nix/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6cb3ecd6c2
nixos-config/lib/fudo/hosts/local-network.nix
nostoromo root 372cf5fc6a Still very broken...moving to start testing
2021-02-23 12:58:29 -08:00

143 lines
3.7 KiB
Nix
Raw Blame History

# THROW THIS AWAY, NOT USED
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.fudo.hosts.local-network;
gatewayServerOpts = { ... }: {
options = {
enable = mkEnableOption "Turn this host into a network gateway.";
internal-interfaces = mkOption {
type = with types; listOf str;
description =
"List of internal interfaces from which to forward traffic.";
default = [ ];
};
external-interface = mkOption {
type = types.str;
description =
"Interface facing public internet, to which traffic is forwarded.";
};
external-tcp-ports = mkOption {
type = with types; listOf port;
description = "List of TCP ports to open to the outside world.";
default = [ ];
};
external-udp-ports = mkOption {
type = with types; listOf port;
description = "List of UDP ports to open to the outside world.";
default = [ ];
};
};
};
dnsOverHttpsProxy = {
options = {
enable = mkEnableOption "Enable a DNS-over-HTTPS proxy server.";
listen-port = mkOption {
type = types.port;
description = "Port on which to listen for DNS requests.";
default = 53;
};
upstream-dns = mkOption {
type = with types; listOf str;
description = "List of DoH DNS servers to use for recursion.";
default = [ ];
};
bootstrap-dns = mkOption {
type = types.str;
description = "DNS server used to bootstrap the proxy server.";
default = "1.1.1.1";
};
};
};
networkDhcpServerOpts = mkOption {
options = {
enable = mkEnableOption "Enable local DHCP server.";
dns-servers = mkOption {
type = with types; listOf str;
description = "List of DNS servers for clients to use.";
default = [ ];
};
listen-interfaces = mkOption {
type = with types; listOf str;
description = "List of interfaces on which to serve DHCP requests.";
default = [ ];
};
server-ip = mkOption {
type = types.str;
description = "IP address of the server host.";
};
};
};
networkServerOpts = {
options = {
enable = mkEnableOption "Enable local networking server (DNS & DHCP).";
domain = mkOption {
type = types.str;
description = "Local network domain which this host will serve.";
};
dns-listen-addrs = mkOption {
type = with types; listOf str;
description = "List of IP addresses on which to listen for requests.";
default = [ ];
};
dhcp = mkOption {
type = types.submodule networkDhcpServerOpts;
description = "Local DHCP server options.";
};
};
};
in {
options.fudo.hosts.local-network = with types; {
recursive-resolvers = mkOption {
type = listOf str;
description = "DNS server to use for recursive lookups.";
example = "1.2.3.4 port 53";
};
gateway-server = mkOption {
type = submodule gatewayServerOpts;
description = "Gateway server options.";
};
dns-over-https-proxy = mkOption {
type = submodule dnsOverHttpsProxy;
description = "DNS-over-HTTPS proxy server.";
};
networkServerOpts = mkOption {
type = submodule networkServerOpts;
description = "Networking (DNS & DHCP) server for a local network.";
};
};
config = {
fudo.secure-dns-proxy = mkIf cfg.dns-over-https-proxy.enable {
enable = true;
port = cfg.dns-over-https-proxy.listen-port;
upstream-dns = cfg.dns-over-https-proxy.upstream-dns;
bootstrap-dns = cfg.dns-over-https-proxy.bootstrap-dns;
listen-ips = cfg.dns-over-https-proxy.listen-ips;
};
};
}
Reference in New Issue View Git Blame Copy Permalink