peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: Add processDomainsFirst option to DNS module for flexible CoreDNS configuration

Browse Source
This commit is contained in:
Giulio De Pasquale (aider) 2025-04-26 19:06:59 +01:00
parent a022b2d0ce
commit c1baa0eb65
2 changed files with 96 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/architect/dns.nix
View File

@ -5,6 +5,7 @@
pepe.core.dns = { pepe.core.dns = {
enable = true; enable = true;
nextDNSId = "d65174"; nextDNSId = "d65174";
processDomainsFirst = true;
extraDomains = { extraDomains = {
"architect.devs.giugl.io" = { "architect.devs.giugl.io" = {
dnsInterfaces = [ "lan" "tailscale" ]; dnsInterfaces = [ "lan" "tailscale" ];

88
modules/core/dns.nix
View File

@ -18,6 +18,12 @@ in
description = "NextDNS ID for DNS over TLS."; description = "NextDNS ID for DNS over TLS.";
}; };
processDomainsFirst = mkOption {
type = types.bool;
default = false;
description = "Process all domains first, then add device views just once.";
};
extraDomains = mkOption { extraDomains = mkOption {
type = types.attrsOf (types.submodule { type = types.attrsOf (types.submodule {
options = { options = {
@ -37,16 +43,38 @@ in
services.coredns = { services.coredns = {
enable = true; enable = true;
config = let config = let
generateCoreDNSConfig = domains: # Function to generate domain-specific configurations
let generateDomainConfig = domain: conf: ifaceName:
generateForDomain = domain: conf:
concatMapStrings
(ifaceName:
let let
iface = config.pepe.core.network.interfaces.${ifaceName}; iface = config.pepe.core.network.interfaces.${ifaceName};
serverIP = iface.devices.server.address or "127.0.0.1"; serverIP = iface.devices.server.address or "127.0.0.1";
interfaceNet = iface.net; interfaceNet = iface.net;
deviceViews = concatMapStrings in
''
${domain} {
view ${ifaceName} {
expr incidr(client_ip(), '${interfaceNet}')
}
template IN A ${domain} {
answer "${domain}. 60 IN A ${serverIP}"
}
template IN HTTPS ${domain} {
answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${serverIP}\""
}
cache
log
}
'';
# Function to generate device views for an interface
generateDeviceViews = ifaceName:
let
iface = config.pepe.core.network.interfaces.${ifaceName};
in
concatMapStrings
({ name, device }: ({ name, device }:
let let
deviceIP = device.address; deviceIP = device.address;
@ -68,24 +96,38 @@ in
(name: device: { inherit name device; }) (name: device: { inherit name device; })
iface.devices iface.devices
); );
# Collect all interfaces used across all domains
allInterfaces = lib.unique (lib.flatten
(lib.mapAttrsToList
(_: conf: conf.dnsInterfaces)
(config.pepe.core.vhost.hosts // cfg.extraDomains)
));
# Generate all device views once
allDeviceViews = if cfg.processDomainsFirst
then concatMapStrings generateDeviceViews allInterfaces
else "";
# Function to generate configurations for all domains
generateCoreDNSConfig = domains:
let
generateForDomain = domain: conf:
if cfg.processDomainsFirst then
# Just generate domain configs without device views
concatMapStrings
(ifaceName: generateDomainConfig domain conf ifaceName)
conf.dnsInterfaces
else
# Original behavior: interleave domains and device views
concatMapStrings
(ifaceName:
let
domainConfig = generateDomainConfig domain conf ifaceName;
deviceViews = generateDeviceViews ifaceName;
in in
'' ''
${domain} { ${domainConfig}
view ${ifaceName} {
expr incidr(client_ip(), '${interfaceNet}')
}
template IN A ${domain} {
answer "${domain}. 60 IN A ${serverIP}"
}
template IN HTTPS ${domain} {
answer "${domain}. 60 IN HTTPS 1 . ipv4hint=\"${serverIP}\""
}
cache
log
}
${deviceViews} ${deviceViews}
'' ''
@ -98,6 +140,8 @@ in
in '' in ''
${generateCoreDNSConfig allDomains} ${generateCoreDNSConfig allDomains}
${allDeviceViews}
. { . {
forward . tls://45.90.28.77 tls://45.90.30.77 { forward . tls://45.90.28.77 tls://45.90.30.77 {
tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io tls_servername lan-${cfg.nextDNSId}.dns.nextdns.io