exporting dnsRecords

2025-03-31 01:00:54 +02:00 · 2023-06-05 13:17:58 +02:00 · 2023-06-05 13:17:58 +02:00 · 9b26220c24
commit 9b26220c24
parent 781e6f6f51
1 changed files with 50 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -181,6 +181,56 @@

      lol = import ./lol.nix nixpkgs_plats.x86_64-linux nixosConfigurations.lisa.config.system.build.toplevel.drvPath;

+      dnsRecords = with nixpkgs.lib;
+        let
+          machineInfo = {
+            router = { vpn = "100.100.45.1"; public = "78.192.168.230"; };
+            verso = { vpn = "100.100.45.5"; public = "78.192.168.230"; };
+            saumon = { vpn = "100.100.45.10"; public = "78.192.168.230"; };
+          };
+
+          splitSuffix = len: sep: string:
+            let l = splitString sep string;
+            in
+            [ (concatStringsSep sep (drop (length l - len) l)) (concatStringsSep sep (take (length l - len) l)) ];
+
+          isVPN = x: hasSuffix "luj" x || hasSuffix "kms" x || hasSuffix "saumon" x;
+
+          extractDomain = x:
+            if (isVPN x) then (splitSuffix 1 "." x) else
+            splitSuffix 2 "." x;
+
+          domainToRecord = machine: x:
+            if !(hasInfix "." x) then { } else
+            let
+              zone = head (extractDomain x);
+              subdomain = last (extractDomain x);
+            in
+            {
+              ${zone} = {
+                TTL = 60 * 60;
+                NS = [ "@" ];
+                SOA = {
+                  nameServer = "@";
+                  adminEmail = "dns@saumon.network";
+                  serial = 0;
+                };
+              } //
+              (if (subdomain == "") then {
+                A = with machineInfo.${machine};
+                  (if isVPN x then [ vpn ] else [ public ]);
+              } else {
+                subdomains.${subdomain}.A = with machineInfo.${machine}; if isVPN x then [ vpn ] else [ public ];
+              });
+            };
+
+          getDomains = machine: with self.nixosConfigurations.${machine}.config; attrNames services.nginx.virtualHosts ++ optional services.tailscale.enable "${machine}.saumon";
+
+          recursiveUpdateManyAttrs = foldl recursiveUpdate { };
+        in
+        recursiveUpdateManyAttrs (concatMap (machine: map (domainToRecord machine) (getDomains machine)) (attrNames machineInfo));
+
+

      hydraJobs = {
        machines.tower = self.nixosConfigurations.tower.config.system.build.toplevel;