zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 3 Pull Requests 1 Releases Wiki Activity

Compare commits

base: zentralwerk:793547d0ca24853d4bbc826894d0fc0510ba07cb
Branches Tags
zentralwerk:master
zentralwerk:nixos-23.05
zentralwerk:bgp
zentralwerk:flpk-data-hoarder
zentralwerk:pacemaker
zentralwerk:nek0-mailtngbert-patch
zentralwerk:yggdrasil
zentralwerk:legacy
...
compare: zentralwerk:a49408c4805ef7bf8061a4a3523a20d161c863e5
Branches Tags
zentralwerk:master
zentralwerk:nixos-23.05
zentralwerk:bgp
zentralwerk:flpk-data-hoarder
zentralwerk:pacemaker
zentralwerk:nek0-mailtngbert-patch
zentralwerk:yggdrasil
zentralwerk:legacy

2 Commits
793547d0ca ... a49408c480

Author SHA1 Message Date
Sandro - a49408c480
dns: format 2024-04-25 20:04:38 +02:00
Sandro - f308cbb292
dns: map acl to key 
upsi
 2024-04-25 20:04:25 +02:00
1 changed files with 19 additions and 26 deletions
Show Stats Expand all files Collapse all files

45
nix/nixos-module/container/dns.nix
View File

@ -88,6 +88,7 @@ in
{ {
id = "dyndns"; id = "dyndns";
action = "update"; action = "update";
key = "dyndns";
} }
{ {
id = "zone_xfr"; id = "zone_xfr";
@ -177,15 +178,13 @@ in
} }
]; ];
zone = [ zone = [ {
{ acl = "zone_xfr";
acl = "zone_xfr"; catalog-role = "generate";
catalog-role = "generate"; domain = "zentralwerk.";
domain = "zentralwerk."; notify = [ "ns1.supersandro.de" ];
notify = [ "ns1.supersandro.de" ]; storage = "/var/lib/knot/catalog";
storage = "/var/lib/knot/catalog"; } ] ++ map generateZone config.site.dns.localZones;
}
] ++ map generateZone config.site.dns.localZones;
}; };
}); });
@ -203,9 +202,7 @@ in
cp ${generateZoneFile zone} /var/lib/knot/zones/${name}.zone cp ${generateZoneFile zone} /var/lib/knot/zones/${name}.zone
chown -R knot /var/lib/knot/zones chown -R knot /var/lib/knot/zones
chmod -R u+rwX /var/lib/knot/zones chmod -R u+rwX /var/lib/knot/zones
'') ( '') (builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones)}
builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones
)}
''; '';
}; };
@ -215,22 +212,18 @@ in
after = [ "knot.service" ]; after = [ "knot.service" ];
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
path = [ pkgs.dnsutils ]; path = [ pkgs.dnsutils ];
script = '' script = lib.concatMapStrings (zone: ''
${lib.concatMapStrings (zone: '' nsupdate -v -y "hmac-sha256:dyndns:${config.site.dyndnsKey}" <<EOF
nsupdate -v -y "hmac-sha256:dyndns:${config.site.dyndnsKey}" <<EOF server localhost
server localhost
${lib.concatMapStringsSep "\n" ({ name, type, data }: '' ${lib.concatMapStringsSep "\n" ({ name, type, data }: ''
delete ${name}.${zone.name}. IN ${type} delete ${name}.${zone.name}. IN ${type}
add ${name}.${zone.name}. 3600 IN ${type} ${data} add ${name}.${zone.name}. 3600 IN ${type} ${data}
'') zone.records} '') zone.records}
send send
EOF EOF
'') ( '') (builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones);
builtins.filter ({ dynamic, ... }: dynamic) config.site.dns.localZones
)}
'';
}; };
}; };
}; };