Browse Source

nixos-module/container/dns, pkgs/dns-slaves: add explicit addresses for zone xfers

master
Astro 4 months ago
parent
commit
27571cff72
2 changed files with 15 additions and 1 deletions
  1. 10
    1
      nix/nixos-module/container/dns.nix
  2. 5
    0
      nix/pkgs/dns-slaves.nix

+ 10
- 1
nix/nixos-module/container/dns.nix View File

@@ -92,7 +92,16 @@ in
92 92
             if dynamic
93 93
             then "/var/db/bind/${name}.zone"
94 94
             else generateZoneFile zone;
95
-          extraConfig = lib.optionalString dynamic ''
95
+          extraConfig = ''
96
+            also-notify {
97
+              # ns.c3d2.de
98
+              217.197.84.53;
99
+              2001:67c:1400:2240::a;
100
+              # ns.spaceboyz.net
101
+              95.217.229.209;
102
+              2a01:4f9:4b:39ec::4;
103
+            };
104
+          '' + lib.optionalString dynamic ''
96 105
             allow-update { key "dyndns"; };
97 106
           '';
98 107
         };

+ 5
- 0
nix/pkgs/dns-slaves.nix View File

@@ -12,6 +12,11 @@ writeText "named.slave.conf" (
12 12
         172.20.73.2;
13 13
       };
14 14
       file "/var/lib/bind/slave/${name}.zone";
15
+      allow-notify {
16
+        2a02:8106:208:5282:2::2;
17
+        fd23:42:c3d2:582:2::2;
18
+        172.20.73.2;
19
+      };
15 20
     };
16 21
   '') (
17 22
     # public zones only

Loading…
Cancel
Save