depot/cluster/services/dns/default.nix

65 lines
1.4 KiB
Nix
Raw Normal View History

{ config, depot, lib, ... }:
2022-08-07 20:58:37 +03:00
let
2023-08-31 01:55:45 +03:00
inherit (depot) hours;
cfg = config.services.dns;
2022-08-07 20:58:37 +03:00
in
{
imports = [
./options.nix
];
vars.pdns-api-key-secret = {
file = ./pdns-api-key.age;
mode = "0400";
};
2022-08-07 20:58:37 +03:00
links = {
dnsResolver = {
2023-03-07 02:26:07 +02:00
ipv4 = hours.VEGAS.interfaces.vstub.addr;
2022-08-07 20:58:37 +03:00
port = 53;
};
powerdns-api = {
ipv4 = config.vars.mesh.VEGAS.meshIp;
protocol = "http";
};
};
hostLinks = lib.mkMerge [
(lib.genAttrs (with cfg.nodes; master ++ slave) (node: {
dnsAuthoritative = {
ipv4 = hours.${node}.interfaces.primary.addrPublic;
port = 53;
};
}))
(lib.genAttrs cfg.nodes.coredns (node: {
dnsResolver = {
ipv4 = config.vars.mesh.${node}.meshIp;
port = 53;
};
}))
(lib.genAttrs cfg.nodes.coredns (node: {
dnsResolverBackend = {
ipv4 = config.vars.mesh.${node}.meshIp;
};
}))
];
2022-08-07 20:58:37 +03:00
services.dns = {
nodes = {
master = [ "VEGAS" ];
slave = [ "checkmate" "prophet" ];
coredns = [ "checkmate" "VEGAS" ];
client = [ "checkmate" "thunderskin" "VEGAS" "prophet" ];
2022-08-07 20:58:37 +03:00
};
nixos = {
master = [
./authoritative.nix
./admin.nix
];
slave = ./authoritative.nix;
coredns = ./coredns.nix;
client = ./client.nix;
2022-08-07 20:58:37 +03:00
};
};
2023-11-03 00:21:22 +02:00
dns.records.securedns.consulService = "securedns";
2022-08-07 20:58:37 +03:00
}