diff --git a/modules/core/dns.nix b/modules/core/dns.nix index 2e30384..85f7ea5 100644 --- a/modules/core/dns.nix +++ b/modules/core/dns.nix @@ -18,23 +18,17 @@ in description = "NextDNS ID for DNS over TLS."; }; - processDomainsFirst = mkOption { - type = types.bool; - default = false; - description = "Process all domains first, then add device views just once."; - }; - extraDomains = mkOption { type = types.attrsOf (types.submodule { options = { dnsInterfaces = mkOption { type = types.listOf types.str; - default = []; + default = [ ]; description = "List of interfaces to add DNS entries for this domain."; }; }; }); - default = {}; + default = { }; description = "Additional domains to add to DNS configuration."; }; }; @@ -42,113 +36,96 @@ in config = mkIf cfg.enable { services.coredns = { enable = true; - config = let - # Function to generate domain-specific configurations - generateDomainConfig = domain: conf: ifaceName: - let - iface = config.pepe.core.network.interfaces.${ifaceName}; - serverIP = iface.devices.server.address or "127.0.0.1"; - interfaceNet = iface.net; - in - '' - ${domain} { - view ${ifaceName} { - expr incidr(client_ip(), '${interfaceNet}') - } - - template IN A ${domain} { - answer "${domain}. 60 IN A ${serverIP}" - } - - template IN HTTPS ${domain} { - answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${serverIP}\"" - } - - cache - log - } - ''; - - # Function to generate device views for an interface - generateDeviceViews = ifaceName: - let - iface = config.pepe.core.network.interfaces.${ifaceName}; - in - concatMapStrings - ({ name, device }: - let - deviceIP = device.address; - in - '' - . { - view ${name} { - expr client_ip() == '${deviceIP}' - } - - forward . tls://45.90.28.77 tls://45.90.30.77 { - tls_servername ${name}-${cfg.nextDNSId}.dns.nextdns.io - health_check 5s - } + config = + let + # Function to generate domain-specific configurations + generateDomainConfig = domain: conf: ifaceName: + let + iface = config.pepe.core.network.interfaces.${ifaceName}; + serverIP = iface.devices.server.address or "127.0.0.1"; + interfaceNet = iface.net; + in + '' + ${domain} { + view ${ifaceName} { + expr incidr(client_ip(), '${interfaceNet}') } - '' - ) - (attrsets.mapAttrsToList - (name: device: { inherit name device; }) - iface.devices - ); - # Collect all interfaces used across all domains - allInterfaces = lib.unique (lib.flatten - (lib.mapAttrsToList - (_: conf: conf.dnsInterfaces) - (config.pepe.core.vhost.hosts // cfg.extraDomains) - )); + template IN A ${domain} { + answer "${domain}. 60 IN A ${serverIP}" + } - # Generate all device views once - allDeviceViews = if cfg.processDomainsFirst - then concatMapStrings generateDeviceViews allInterfaces - else ""; + template IN HTTPS ${domain} { + answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${serverIP}\"" + } - # Function to generate configurations for all domains - generateCoreDNSConfig = domains: - let - generateForDomain = domain: conf: - if cfg.processDomainsFirst then - # Just generate domain configs without device views + cache + log + } + ''; + + # Function to generate device views for an interface + generateDeviceViews = ifaceName: + let + iface = config.pepe.core.network.interfaces.${ifaceName}; + in + concatMapStrings + ({ name, device }: + let + deviceIP = device.address; + in + '' + . { + view ${name} { + expr client_ip() == '${deviceIP}' + } + + forward . tls://45.90.28.77 tls://45.90.30.77 { + tls_servername ${name}-${cfg.nextDNSId}.dns.nextdns.io + health_check 5s + } + } + '' + ) + (attrsets.mapAttrsToList + (name: device: { inherit name device; }) + iface.devices + ); + + # Collect all interfaces used across all domains + allInterfaces = lib.unique (lib.flatten + (lib.mapAttrsToList + (_: conf: conf.dnsInterfaces) + (config.pepe.core.vhost.hosts // cfg.extraDomains) + )); + + # Generate all device views once + allDeviceViews = concatMapStrings generateDeviceViews allInterfaces; + + # Function to generate configurations for all domains + generateCoreDNSConfig = domains: + let + generateForDomain = domain: conf: concatMapStrings (ifaceName: generateDomainConfig domain conf ifaceName) - conf.dnsInterfaces - else - # Original behavior: interleave domains and device views - concatMapStrings - (ifaceName: - let - domainConfig = generateDomainConfig domain conf ifaceName; - deviceViews = generateDeviceViews ifaceName; - in - '' - ${domainConfig} - - ${deviceViews} - '' - ) conf.dnsInterfaces; - in - concatStrings (mapAttrsToList generateForDomain domains); + in + concatStrings (mapAttrsToList generateForDomain domains); - allDomains = config.pepe.core.vhost.hosts // cfg.extraDomains; - in '' - ${generateCoreDNSConfig allDomains} + allDomains = config.pepe.core.vhost.hosts // cfg.extraDomains; + in + '' + ${generateCoreDNSConfig allDomains} - ${allDeviceViews} + ${allDeviceViews} - . { - forward . tls://45.90.28.77 tls://45.90.30.77 { - tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io - health_check 5s - } - } - ''; + . { + forward . tls://45.90.28.77 tls://45.90.30.77 { + tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io + health_check 5s + } + } + ''; }; }; }