bind: sort

2023-03-23 21:36:53 +01:00 · 2023-03-23 21:36:53 +01:00 · a6f9000588
parent 7819af404d
commit a6f9000588
1 changed files with 21 additions and 20 deletions
--- a/hosts/bind/default.nix
+++ b/hosts/bind/default.nix
@ -39,6 +39,15 @@ in
    };
  };

+  # Privileged commands triggered by deploy-c3d2-dns
+  security.sudo.extraRules = [ {
+    users = [ "c3d2-dns" ];
+    commands = [ {
+      command = "${reloadCommand}/bin/reload-bind";
+      options = [ "NOPASSWD" ];
+    } ];
+  } ];
+
  # DNS server
  services.bind = {
    enable = true;
@ -52,10 +61,6 @@ in
      };
    '';
  };
-  systemd.services.bind.serviceConfig = {
-    Restart = "always";
-    RestartSec = "5s";
-  };

  # BIND statistics in Grafana
  services.collectd.plugins.bind = ''
@ -69,6 +74,18 @@ in
    MemoryStats     true
  '';

+  system.stateVersion = "22.05";
+
+  systemd.services.bind.serviceConfig = {
+    Restart = "always";
+    RestartSec = "5s";
+  };
+
+  systemd.tmpfiles.rules = [
+    "d ${config.users.users.c3d2-dns.home} 0755 c3d2-dns ${config.users.users.c3d2-dns.group} - -"
+    "d /var/lib/bind/slave 0755 named nogroup - -"
+  ];
+
  # Build user
  users.groups.c3d2-dns = {};
  users.users.c3d2-dns = {
@ -80,20 +97,4 @@ in
    ];
    packages = [ reloadCommand ];
  };
-
-  systemd.tmpfiles.rules = [
-    "d ${config.users.users.c3d2-dns.home} 0755 c3d2-dns ${config.users.users.c3d2-dns.group} - -"
-    "d /var/lib/bind/slave 0755 named nogroup - -"
-  ];
-
-  # Privileged commands triggered by deploy-c3d2-dns
-  security.sudo.extraRules = [ {
-    users = [ "c3d2-dns" ];
-    commands = [ {
-      command = "${reloadCommand}/bin/reload-bind";
-      options = [ "NOPASSWD" ];
-    } ];
-  } ];
-
-  system.stateVersion = "22.05";
 }