diff --git a/flake.nix b/flake.nix index bee437c..487cfc4 100644 --- a/flake.nix +++ b/flake.nix @@ -181,6 +181,56 @@ lol = import ./lol.nix nixpkgs_plats.x86_64-linux nixosConfigurations.lisa.config.system.build.toplevel.drvPath; + dnsRecords = with nixpkgs.lib; + let + machineInfo = { + router = { vpn = "100.100.45.1"; public = "78.192.168.230"; }; + verso = { vpn = "100.100.45.5"; public = "78.192.168.230"; }; + saumon = { vpn = "100.100.45.10"; public = "78.192.168.230"; }; + }; + + splitSuffix = len: sep: string: + let l = splitString sep string; + in + [ (concatStringsSep sep (drop (length l - len) l)) (concatStringsSep sep (take (length l - len) l)) ]; + + isVPN = x: hasSuffix "luj" x || hasSuffix "kms" x || hasSuffix "saumon" x; + + extractDomain = x: + if (isVPN x) then (splitSuffix 1 "." x) else + splitSuffix 2 "." x; + + domainToRecord = machine: x: + if !(hasInfix "." x) then { } else + let + zone = head (extractDomain x); + subdomain = last (extractDomain x); + in + { + ${zone} = { + TTL = 60 * 60; + NS = [ "@" ]; + SOA = { + nameServer = "@"; + adminEmail = "dns@saumon.network"; + serial = 0; + }; + } // + (if (subdomain == "") then { + A = with machineInfo.${machine}; + (if isVPN x then [ vpn ] else [ public ]); + } else { + subdomains.${subdomain}.A = with machineInfo.${machine}; if isVPN x then [ vpn ] else [ public ]; + }); + }; + + getDomains = machine: with self.nixosConfigurations.${machine}.config; attrNames services.nginx.virtualHosts ++ optional services.tailscale.enable "${machine}.saumon"; + + recursiveUpdateManyAttrs = foldl recursiveUpdate { }; + in + recursiveUpdateManyAttrs (concatMap (machine: map (domainToRecord machine) (getDomains machine)) (attrNames machineInfo)); + + hydraJobs = { machines.tower = self.nixosConfigurations.tower.config.system.build.toplevel;