zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 3 Pull Requests 1 Releases Wiki Activity

Compare commits

base: zentralwerk:793547d0ca24853d4bbc826894d0fc0510ba07cb
Branches Tags
zentralwerk:master
zentralwerk:nixos-23.05
zentralwerk:bgp
zentralwerk:flpk-data-hoarder
zentralwerk:pacemaker
zentralwerk:nek0-mailtngbert-patch
zentralwerk:yggdrasil
zentralwerk:legacy
...
compare: zentralwerk:a49408c4805ef7bf8061a4a3523a20d161c863e5
Branches Tags
zentralwerk:master
zentralwerk:nixos-23.05
zentralwerk:bgp
zentralwerk:flpk-data-hoarder
zentralwerk:pacemaker
zentralwerk:nek0-mailtngbert-patch
zentralwerk:yggdrasil
zentralwerk:legacy

2 Commits
793547d0ca ... a49408c480

Author SHA1 Message Date
Sandro - a49408c480
dns: format 2024-04-25 20:04:38 +02:00
Sandro - f308cbb292
dns: map acl to key 
upsi
 2024-04-25 20:04:25 +02:00
1 changed files with 19 additions and 26 deletions
Show Stats Expand all files Collapse all files

45
nix/nixos-module/container/dns.nix
View File

@ -88,6 +88,7 @@ in
{
id = "dyndns";
action = "update";
key = "dyndns";
}
{
id = "zone_xfr";
@ -177,15 +178,13 @@ in
}
];
zone = [
{
acl = "zone_xfr";
catalog-role = "generate";
domain = "zentralwerk.";
notify = [ "ns1.supersandro.de" ];
storage = "/var/lib/knot/catalog";
}
] ++ map generateZone config.site.dns.localZones;
zone = [ {
acl = "zone_xfr";
catalog-role = "generate";
domain = "zentralwerk.";
notify = [ "ns1.supersandro.de" ];
storage = "/var/lib/knot/catalog";
} ] ++ map generateZone config.site.dns.localZones;
};
});
@ -203,9 +202,7 @@ in
cp ${generateZoneFile zone} /var/lib/knot/zones/${name}.zone
chown -R knot /var/lib/knot/zones
chmod -R u+rwX /var/lib/knot/zones
'') (
builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones
)}
'') (builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones)}
'';
};
@ -215,22 +212,18 @@ in
after = [ "knot.service" ];
serviceConfig.Type = "oneshot";
path = [ pkgs.dnsutils ];
script = ''
${lib.concatMapStrings (zone: ''
nsupdate -v -y "hmac-sha256:dyndns:${config.site.dyndnsKey}" <<EOF
server localhost
script = lib.concatMapStrings (zone: ''
nsupdate -v -y "hmac-sha256:dyndns:${config.site.dyndnsKey}" <<EOF
server localhost
${lib.concatMapStringsSep "\n" ({ name, type, data }: ''
delete ${name}.${zone.name}. IN ${type}
add ${name}.${zone.name}. 3600 IN ${type} ${data}
'') zone.records}
${lib.concatMapStringsSep "\n" ({ name, type, data }: ''
delete ${name}.${zone.name}. IN ${type}
add ${name}.${zone.name}. 3600 IN ${type} ${data}
'') zone.records}
send
EOF
'') (
builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones
)}
'';
send
EOF
'') (builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones);
};
};
};