From a9abf3d3654a0f7151ea84fe6086782ea7ce1472 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Thu, 6 May 2021 15:46:37 +0200
Subject: [PATCH] nixos-module/container/dns: create initial records in dynamic
 zones

---
 nix/nixos-module/container/dns.nix | 27 +++++++++++++++++++++++++--
 1 file changed, 25 insertions(+), 2 deletions(-)

diff --git a/nix/nixos-module/container/dns.nix b/nix/nixos-module/container/dns.nix
index cfc466f..78ea8be 100644
--- a/nix/nixos-module/container/dns.nix
+++ b/nix/nixos-module/container/dns.nix
@@ -332,11 +332,11 @@ in
         '';
       });
 
-    systemd.services.dynamic-zones = {
+    systemd.services.create-dynamic-zones = {
+      description = "Creates dynamic zone files";
       requiredBy = [ "bind.service" ];
       before = [ "bind.service" ];
       serviceConfig.Type = "oneshot";
-      # TODO: initial records
       script = ''
         mkdir -p /var/db/bind
 
@@ -350,5 +350,28 @@ in
         )}
       '';
     };
+    systemd.services.update-dynamic-zones = {
+      description = "Creates initial records in dynamic zone files";
+      requiredBy = [ "bind.service" ];
+      after = [ "bind.service" ];
+      serviceConfig.Type = "oneshot";
+      path = [ pkgs.dnsutils ];
+      script = ''
+        ${lib.concatMapStrings (zone: ''
+          nsupdate -y "hmac-sha256:dyndns:${inputs.zentralwerk-network-key.lib.dyndnsKey}" <<EOF
+          server localhost
+
+          ${lib.concatMapStringsSep "\n" ({ name, type, data }: ''
+            delete ${name}.${zone.name}. IN ${type}
+            add ${name}.${zone.name}. 3600 IN ${type} ${data}
+          '') zone.records}
+
+          send
+          EOF
+        '') (
+          builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones
+        )}
+      '';
+    };
   };
 }