From 74efccbdb6be460736e779f3abda3dedbf70f20f Mon Sep 17 00:00:00 2001
From: Giulio De Pasquale <git@depasquale.giugl.io>
Date: Mon, 7 Oct 2024 12:09:12 +0100
Subject: [PATCH] refactor(dns): simplify DNS config and associate architect
 domain to every interface

---
 hosts/architect/dns.nix | 68 +++++++++++++++++++++++------------------
 1 file changed, 38 insertions(+), 30 deletions(-)

diff --git a/hosts/architect/dns.nix b/hosts/architect/dns.nix
index 6061014..04d3761 100644
--- a/hosts/architect/dns.nix
+++ b/hosts/architect/dns.nix
@@ -1,44 +1,52 @@
 { config, lib, ... }:
 
-let
-  # Function to generate CoreDNS config for a single vhost
-  generateCoreDNSConfigForVhost = domain: conf:
-    let
-      # Retrieve architect's IP on each interface
-      interfaceConfigs = builtins.map
-        (iface:
-          let
-            architectIP = config.architect.networks.${iface}.devices.architect.address;
-            interfaceNet = config.architect.networks.${iface}.net;
-          in
-          ''
-            ${domain} {
-              view ${iface} {
-                expr incidr(client_ip(), '${interfaceNet}')
-              }
+with lib;
 
-              template IN A ${domain} {
-                answer "${domain}. 60 IN A ${architectIP}"
+let
+  generateCoreDNSConfig = domains:
+    let
+      generateForDomain = domain: conf:
+        concatMapStrings
+          (iface:
+            let
+              architectIP = config.architect.networks.${iface}.devices.architect.address;
+              interfaceNet = config.architect.networks.${iface}.net;
+            in
+            ''
+              ${domain} {
+                view ${iface} {
+                  expr incidr(client_ip(), '${interfaceNet}')
+                }
+
+                template IN A ${domain} {
+                  answer "${domain}. 60 IN A ${architectIP}"
+                }
+
+                template IN HTTPS ${domain} {
+                  answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${architectIP}\""
+                }
+
+                cache
+                log
               }
-              template IN HTTPS ${domain} {
-                answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${architectIP}\""
-              }
-              cache
-              log
-            }
-          ''
-        )
-        conf.dnsInterfaces;
+            ''
+          )
+          conf.dnsInterfaces;
     in
-    lib.concatStringsSep "\n" interfaceConfigs;
+    concatStrings (mapAttrsToList generateForDomain domains);
+
+  # Combine vhosts and the single domain
+  allDomains = config.architect.vhost // {
+    "architect.devs.giugl.io" = { dnsInterfaces = [ "lan" "tailscale" ]; };
+  };
 in
 {
   services = {
     coredns = {
       enable = true;
       config = ''
-        ${lib.concatStringsSep "\n" (lib.mapAttrsToList generateCoreDNSConfigForVhost config.architect.vhost)}
-          
+        ${generateCoreDNSConfig allDomains}
+                          
         . {
           cache
           forward . 127.0.0.1:${toString config.services.adguardhome.settings.dns.port}