nix
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Getting closer to shared network-definition

This commit is contained in:
Niten 2021-02-28 00:15:26 -06:00
parent 1351bc2878
commit 36dbcb34ef
3 changed files with 32 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
lib/fudo/dns.nix
View File

@ -7,125 +7,15 @@ let
join-lines = concatStringsSep "\n";
hostOpts = { host, ... }: {
options = {
ip-addresses = mkOption {
type = with types; listOf str;
description = ''
A list of IPv4 addresses assigned to this host.
'';
default = [ ];
};
ipv6-addresses = mkOption {
type = with types; listOf str;
description = ''
A list of IPv6 addresses assigned to this host.
'';
default = [ ];
};
ssh-fingerprints = mkOption {
type = with types; listOf str;
description = ''
A list of DNS SSHFP records for this host.
'';
default = [ ];
};
description = mkOption {
type = with types; nullOr str;
description = "Description of this host for a TXT record.";
default = null;
};
rp = mkOption {
type = with types; nullOr str;
description = "Responsible person.";
default = null;
};
};
};
srvRecordOpts = with types; {
options = {
weight = mkOption {
type = int;
description = "Weight relative to other records.";
default = 1;
};
priority = mkOption {
type = int;
description = "Priority to give this record.";
default = 0;
};
port = mkOption {
type = port;
description = "Port to use while connecting to this service.";
};
host = mkOption {
type = str;
description = "Host that provides this service.";
example = "my-host.my-domain.com";
};
};
};
domainOpts = { domain, ... }:
with types; {
options = {
hosts = mkOption {
type = loaOf (submodule hostOpts);
default = { };
description = "A map of hostname to { host_attributes }.";
};
dnssec = mkOption {
type = bool;
description = "Enable DNSSEC security for this zone.";
default = true;
};
mx = mkOption {
type = listOf str;
description = "A list of mail servers serving this domain.";
default = [ ];
};
srv-records = mkOption {
type = attrsOf (attrsOf (listOf (submodule srvRecordOpts)));
description = "Map of traffic type to srv records.";
default = { };
example = {
tcp = {
kerberos = {
port = 88;
host = "auth-host.my-domain.com";
};
};
};
};
aliases = mkOption {
type = loaOf str;
default = { };
description = "A mapping of host-alias => hostnames to add to DNS.";
example = {
"music" = "host.dom.com.";
"mail" = "hostname";
};
};
extra-dns-records = mkOption {
type = listOf str;
description = "Records to be inserted verbatim into the DNS zone.";
example = [ "some-host IN CNAME base-host" ];
default = [ ];
};
dmarc-report-address = mkOption {
type = nullOr str;
description = "The email to use to recieve DMARC reports, if any.";
@ -133,11 +23,9 @@ let
default = null;
};
default-host = mkOption {
type = nullOr str;
description =
"IP of the host which will act as the default server for this domain, if any.";
default = null;
network-definition = mkOption {
type = submodule (import ../types/network-definition.nix);
description = "Definition of network to be served by local server.";
};
};
};

101
lib/fudo/local-network.nix
View File

@ -10,91 +10,47 @@ let
join-lines = concatStringsSep "\n";
hostOpts = { hostname, ... }: {
options = {
ip-address = mkOption {
type = types.str;
description = ''
The V4 IP of a given host, if any.
'';
};
mac-address = mkOption {
type = with types; nullOr types.str;
description = ''
The MAC address of a given host, if desired for IP reservation.
'';
default = null;
};
ssh-fingerprints = mkOption {
type = with types; listOf str;
description = "A list of DNS SSHFP records for this host.";
default = [ ];
};
};
};
traceout = out: builtins.trace out out;
in {
options.fudo.local-network = {
options.fudo.local-network = with types; {
enable = mkEnableOption "Enable local network configuration (DHCP & DNS).";
hosts = mkOption {
type = with types; attrsOf (submodule hostOpts);
default = { };
description = "A map of hostname => { host_attributes }.";
};
domain = mkOption {
type = types.str;
type = str;
description = "The domain to use for the local network.";
};
dns-servers = mkOption {
type = with types; listOf str;
type = listOf str;
description =
"A list of domain name server to use for the local network.";
};
dhcp-interfaces = mkOption {
type = with types; listOf str;
type = listOf str;
description = "A list of interfaces on which to serve DHCP.";
};
dns-serve-ips = mkOption {
type = with types; listOf str;
dns-listen-ips = mkOption {
type = listOf str;
description = "A list of IPs on which to server DNS queries.";
};
gateway = mkOption {
type = types.str;
type = str;
description = "The gateway to use for the local network.";
};
aliases = mkOption {
type = with types; attrsOf str;
default = { };
description =
"A mapping of host-alias => hostname to use on the local network.";
};
network = mkOption {
type = types.str;
type = str;
description = "Network to treat as local.";
};
enable-reverse-mappings = mkOption {
type = types.bool;
description = "Genereate PTR reverse lookup records.";
default = false;
};
dhcp-dynamic-network = mkOption {
type = types.str;
type = str;
description = ''
The network from which to dynamically allocate IPs via DHCP.
@ -102,45 +58,34 @@ in {
'';
};
enable-reverse-mappings = mkOption {
type = bool;
description = "Genereate PTR reverse lookup records.";
default = false;
};
recursive-resolver = mkOption {
type = types.str;
type = str;
description = "DNS nameserver to use for recursive resolution.";
};
server-ip = mkOption {
type = types.str;
type = str;
description = "IP of the DNS server.";
};
extra-dns-records = mkOption {
type = with types; listOf str;
description = "Records to be inserted verbatim into the DNS zone.";
example = [ "some-host IN CNAME other-host" ];
default = [ ];
};
srv-records = mkOption {
type = dns.srvRecords;
description = "Map of traffic type to srv records.";
default = { };
example = {
tcp = {
kerberos = {
port = 88;
host = "auth-host.my-domain.com";
};
};
};
};
search-domains = mkOption {
type = with types; listOf str;
type = listOf str;
description = "A list of domains to search for DNS names.";
example = [ "my-domain.com" "other-domain.com" ];
default = [ ];
};
# TODO: srv records
network-definition = mkOption {
type =
submodule (import ../types/network-definition.nix { inherit lib; });
description = "Definition of network to be served by local server.";
};
};
config = mkIf cfg.enable {

6
lib/types/network-definition.nix
View File

@ -115,5 +115,11 @@ in {
"IP of the host which will act as the default server for this domain, if any.";
default = null;
};
mx = mkOption {
type = listOf str;
description = "A list of mail servers serving this domain.";
default = [ ];
};
};
}