xen service: Forward DNS queries from Xen guests

Provide the option forwardDns in virtualisation.xen.bridge, which enables forwarding of DNS queries to the default resolver, allowing outside internet access for the xen guests.
2017-04-30 06:50:28 +00:00
parent f556d94527
commit e7203cb03d
1 changed files with 15 additions and 3 deletions
--- a/nixos/modules/virtualisation/xen-dom0.nix
+++ b/nixos/modules/virtualisation/xen-dom0.nix
@@ -100,6 +100,16 @@ in
            subnet.
          '';
        };
+
+        forwardDns = mkOption {
+          default = false;
+          description = ''
+            If set to <literal>true</literal>, the DNS queries from the
+            hosts connected to the bridge will be forwarded to the DNS
+            servers specified in /etc/resolv.conf .
+            '';
+        };
+
      };

    virtualisation.xen.stored =
@@ -339,7 +349,6 @@ in
        interface=${cfg.bridge.name}
        except-interface=lo
        bind-interfaces
-        auth-server=dns.xen.local,${cfg.bridge.name}
        auth-zone=xen.local,$XEN_BRIDGE_NETWORK_ADDRESS/${toString cfg.bridge.prefixLength}
        domain=xen.local
        addn-hosts=/var/run/xen/dnsmasq.hostsfile
@@ -347,8 +356,11 @@ in
        strict-order
        no-hosts
        bogus-priv
-        no-resolv
-        no-poll
+        ${optionalString (!cfg.bridge.forwardDns) ''
+          no-resolv
+          no-poll
+          auth-server=dns.xen.local,${cfg.bridge.name}
+        ''}
        filterwin2k
        clear-on-reload
        domain-needed