From 1a54c00cc26bc52a2dc6d2d38bd31cf292ec124d Mon Sep 17 00:00:00 2001
From: "Giulio De Pasquale (aider)" <git@depasquale.giugl.io>
Date: Sat, 26 Apr 2025 17:31:07 +0100
Subject: [PATCH] refactor: simplify DNS configuration for vhosts with dynamic
 interface detection

---
 hosts/architect/dns.nix |  3 +--
 modules/core/vhost.nix  | 20 ++++++++++++--------
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/hosts/architect/dns.nix b/hosts/architect/dns.nix
index 8380649..79fe1bb 100644
--- a/hosts/architect/dns.nix
+++ b/hosts/architect/dns.nix
@@ -13,8 +13,7 @@
   };
 
   # Configure AdGuard
-  pepe.core.vhost.hosts."adguard.giugl.io" = with config.pepe.core.network; {
-    dnsInterfaces = [ interfacesByType.vpn interfacesByType.lan ];
+  pepe.core.vhost.hosts."adguard.giugl.io" = {
     locations."/" = {
       port = config.services.adguardhome.port;
       allowLAN = true;
diff --git a/modules/core/vhost.nix b/modules/core/vhost.nix
index 02db344..ac419b9 100644
--- a/modules/core/vhost.nix
+++ b/modules/core/vhost.nix
@@ -1,7 +1,7 @@
 { config, lib, ... }:
 
 let
-  inherit (lib) mkOption types mapAttrs concatMapStringsSep optionalString;
+  inherit (lib) mkOption types mapAttrs concatMapStringsSep optionalString mkIf;
   cfg = config.pepe.core.vhost;
 in
 {
@@ -9,13 +9,6 @@ in
     hosts = mkOption {
       type = types.attrsOf (types.submodule {
         options = {
-          dnsInterfaces = mkOption {
-            type = types.listOf types.str;
-            default = [ ];
-            description = "List of interfaces to add extra DNS hosts for this vhost.";
-            example = "config.pepe.core.network.interfaceTypes.lan";
-          };
-
           locations = mkOption {
             type = types.attrsOf (types.submodule {
               options = {
@@ -88,6 +81,17 @@ in
   };
 
   config = {
+    # Configure DNS entries for vhosts when DNS is enabled
+    pepe.core.dns = mkIf config.pepe.core.dns.enable {
+      extraDomains = mapAttrs (domain: conf: {
+        dnsInterfaces = 
+          (lib.optionals (lib.any (loc: loc.allowLAN) (lib.attrValues conf.locations)) 
+            config.pepe.core.network.interfacesByType.lan) ++
+          (lib.optionals (lib.any (loc: loc.allowVPN) (lib.attrValues conf.locations)) 
+            config.pepe.core.network.interfacesByType.vpn);
+      }) cfg.hosts;
+    };
+
     services.nginx.virtualHosts = mapAttrs
       (domain: conf: {
         forceSSL = true;