forked from zentralwerk/network
lib/dns: split dynamicReverseZones for ipv4/ipv6 to avoid ip6.arpa zones ending up in reverseZones4
This commit is contained in:
parent
3295a15758
commit
ec47077368
|
@ -11,7 +11,7 @@ rec {
|
|||
|
||||
publicIPv4 = config.site.hosts.upstream4.interfaces.up4-pppoe.upstream.staticIpv4Address;
|
||||
|
||||
dynamicReverseZones = [
|
||||
dynamicReverseZones4 = [
|
||||
"73.20.172.in-addr.arpa"
|
||||
"74.20.172.in-addr.arpa"
|
||||
"75.20.172.in-addr.arpa"
|
||||
|
@ -21,6 +21,8 @@ rec {
|
|||
"79.20.172.in-addr.arpa"
|
||||
"99.22.172.in-addr.arpa"
|
||||
"99.22.172.in-addr.arpa"
|
||||
];
|
||||
dynamicReverseZones6 = [
|
||||
"2.0.0.0.c.2.0.8.1.8.0.0.a.2.ip6.arpa"
|
||||
"4.1.b.a.c.a.2.8.3.5.f.0.a.2.ip6.arpa"
|
||||
"5.0.2.d.3.c.2.4.0.0.2.4.d.f.ip6.arpa"
|
||||
|
@ -97,7 +99,7 @@ rec {
|
|||
"${zone}" = true;
|
||||
}
|
||||
) {} (builtins.attrNames reverseHosts4)
|
||||
) ++ dynamicReverseZones
|
||||
) ++ dynamicReverseZones4
|
||||
);
|
||||
|
||||
# turns `::` into `0000:0000:0000:0000:0000:0000:0000:0000`
|
||||
|
@ -242,7 +244,7 @@ rec {
|
|||
builtins.filter (lib.hasSuffix ".${zone}")
|
||||
(builtins.attrNames reverseHosts4)
|
||||
);
|
||||
dynamic = builtins.elem zone dynamicReverseZones;
|
||||
dynamic = builtins.elem zone dynamicReverseZones4;
|
||||
}) reverseZones4
|
||||
++
|
||||
builtins.concatMap (ctx:
|
||||
|
@ -261,6 +263,7 @@ rec {
|
|||
builtins.filter (lib.hasSuffix ".${zone}")
|
||||
(builtins.attrNames reverseHosts6.${ctx})
|
||||
);
|
||||
dynamic = builtins.elem zone dynamicReverseZones6;
|
||||
}) reverseZones6.${ctx}
|
||||
) (builtins.attrNames reverseZones6);
|
||||
}
|
||||
|
|
|
@ -10,7 +10,11 @@ let
|
|||
nixpkgs.lib.generators.toPretty {} self.lib.openwrtModels
|
||||
);
|
||||
export-config = pkgs.writeText "config.nix" (
|
||||
nixpkgs.lib.generators.toPretty {} (lib.filterAttrsRecursive (n: v: n != "net-combined") config)
|
||||
nixpkgs.lib.generators.toPretty {} (lib.filterAttrsRecursive (n: v: n != "net-combined") (
|
||||
config
|
||||
//
|
||||
{ site.dns.localZones = self.lib.dns.localZones; }
|
||||
))
|
||||
);
|
||||
|
||||
encrypt-secrets = pkgs.writeScriptBin "encrypt-secrets" ''
|
||||
|
|
Loading…
Reference in New Issue