From 36dbcb34ef6a70d36e1c6f26a4302231923256ad Mon Sep 17 00:00:00 2001 From: Niten Date: Sun, 28 Feb 2021 00:15:26 -0600 Subject: [PATCH] Getting closer to shared network-definition --- lib/fudo/dns.nix | 118 +------------------------------ lib/fudo/local-network.nix | 101 ++++++-------------------- lib/types/network-definition.nix | 6 ++ 3 files changed, 32 insertions(+), 193 deletions(-) diff --git a/lib/fudo/dns.nix b/lib/fudo/dns.nix index 8188bce..de3ffa6 100644 --- a/lib/fudo/dns.nix +++ b/lib/fudo/dns.nix @@ -7,125 +7,15 @@ let join-lines = concatStringsSep "\n"; - hostOpts = { host, ... }: { - options = { - ip-addresses = mkOption { - type = with types; listOf str; - description = '' - A list of IPv4 addresses assigned to this host. - ''; - default = [ ]; - }; - - ipv6-addresses = mkOption { - type = with types; listOf str; - description = '' - A list of IPv6 addresses assigned to this host. - ''; - default = [ ]; - }; - - ssh-fingerprints = mkOption { - type = with types; listOf str; - description = '' - A list of DNS SSHFP records for this host. - ''; - default = [ ]; - }; - - description = mkOption { - type = with types; nullOr str; - description = "Description of this host for a TXT record."; - default = null; - }; - - rp = mkOption { - type = with types; nullOr str; - description = "Responsible person."; - default = null; - }; - }; - }; - - srvRecordOpts = with types; { - options = { - weight = mkOption { - type = int; - description = "Weight relative to other records."; - default = 1; - }; - - priority = mkOption { - type = int; - description = "Priority to give this record."; - default = 0; - }; - - port = mkOption { - type = port; - description = "Port to use while connecting to this service."; - }; - - host = mkOption { - type = str; - description = "Host that provides this service."; - example = "my-host.my-domain.com"; - }; - }; - }; - domainOpts = { domain, ... }: with types; { options = { - hosts = mkOption { - type = loaOf (submodule hostOpts); - default = { }; - description = "A map of hostname to { host_attributes }."; - }; - dnssec = mkOption { type = bool; description = "Enable DNSSEC security for this zone."; default = true; }; - mx = mkOption { - type = listOf str; - description = "A list of mail servers serving this domain."; - default = [ ]; - }; - - srv-records = mkOption { - type = attrsOf (attrsOf (listOf (submodule srvRecordOpts))); - description = "Map of traffic type to srv records."; - default = { }; - example = { - tcp = { - kerberos = { - port = 88; - host = "auth-host.my-domain.com"; - }; - }; - }; - }; - - aliases = mkOption { - type = loaOf str; - default = { }; - description = "A mapping of host-alias => hostnames to add to DNS."; - example = { - "music" = "host.dom.com."; - "mail" = "hostname"; - }; - }; - - extra-dns-records = mkOption { - type = listOf str; - description = "Records to be inserted verbatim into the DNS zone."; - example = [ "some-host IN CNAME base-host" ]; - default = [ ]; - }; - dmarc-report-address = mkOption { type = nullOr str; description = "The email to use to recieve DMARC reports, if any."; @@ -133,11 +23,9 @@ let default = null; }; - default-host = mkOption { - type = nullOr str; - description = - "IP of the host which will act as the default server for this domain, if any."; - default = null; + network-definition = mkOption { + type = submodule (import ../types/network-definition.nix); + description = "Definition of network to be served by local server."; }; }; }; diff --git a/lib/fudo/local-network.nix b/lib/fudo/local-network.nix index 0751232..c7c64c6 100644 --- a/lib/fudo/local-network.nix +++ b/lib/fudo/local-network.nix @@ -10,91 +10,47 @@ let join-lines = concatStringsSep "\n"; - hostOpts = { hostname, ... }: { - options = { - ip-address = mkOption { - type = types.str; - description = '' - The V4 IP of a given host, if any. - ''; - }; - - mac-address = mkOption { - type = with types; nullOr types.str; - description = '' - The MAC address of a given host, if desired for IP reservation. - ''; - default = null; - }; - - ssh-fingerprints = mkOption { - type = with types; listOf str; - description = "A list of DNS SSHFP records for this host."; - default = [ ]; - }; - }; - }; - traceout = out: builtins.trace out out; in { - options.fudo.local-network = { + options.fudo.local-network = with types; { enable = mkEnableOption "Enable local network configuration (DHCP & DNS)."; - hosts = mkOption { - type = with types; attrsOf (submodule hostOpts); - default = { }; - description = "A map of hostname => { host_attributes }."; - }; - domain = mkOption { - type = types.str; + type = str; description = "The domain to use for the local network."; }; dns-servers = mkOption { - type = with types; listOf str; + type = listOf str; description = "A list of domain name server to use for the local network."; }; dhcp-interfaces = mkOption { - type = with types; listOf str; + type = listOf str; description = "A list of interfaces on which to serve DHCP."; }; - dns-serve-ips = mkOption { - type = with types; listOf str; + dns-listen-ips = mkOption { + type = listOf str; description = "A list of IPs on which to server DNS queries."; }; gateway = mkOption { - type = types.str; + type = str; description = "The gateway to use for the local network."; }; - aliases = mkOption { - type = with types; attrsOf str; - default = { }; - description = - "A mapping of host-alias => hostname to use on the local network."; - }; - network = mkOption { - type = types.str; + type = str; description = "Network to treat as local."; }; - enable-reverse-mappings = mkOption { - type = types.bool; - description = "Genereate PTR reverse lookup records."; - default = false; - }; - dhcp-dynamic-network = mkOption { - type = types.str; + type = str; description = '' The network from which to dynamically allocate IPs via DHCP. @@ -102,45 +58,34 @@ in { ''; }; + enable-reverse-mappings = mkOption { + type = bool; + description = "Genereate PTR reverse lookup records."; + default = false; + }; + recursive-resolver = mkOption { - type = types.str; + type = str; description = "DNS nameserver to use for recursive resolution."; }; server-ip = mkOption { - type = types.str; + type = str; description = "IP of the DNS server."; }; - extra-dns-records = mkOption { - type = with types; listOf str; - description = "Records to be inserted verbatim into the DNS zone."; - example = [ "some-host IN CNAME other-host" ]; - default = [ ]; - }; - - srv-records = mkOption { - type = dns.srvRecords; - description = "Map of traffic type to srv records."; - default = { }; - example = { - tcp = { - kerberos = { - port = 88; - host = "auth-host.my-domain.com"; - }; - }; - }; - }; - search-domains = mkOption { - type = with types; listOf str; + type = listOf str; description = "A list of domains to search for DNS names."; example = [ "my-domain.com" "other-domain.com" ]; default = [ ]; }; - # TODO: srv records + network-definition = mkOption { + type = + submodule (import ../types/network-definition.nix { inherit lib; }); + description = "Definition of network to be served by local server."; + }; }; config = mkIf cfg.enable { diff --git a/lib/types/network-definition.nix b/lib/types/network-definition.nix index eb3de54..b3681e7 100644 --- a/lib/types/network-definition.nix +++ b/lib/types/network-definition.nix @@ -115,5 +115,11 @@ in { "IP of the host which will act as the default server for this domain, if any."; default = null; }; + + mx = mkOption { + type = listOf str; + description = "A list of mail servers serving this domain."; + default = [ ]; + }; }; }