From 9c71d75363a442b593c2f29b8a0c2ce0b8cada62 Mon Sep 17 00:00:00 2001 From: "Giulio De Pasquale (aider)" Date: Sat, 26 Apr 2025 19:14:49 +0100 Subject: [PATCH] feat: add DNS endpoint configuration to network and DNS modules --- modules/core/dns.nix | 9 ++++-- modules/core/network.nix | 68 +++++++++++++++++++++++++++++++++++++++- 2 files changed, 74 insertions(+), 3 deletions(-) diff --git a/modules/core/dns.nix b/modules/core/dns.nix index 85f7ea5..26a9c8d 100644 --- a/modules/core/dns.nix +++ b/modules/core/dns.nix @@ -73,6 +73,9 @@ in ({ name, device }: let deviceIP = device.address; + serverName = if device.dnsServerName != "" + then device.dnsServerName + else "${name}-${cfg.nextDNSId}.dns.nextdns.io"; in '' . { @@ -81,7 +84,7 @@ in } forward . tls://45.90.28.77 tls://45.90.30.77 { - tls_servername ${name}-${cfg.nextDNSId}.dns.nextdns.io + tls_servername ${serverName} health_check 5s } } @@ -121,7 +124,9 @@ in . { forward . tls://45.90.28.77 tls://45.90.30.77 { - tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io + tls_servername ${if (lib.length (lib.attrNames config.pepe.core.network.dnsEndpoints)) > 0 + then (lib.head (lib.attrValues config.pepe.core.network.dnsEndpoints)).serverName + else "lan-${cfg.nextDNSId}.dns.nextdns.io"} health_check 5s } } diff --git a/modules/core/network.nix b/modules/core/network.nix index 28dc934..018be59 100644 --- a/modules/core/network.nix +++ b/modules/core/network.nix @@ -36,6 +36,18 @@ in type = types.str; description = "The hostname of the device."; }; + + isDnsEndpoint = mkOption { + type = types.bool; + default = false; + description = "Whether this device serves as a DNS endpoint for this interface."; + }; + + dnsServerName = mkOption { + type = types.str; + default = ""; + description = "DNS server name for TLS connections (e.g., 'device-id.dns.nextdns.io')."; + }; }; }); default = { }; @@ -52,7 +64,37 @@ in default = {}; description = "Interfaces grouped by type (lan, wan, vpn) for easy access."; internal = true; - }; + }; + + dnsEndpoints = mkOption { + type = types.attrsOf (types.submodule { + options = { + interface = mkOption { + type = types.str; + description = "The interface this DNS endpoint belongs to."; + }; + + device = mkOption { + type = types.str; + description = "The device name that serves as the DNS endpoint."; + }; + + address = mkOption { + type = types.str; + description = "The IP address of the DNS endpoint."; + }; + + serverName = mkOption { + type = types.str; + default = ""; + description = "DNS server name for TLS connections."; + }; + }; + }); + default = {}; + description = "DNS endpoints for each interface."; + internal = true; + }; }; config = { @@ -62,5 +104,29 @@ in wan = lib.attrNames (lib.filterAttrs (_: iface: iface.type == "wan") cfg.interfaces); vpn = lib.attrNames (lib.filterAttrs (_: iface: iface.type == "vpn") cfg.interfaces); }; + + # Collect DNS endpoints from all interfaces + pepe.core.network.dnsEndpoints = + let + collectEndpoints = ifaceName: iface: + lib.mapAttrs' + (deviceName: device: + lib.nameValuePair + "${ifaceName}-${deviceName}" + { + interface = ifaceName; + device = deviceName; + address = device.address; + serverName = device.dnsServerName; + } + ) + (lib.filterAttrs (_: device: device.isDnsEndpoint) iface.devices); + in + lib.foldl + (acc: ifaceName: + acc // (collectEndpoints ifaceName cfg.interfaces.${ifaceName}) + ) + {} + (lib.attrNames cfg.interfaces); }; }