peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: add DNS endpoint configuration to network and DNS modules

Browse Source
This commit is contained in:
Giulio De Pasquale (aider) 2025-04-26 19:14:49 +01:00
parent 3508ebc879
commit 9c71d75363
2 changed files with 74 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/core/dns.nix
View File

@ -73,6 +73,9 @@ in
({ name, device }:
let
deviceIP = device.address;
serverName = if device.dnsServerName != ""
then device.dnsServerName
else "${name}-${cfg.nextDNSId}.dns.nextdns.io";
in
''
. {
@ -81,7 +84,7 @@ in
}
forward . tls://45.90.28.77 tls://45.90.30.77 {
tls_servername ${name}-${cfg.nextDNSId}.dns.nextdns.io
tls_servername ${serverName}
health_check 5s
}
}
@ -121,7 +124,9 @@ in
. {
forward . tls://45.90.28.77 tls://45.90.30.77 {
tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io
tls_servername ${if (lib.length (lib.attrNames config.pepe.core.network.dnsEndpoints)) > 0
then (lib.head (lib.attrValues config.pepe.core.network.dnsEndpoints)).serverName
else "lan-${cfg.nextDNSId}.dns.nextdns.io"}
health_check 5s
}
}

68
modules/core/network.nix
View File

@ -36,6 +36,18 @@ in
type = types.str;
description = "The hostname of the device.";
};
isDnsEndpoint = mkOption {
type = types.bool;
default = false;
description = "Whether this device serves as a DNS endpoint for this interface.";
};
dnsServerName = mkOption {
type = types.str;
default = "";
description = "DNS server name for TLS connections (e.g., 'device-id.dns.nextdns.io').";
};
};
});
default = { };
@ -52,7 +64,37 @@ in
default = {};
description = "Interfaces grouped by type (lan, wan, vpn) for easy access.";
internal = true;
};
};
dnsEndpoints = mkOption {
type = types.attrsOf (types.submodule {
options = {
interface = mkOption {
type = types.str;
description = "The interface this DNS endpoint belongs to.";
};
device = mkOption {
type = types.str;
description = "The device name that serves as the DNS endpoint.";
};
address = mkOption {
type = types.str;
description = "The IP address of the DNS endpoint.";
};
serverName = mkOption {
type = types.str;
default = "";
description = "DNS server name for TLS connections.";
};
};
});
default = {};
description = "DNS endpoints for each interface.";
internal = true;
};
};
config = {
@ -62,5 +104,29 @@ in
wan = lib.attrNames (lib.filterAttrs (_: iface: iface.type == "wan") cfg.interfaces);
vpn = lib.attrNames (lib.filterAttrs (_: iface: iface.type == "vpn") cfg.interfaces);
};
# Collect DNS endpoints from all interfaces
pepe.core.network.dnsEndpoints =
let
collectEndpoints = ifaceName: iface:
lib.mapAttrs'
(deviceName: device:
lib.nameValuePair
"${ifaceName}-${deviceName}"
{
interface = ifaceName;
device = deviceName;
address = device.address;
serverName = device.dnsServerName;
}
)
(lib.filterAttrs (_: device: device.isDnsEndpoint) iface.devices);
in
lib.foldl
(acc: ifaceName:
acc // (collectEndpoints ifaceName cfg.interfaces.${ifaceName})
)
{}
(lib.attrNames cfg.interfaces);
};
}