nix
/
lib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Handle IPv6 networks in SPF. 

And remove localhost.
This commit is contained in:
niten 2024-01-30 22:19:50 -08:00
parent 16a105a24e
commit c5d1d11137
1 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
lib/fudo/zones.nix
View File

@ -1,27 +1,32 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib; with lib;
let let zoneOpts = import ../types/zone-definition.nix { inherit lib; };
zoneOpts =
import ../types/zone-definition.nix { inherit lib; };
in { in {
options.fudo.zones = with types; mkOption { options.fudo.zones = with types;
type = attrsOf (submodule zoneOpts); mkOption {
description = "A map of network zone to zone definition."; type = attrsOf (submodule zoneOpts);
default = { }; description = "A map of network zone to zone definition.";
}; default = { };
};
config = let config = let
domain-name = config.instance.local-domain; domainName = config.instance.local-domain;
zoneName = config.domains."${domainName}".zone;
isLocal = ip: ip == "::1" || hasPrefix "127.";
# FIXME: ipv6? # FIXME: ipv6?
local-networks = config.instance.local-networks; localNetworks = filter (ip: !isLocal ip) config.instance.local-networks;
net-names = map (network: "ipv4:${network}") makeName = network:
local-networks; if !isNull (builtins.match ":" ip) then
local-net-string = concatStringsSep " " net-names; "ip6:${network}"
else
"ip4:${network}";
netNames = map makeName localNetworks;
localNetString = concatStringsSep " " netNames;
in { in {
fudo.zones.${domain-name}.verbatim-dns-records = [ fudo.zones."${zoneName}".verbatim-dns-records = [
''@ IN TXT "v=spf1 mx ${local-net-string} -all"'' ''@ IN TXT "v=spf1 mx ${localNetString} -all"''
''@ IN SPF "v=spf1 mx ${local-net-string} -all"'' ''@ IN SPF "v=spf1 mx ${localNetString} -all"''
]; ];
}; };
} }