts, enable-dnssec, domain-upstreams, local-domain-name, ... }:
let
upstreamDnsEntries = mapAttrsToList (_: opts:
let domainClause = concatStringsSep "/" opts.domains;
in "[/${domainClause}/]${opts.upstream}") domain-upstreams;
in {
bind_host = http.listen-ip; bind_host = http.listen-ip;
bind_port = http.listen-port; bind_port = http.listen-port;
users = [{ users = [{
@ -55,7 +60,7 @@ let
dns = { dns = {
bind_hosts = dns.listen-ips; bind_hosts = dns.listen-ips;
port = dns.listen-port; port = dns.listen-port;
upstream_dns = upstream-dns; upstream_dns = upstream-dns ++ upstreamDnsEntries;
bootstrap_dns = bootstrap-dns; bootstrap_dns = bootstrap-dns;
enable_dnssec = enable-dnssec; enable_dnssec = enable-dnssec;
local_domain_name = local-domain-name; local_domain_name = local-domain-name;
@ -69,14 +74,14 @@ let
local_ptr_upstreams = cfg.dns.reverse-dns; local_ptr_upstreams = cfg.dns.reverse-dns;
}; };
tls.enabled = false; tls.enabled = false;
filters = imap1 (i: filter: { filters = imap1 (i:
enabled = true; { name, url, ... }: {
name = filter.name; enabled = true;
url = filter.url; inherit name url;
}) filters; }) filters;
dhcp.enabled = false; dhcp.enabled = false;
clients = [ ]; clients = [ ];
verbose = verbose; inherit verbose;
schema_version = 10; schema_version = 10;
}; };
@ -122,6 +127,24 @@ in {
}; };
}; };
domain-upstreams = mkOption {
type = attrsOf (submodule ({ name, ... }: {
options = {
domains = mkOption {
type = listOf str;
description =
"List of domains to route to a specific upstream DNS target.";
default = [ name ];
};
upstream = mkOption {
type = str;
description = "Upstream DNS target, in {ip}:{port} format.";
};
};
}));
};
filters = mkOption { filters = mkOption {
type = listOf (submodule filterOpts); type = listOf (submodule filterOpts);
description = "List of filters to apply to DNS traffic."; description = "List of filters to apply to DNS traffic.";