From 187c657080beb8b3394e7b37a8677ae9257609a3 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Mon, 3 May 2021 02:15:27 +0200
Subject: [PATCH] nixos-module/container/dns: add ipv4 reverse zones

---
 nix/nixos-module/container/dns.nix | 49 ++++++++++++++++++++++++++++--
 1 file changed, 47 insertions(+), 2 deletions(-)

diff --git a/nix/nixos-module/container/dns.nix b/nix/nixos-module/container/dns.nix
index 0ee7c88..a568f82 100644
--- a/nix/nixos-module/container/dns.nix
+++ b/nix/nixos-module/container/dns.nix
@@ -68,6 +68,35 @@ lib.mkIf config.site.hosts.${hostName}.services.dns.enable {
         dynamicDomain
       ) config.site.net;
 
+      # converts an IPv4 address to its reverse DNS form
+      ipv4ToReverse = ipv4:
+        builtins.concatStringsSep "." (
+          lib.reverseList (
+            builtins.filter builtins.isString (
+              builtins.split "\\." ipv4
+            )
+          )
+        ) + ".in-addr.arpa";
+
+      # `{ "1,0.0.127.in-addr.arpa" = "lo.core.zentralwerk.dn42"; }`
+      reverseHosts4 = builtins.foldl' (result: { hosts4, domainName, ... }:
+        builtins.foldl' (result: host: result // {
+          "${ipv4ToReverse hosts4.${host}}" = "${host}.${domainName}";
+        }) result (builtins.attrNames hosts4)
+      ) {} (builtins.attrValues namedNets);
+
+      # `[ "0.0.127.in-addr.arpa" ]`
+      reverseZones4 = builtins.attrNames (
+        builtins.foldl' (result: rname:
+          let
+            zone = builtins.head (
+              builtins.match "[[:digit:]]+\\.(.+)" rname
+            );
+          in result // {
+            "${zone}" = true;
+          }
+        ) {} (builtins.attrNames reverseHosts4)
+      );
     in {
       enable = true;
       zones = [ (staticZone {
@@ -95,7 +124,7 @@ lib.mkIf config.site.hosts.${hostName}.services.dns.enable {
           type = "A";
           data = "24.134.252.105";
         } ];
-      }) ] ++ (builtins.concatLists (
+      }) ] ++ builtins.concatLists (
         builtins.attrValues (
           builtins.mapAttrs (net: { dynamicDomain, hosts4, hosts6, ... }: [
             (if dynamicDomain
@@ -116,7 +145,23 @@ lib.mkIf config.site.hosts.${hostName}.services.dns.enable {
             })
           ]) namedNets
         )
-      ));
+      ) ++ map (zone:
+        staticZone {
+          name = zone;
+          ns = [ fqdn ];
+          records =
+            map (reverse: {
+              name = builtins.head (
+                builtins.match "([[:digit:]]+)\\..*" reverse
+              );
+              type = "PTR";
+              data = reverseHosts4.${reverse};
+            }) (
+              builtins.filter (lib.hasSuffix ".${zone}")
+                (builtins.attrNames reverseHosts4)
+            );
+        }
+      ) reverseZones4;
     };
 
   # TODO: zentralwerk.{org,dn42}, reverse, dyn, ipa.zentralwerk.dn42