peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

refactor: simplify DNS configuration generation and remove processDomainsFirst option

Browse Source
This commit is contained in:
Giulio De Pasquale 2025-04-26 19:14:48 +01:00 committed by Giulio De Pasquale (aider)
parent c1baa0eb65
commit 3508ebc879
1 changed files with 82 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

185
modules/core/dns.nix
View File

@ -18,23 +18,17 @@ in
description = "NextDNS ID for DNS over TLS."; description = "NextDNS ID for DNS over TLS.";
}; };
processDomainsFirst = mkOption {
type = types.bool;
default = false;
description = "Process all domains first, then add device views just once.";
};
extraDomains = mkOption { extraDomains = mkOption {
type = types.attrsOf (types.submodule { type = types.attrsOf (types.submodule {
options = { options = {
dnsInterfaces = mkOption { dnsInterfaces = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [ ];
description = "List of interfaces to add DNS entries for this domain."; description = "List of interfaces to add DNS entries for this domain.";
}; };
}; };
}); });
default = {}; default = { };
description = "Additional domains to add to DNS configuration."; description = "Additional domains to add to DNS configuration.";
}; };
}; };
@ -42,113 +36,96 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.coredns = { services.coredns = {
enable = true; enable = true;
config = let config =
# Function to generate domain-specific configurations let
generateDomainConfig = domain: conf: ifaceName: # Function to generate domain-specific configurations
let generateDomainConfig = domain: conf: ifaceName:
iface = config.pepe.core.network.interfaces.${ifaceName}; let
serverIP = iface.devices.server.address or "127.0.0.1"; iface = config.pepe.core.network.interfaces.${ifaceName};
interfaceNet = iface.net; serverIP = iface.devices.server.address or "127.0.0.1";
in interfaceNet = iface.net;
'' in
${domain} { ''
view ${ifaceName} { ${domain} {
expr incidr(client_ip(), '${interfaceNet}') view ${ifaceName} {
} expr incidr(client_ip(), '${interfaceNet}')
template IN A ${domain} {
answer "${domain}. 60 IN A ${serverIP}"
}
template IN HTTPS ${domain} {
answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${serverIP}\""
}
cache
log
}
'';
# Function to generate device views for an interface
generateDeviceViews = ifaceName:
let
iface = config.pepe.core.network.interfaces.${ifaceName};
in
concatMapStrings
({ name, device }:
let
deviceIP = device.address;
in
''
. {
view ${name} {
expr client_ip() == '${deviceIP}'
}
forward . tls://45.90.28.77 tls://45.90.30.77 {
tls_servername ${name}-${cfg.nextDNSId}.dns.nextdns.io
health_check 5s
}
} }
''
)
(attrsets.mapAttrsToList
(name: device: { inherit name device; })
iface.devices
);
# Collect all interfaces used across all domains template IN A ${domain} {
allInterfaces = lib.unique (lib.flatten answer "${domain}. 60 IN A ${serverIP}"
(lib.mapAttrsToList }
(_: conf: conf.dnsInterfaces)
(config.pepe.core.vhost.hosts // cfg.extraDomains)
));
# Generate all device views once template IN HTTPS ${domain} {
allDeviceViews = if cfg.processDomainsFirst answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${serverIP}\""
then concatMapStrings generateDeviceViews allInterfaces }
else "";
# Function to generate configurations for all domains cache
generateCoreDNSConfig = domains: log
let }
generateForDomain = domain: conf: '';
if cfg.processDomainsFirst then
# Just generate domain configs without device views # Function to generate device views for an interface
generateDeviceViews = ifaceName:
let
iface = config.pepe.core.network.interfaces.${ifaceName};
in
concatMapStrings
({ name, device }:
let
deviceIP = device.address;
in
''
. {
view ${name} {
expr client_ip() == '${deviceIP}'
}
forward . tls://45.90.28.77 tls://45.90.30.77 {
tls_servername ${name}-${cfg.nextDNSId}.dns.nextdns.io
health_check 5s
}
}
''
)
(attrsets.mapAttrsToList
(name: device: { inherit name device; })
iface.devices
);
# Collect all interfaces used across all domains
allInterfaces = lib.unique (lib.flatten
(lib.mapAttrsToList
(_: conf: conf.dnsInterfaces)
(config.pepe.core.vhost.hosts // cfg.extraDomains)
));
# Generate all device views once
allDeviceViews = concatMapStrings generateDeviceViews allInterfaces;
# Function to generate configurations for all domains
generateCoreDNSConfig = domains:
let
generateForDomain = domain: conf:
concatMapStrings concatMapStrings
(ifaceName: generateDomainConfig domain conf ifaceName) (ifaceName: generateDomainConfig domain conf ifaceName)
conf.dnsInterfaces
else
# Original behavior: interleave domains and device views
concatMapStrings
(ifaceName:
let
domainConfig = generateDomainConfig domain conf ifaceName;
deviceViews = generateDeviceViews ifaceName;
in
''
${domainConfig}
${deviceViews}
''
)
conf.dnsInterfaces; conf.dnsInterfaces;
in in
concatStrings (mapAttrsToList generateForDomain domains); concatStrings (mapAttrsToList generateForDomain domains);
allDomains = config.pepe.core.vhost.hosts // cfg.extraDomains; allDomains = config.pepe.core.vhost.hosts // cfg.extraDomains;
in '' in
${generateCoreDNSConfig allDomains} ''
${generateCoreDNSConfig allDomains}
${allDeviceViews} ${allDeviceViews}
. { . {
forward . tls://45.90.28.77 tls://45.90.30.77 { forward . tls://45.90.28.77 tls://45.90.30.77 {
tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io
health_check 5s health_check 5s
}
} }
} '';
'';
}; };
}; };
} }