{ config, lib, pkgs, ... }: with lib; let hostname = config.instance.hostname; cfg = config.fudo.france.dns; in { options.fudo.france.dns = with types; { default-host = mkOption { type = str; description = "IP address to which the domain will map."; }; listen-ip = mkOption { type = str; description = "IP addresses on which to listen"; }; listen-ipv6 = mkOption { type = nullOr str; description = "IPv6 addresses on which to listen"; default = null; }; mail-hosts = mkOption { type = listOf str; description = "List of mail hosts for the MX records."; }; }; config = let dom = config.instance.local-domain; dom-cfg = config.fudo.domains.${dom}; in { fudo = { mail-server.alias-users.dmarc-report = map (admin: "${admin}@${dom}") dom-cfg.local-admins; dns = { enable = true; identity = "${hostname}.fudo.org"; listen-ips = [ cfg.listen-ip ] ++ (optional (cfg.listen-ipv6 != null) cfg.listen-ipv6); nameservers = { ns1 = { ipv4-address = cfg.listen-ip; ipv6-address = mkIf (cfg.listen-ipv6 != null) cfg.listen-ipv6; description = "Nameserver 1, france, in Winnipeg, MB, CA"; }; ns2 = { ipv4-address = "209.117.102.102"; ipv6-address = "2001:470:1f16:40::2"; description = "Nameserver 2, musashi, in Winnipeg, MB, CA"; }; ns3 = { ipv4-address = "104.131.53.95"; ipv6-address = "2604:a880:800:10::8:7001"; description = "Nameserver 3, ns2.henchmman21.net, in New York City, NY, US"; }; ns4 = { ipv4-address = "204.42.254.5"; ipv6-address = "2001:418:3f4::5"; description = "Nameserver 4, puck.nether.net, in Chicago, IL, US"; }; }; domains = let in { ${dom} = { dnssec = true; default-host = cfg.default-host; gssapi-realm = dom-cfg.gssapi-realm; mx = cfg.mail-hosts; dmarc-report-address = "dmarc-report@${dom}"; network-definition = import ../../networks/fudo.org.nix; }; }; }; }; }; }