lib/dns: split dynamicReverseZones for ipv4/ipv6 to avoid ip6.arpa zones ending up in reverseZones4
This commit is contained in:
parent
3295a15758
commit
ec47077368
|
@ -11,7 +11,7 @@ rec {
|
||||||
|
|
||||||
publicIPv4 = config.site.hosts.upstream4.interfaces.up4-pppoe.upstream.staticIpv4Address;
|
publicIPv4 = config.site.hosts.upstream4.interfaces.up4-pppoe.upstream.staticIpv4Address;
|
||||||
|
|
||||||
dynamicReverseZones = [
|
dynamicReverseZones4 = [
|
||||||
"73.20.172.in-addr.arpa"
|
"73.20.172.in-addr.arpa"
|
||||||
"74.20.172.in-addr.arpa"
|
"74.20.172.in-addr.arpa"
|
||||||
"75.20.172.in-addr.arpa"
|
"75.20.172.in-addr.arpa"
|
||||||
|
@ -21,6 +21,8 @@ rec {
|
||||||
"79.20.172.in-addr.arpa"
|
"79.20.172.in-addr.arpa"
|
||||||
"99.22.172.in-addr.arpa"
|
"99.22.172.in-addr.arpa"
|
||||||
"99.22.172.in-addr.arpa"
|
"99.22.172.in-addr.arpa"
|
||||||
|
];
|
||||||
|
dynamicReverseZones6 = [
|
||||||
"2.0.0.0.c.2.0.8.1.8.0.0.a.2.ip6.arpa"
|
"2.0.0.0.c.2.0.8.1.8.0.0.a.2.ip6.arpa"
|
||||||
"4.1.b.a.c.a.2.8.3.5.f.0.a.2.ip6.arpa"
|
"4.1.b.a.c.a.2.8.3.5.f.0.a.2.ip6.arpa"
|
||||||
"5.0.2.d.3.c.2.4.0.0.2.4.d.f.ip6.arpa"
|
"5.0.2.d.3.c.2.4.0.0.2.4.d.f.ip6.arpa"
|
||||||
|
@ -97,7 +99,7 @@ rec {
|
||||||
"${zone}" = true;
|
"${zone}" = true;
|
||||||
}
|
}
|
||||||
) {} (builtins.attrNames reverseHosts4)
|
) {} (builtins.attrNames reverseHosts4)
|
||||||
) ++ dynamicReverseZones
|
) ++ dynamicReverseZones4
|
||||||
);
|
);
|
||||||
|
|
||||||
# turns `::` into `0000:0000:0000:0000:0000:0000:0000:0000`
|
# turns `::` into `0000:0000:0000:0000:0000:0000:0000:0000`
|
||||||
|
@ -242,7 +244,7 @@ rec {
|
||||||
builtins.filter (lib.hasSuffix ".${zone}")
|
builtins.filter (lib.hasSuffix ".${zone}")
|
||||||
(builtins.attrNames reverseHosts4)
|
(builtins.attrNames reverseHosts4)
|
||||||
);
|
);
|
||||||
dynamic = builtins.elem zone dynamicReverseZones;
|
dynamic = builtins.elem zone dynamicReverseZones4;
|
||||||
}) reverseZones4
|
}) reverseZones4
|
||||||
++
|
++
|
||||||
builtins.concatMap (ctx:
|
builtins.concatMap (ctx:
|
||||||
|
@ -261,6 +263,7 @@ rec {
|
||||||
builtins.filter (lib.hasSuffix ".${zone}")
|
builtins.filter (lib.hasSuffix ".${zone}")
|
||||||
(builtins.attrNames reverseHosts6.${ctx})
|
(builtins.attrNames reverseHosts6.${ctx})
|
||||||
);
|
);
|
||||||
|
dynamic = builtins.elem zone dynamicReverseZones6;
|
||||||
}) reverseZones6.${ctx}
|
}) reverseZones6.${ctx}
|
||||||
) (builtins.attrNames reverseZones6);
|
) (builtins.attrNames reverseZones6);
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,11 @@ let
|
||||||
nixpkgs.lib.generators.toPretty {} self.lib.openwrtModels
|
nixpkgs.lib.generators.toPretty {} self.lib.openwrtModels
|
||||||
);
|
);
|
||||||
export-config = pkgs.writeText "config.nix" (
|
export-config = pkgs.writeText "config.nix" (
|
||||||
nixpkgs.lib.generators.toPretty {} (lib.filterAttrsRecursive (n: v: n != "net-combined") config)
|
nixpkgs.lib.generators.toPretty {} (lib.filterAttrsRecursive (n: v: n != "net-combined") (
|
||||||
|
config
|
||||||
|
//
|
||||||
|
{ site.dns.localZones = self.lib.dns.localZones; }
|
||||||
|
))
|
||||||
);
|
);
|
||||||
|
|
||||||
encrypt-secrets = pkgs.writeScriptBin "encrypt-secrets" ''
|
encrypt-secrets = pkgs.writeScriptBin "encrypt-secrets" ''
|
||||||
|
|
Loading…
Reference in New Issue