nix
/
lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make 'default-host' a full networkHost, not a str

This commit is contained in:
niten 2023-11-02 10:02:41 -07:00
parent cd1c104bce
commit a241c56c59
2 changed files with 48 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
lib/fudo/local-network.nix
View File

@ -92,13 +92,14 @@ in {
default = [ ];
};
zone-definition = let
zoneOpts = import ../types/zone-definition.nix { inherit lib; };
in mkOption {
type = submodule zoneOpts;
description = "Definition of network zone to be served by local server.";
default = { };
};
zone-definition =
let zoneOpts = import ../types/zone-definition.nix { inherit lib; };
in mkOption {
type = submodule zoneOpts;
description =
"Definition of network zone to be served by local server.";
default = { };
};
extra-records = mkOption {
type = listOf str;
@ -110,15 +111,16 @@ in {
config = mkIf cfg.enable {
fudo.system.hostfile-entries = let
other-hosts = filterAttrs
(hostname: hostOpts: hostname != config.instance.hostname)
other-hosts =
filterAttrs (hostname: hostOpts: hostname != config.instance.hostname)
cfg.zone-definition.hosts;
in mapAttrs' (hostname: hostOpts:
nameValuePair hostOpts.ipv4-address ["${hostname}.${cfg.domain}" hostname])
other-hosts;
nameValuePair hostOpts.ipv4-address [
"${hostname}.${cfg.domain}"
hostname
]) other-hosts;
services.dhcpd4 = let
zone = cfg.zone-definition;
services.dhcpd4 = let zone = cfg.zone-definition;
in {
enable = true;
@ -179,19 +181,22 @@ in {
'';
};
filterRedundantIps = official-hosts: hosts: let
host-by-ip = groupBy (hostOpts: hostOpts.ipv4-address) hosts;
in filter (hostOpts:
if (length (getAttr hostOpts.ipv4-address host-by-ip) == 1) then
true
else elem hostOpts.hostname official-hosts) hosts;
filterRedundantIps = official-hosts: hosts:
let host-by-ip = groupBy (hostOpts: hostOpts.ipv4-address) hosts;
in filter (hostOpts:
if (length (getAttr hostOpts.ipv4-address host-by-ip) == 1) then
true
else
elem hostOpts.hostname official-hosts) hosts;
ipTo24Block = ip:
concatStringsSep "." (reverseList (take 3 (splitString "." ip)));
hostsByBlock = official-hosts:
groupBy (host-data: ipTo24Block host-data.ipv4-address)
(filterRedundantIps official-hosts (attrValues zone.hosts));
(filterRedundantIps official-hosts (attrValues zone.hosts));
hostPtrRecord = host-data:
"${last (splitString "." host-data.ipv4-address)} IN PTR ${host-data.hostname}.${cfg.domain}.";
"${
last (splitString "." host-data.ipv4-address)
} IN PTR ${host-data.hostname}.${cfg.domain}.";
blockZones = official-hosts:
mapAttrsToList blockHostsToZone (hostsByBlock official-hosts);
@ -213,16 +218,18 @@ in {
domain-name = config.instance.local-domain;
domain-hosts =
attrNames
(filterAttrs (_: hostOpts:
hostOpts.domain == domain-name)
config.fudo.hosts);
domain-hosts = attrNames
(filterAttrs (_: hostOpts: hostOpts.domain == domain-name)
config.fudo.hosts);
in {
enable = true;
cacheNetworks = [ cfg.network "localhost" "localnets" ];
forwarders = [ "${cfg.recursive-resolver.host} port ${toString cfg.recursive-resolver.port}" ];
forwarders = [
"${cfg.recursive-resolver.host} port ${
toString cfg.recursive-resolver.port
}"
];
listenOn = cfg.dns-listen-ips;
listenOnIpv6 = cfg.dns-listen-ipv6s;
extraOptions = concatStringsSep "\n" [
@ -235,43 +242,11 @@ in {
master = true;
name = cfg.domain;
file = let
zone-data = pkgs.lib.dns.zoneToZonefile
config.instance.build-timestamp
cfg.domain
zone;
zone-data =
pkgs.lib.dns.zoneToZonefile config.instance.build-timestamp
cfg.domain zone;
in pkgs.writeText "zone-${cfg.domain}" zone-data;
# file = pkgs.writeText "${cfg.domain}-zone" ''
# @ IN SOA ns1.${cfg.domain}. hostmaster.${cfg.domain}. (
# ${toString config.instance.build-timestamp}
# 5m
# 2m
# 6w
# 5m)
# $TTL 1h
# @ IN NS ns1.${cfg.domain}.
# $ORIGIN ${cfg.domain}.
# $TTL 30m
# ${optionalString (zone.gssapi-realm != null)
# ''_kerberos IN TXT "${zone.gssapi-realm}"''}
# ${join-lines
# (imap1 (i: server-ip: "ns${toString i} IN A ${server-ip}")
# cfg.dns-servers)}
# ${join-lines (mapAttrsToList hostARecord zone.hosts)}
# ${join-lines (mapAttrsToList hostSshFpRecords zone.hosts)}
# ${join-lines (mapAttrsToList cnameRecord zone.aliases)}
# ${join-lines zone.verbatim-dns-records}
# ${pkgs.lib.dns.srvRecordsToBindZone zone.srv-records}
# ${join-lines cfg.extra-records}
# '';
}] ++ (optionals
cfg.enable-reverse-mappings
(blockZones domain-hosts));
}] ++ (optionals cfg.enable-reverse-mappings (blockZones domain-hosts));
};
};
}

21
lib/types/zone-definition.nix
View File

@ -50,11 +50,8 @@ let
nameservers = mkOption {
type = listOf str;
description = "List of zone nameservers.";
example = [
"ns1.fudo.org."
"10.0.0.1"
];
default = [];
example = [ "ns1.fudo.org." "10.0.0.1" ];
default = [ ];
};
srv-records = mkOption {
@ -91,12 +88,10 @@ let
port = 443;
}
];
rspamd = [
{
host = "mail-host.my-domain.com";
port = 443;
}
];
rspamd = [{
host = "mail-host.my-domain.com";
port = 443;
}];
};
default = { };
};
@ -127,7 +122,7 @@ let
};
default-host = mkOption {
type = nullOr str;
type = nullOr (submodule networkHostOpts);
description =
"IP of the host which will act as the default server for this domain, if any.";
default = null;
@ -165,7 +160,7 @@ let
subdomains = mkOption {
type = attrsOf (submodule zoneOpts);
description = "Subdomains of the current zone.";
default = {};
default = { };
};
};
};