nixos-module/container/dns: add ipv4 reverse zones

This commit is contained in:
Astro 2021-05-03 02:15:27 +02:00
parent 8c896c31b8
commit 187c657080
1 changed files with 47 additions and 2 deletions

View File

@ -68,6 +68,35 @@ lib.mkIf config.site.hosts.${hostName}.services.dns.enable {
dynamicDomain dynamicDomain
) config.site.net; ) config.site.net;
# converts an IPv4 address to its reverse DNS form
ipv4ToReverse = ipv4:
builtins.concatStringsSep "." (
lib.reverseList (
builtins.filter builtins.isString (
builtins.split "\\." ipv4
)
)
) + ".in-addr.arpa";
# `{ "1,0.0.127.in-addr.arpa" = "lo.core.zentralwerk.dn42"; }`
reverseHosts4 = builtins.foldl' (result: { hosts4, domainName, ... }:
builtins.foldl' (result: host: result // {
"${ipv4ToReverse hosts4.${host}}" = "${host}.${domainName}";
}) result (builtins.attrNames hosts4)
) {} (builtins.attrValues namedNets);
# `[ "0.0.127.in-addr.arpa" ]`
reverseZones4 = builtins.attrNames (
builtins.foldl' (result: rname:
let
zone = builtins.head (
builtins.match "[[:digit:]]+\\.(.+)" rname
);
in result // {
"${zone}" = true;
}
) {} (builtins.attrNames reverseHosts4)
);
in { in {
enable = true; enable = true;
zones = [ (staticZone { zones = [ (staticZone {
@ -95,7 +124,7 @@ lib.mkIf config.site.hosts.${hostName}.services.dns.enable {
type = "A"; type = "A";
data = "24.134.252.105"; data = "24.134.252.105";
} ]; } ];
}) ] ++ (builtins.concatLists ( }) ] ++ builtins.concatLists (
builtins.attrValues ( builtins.attrValues (
builtins.mapAttrs (net: { dynamicDomain, hosts4, hosts6, ... }: [ builtins.mapAttrs (net: { dynamicDomain, hosts4, hosts6, ... }: [
(if dynamicDomain (if dynamicDomain
@ -116,7 +145,23 @@ lib.mkIf config.site.hosts.${hostName}.services.dns.enable {
}) })
]) namedNets ]) namedNets
) )
)); ) ++ map (zone:
staticZone {
name = zone;
ns = [ fqdn ];
records =
map (reverse: {
name = builtins.head (
builtins.match "([[:digit:]]+)\\..*" reverse
);
type = "PTR";
data = reverseHosts4.${reverse};
}) (
builtins.filter (lib.hasSuffix ".${zone}")
(builtins.attrNames reverseHosts4)
);
}
) reverseZones4;
}; };
# TODO: zentralwerk.{org,dn42}, reverse, dyn, ipa.zentralwerk.dn42 # TODO: zentralwerk.{org,dn42}, reverse, dyn, ipa.zentralwerk.dn42