[dns] init

flake.lock

@@ -21,6 +21,27 @@
         "type": "github"
       }
     },
+    "dns": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1768143854,
+        "narHash": "sha256-E5/kyPz4zAZn/lZdvqlF83jMgCWNxmqYjjWuadngCbk=",
+        "owner": "kirelagin",
+        "repo": "dns.nix",
+        "rev": "a97cf4156e9f044fe4bed5be531061000dfabb07",
+        "type": "github"
+      },
+      "original": {
+        "owner": "kirelagin",
+        "repo": "dns.nix",
+        "type": "github"
+      }
+    },
     "ep3-bs": {
       "inputs": {
         "nixpkgs": [
@@ -43,6 +64,21 @@
       }
     },
     "flake-utils": {
+      "locked": {
+        "lastModified": 1614513358,
+        "narHash": "sha256-LakhOx3S1dRjnh0b5Dg3mbZyH0ToC9I8Y2wKSkBaTzU=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "5466c5bbece17adaab2d82fae80b46e807611bf3",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_2": {
       "inputs": {
         "systems": "systems_3"
       },
@@ -102,7 +138,7 @@
     },
     "microvm": {
       "inputs": {
-        "flake-utils": "flake-utils",
+        "flake-utils": "flake-utils_2",
         "nixpkgs": [
           "nixpkgs"
         ],
@@ -225,6 +261,7 @@
     "root": {
       "inputs": {
         "disko": "disko",
+        "dns": "dns",
         "ep3-bs": "ep3-bs",
         "home-manager": "home-manager",
         "mfsync": "mfsync",

flake.nix

@@ -13,6 +13,11 @@
     disko.url = "github:nix-community/disko/latest";
     disko.inputs.nixpkgs.follows = "nixpkgs";
 
+    dns = {
+      url = "github:kirelagin/dns.nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     utils = {
       url = "github:numtide/flake-utils";
     };

machines/hosts.nix

@@ -1,27 +1,53 @@
 { ... }:
 
 {
+  #TODO: fix local 192.168.1.0/24 addresses they are just palceholders!
   malobeo = {
     hosts = {
       louise = {
         type = "host";
+        network = {
+          local = true;
+          address = "192.168.1.11";
+        };
       };
 
       bakunin = {
         type = "host";
+        network = {
+          local = true;
+          address = "192.168.1.12";
+        };
       };
 
       fanny = {
         type = "host";
+        network = {
+          local = true;
+          address = "192.168.1.13";
+        };
+      };
+
+      ns1 = {
+        type = "host";
+        network = {
+          local = true;
+          address = "192.168.1.14";
+        };
       };
 
       lucia = {
         type = "rpi";
+        network = {
+          local = true;
+          address = "192.168.1.15";
+        };
       };
 
       durruti = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.5";
           mac = "52:DA:0D:F9:EF:F9";
         };
@@ -30,6 +56,7 @@
       vpn = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.10";
           mac = "D0:E5:CA:F0:D7:E6";
         };
@@ -38,6 +65,7 @@
       infradocs = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.11";
           mac = "D0:E5:CA:F0:D7:E7";
         };
@@ -46,6 +74,7 @@
       uptimekuma = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.12";
           mac = "D0:E5:CA:F0:D7:E8";
         };
@@ -54,6 +83,7 @@
       nextcloud = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.13";
           mac = "D0:E5:CA:F0:D7:E9";
         };
@@ -62,6 +92,7 @@
       overwatch = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.14";
           mac = "D0:E5:CA:F0:D7:E0";
         };
@@ -70,14 +101,11 @@
       zineshop = {
         type = "microvm";
         network = {
+          local = true;
           address = "10.0.0.15";
           mac = "D0:E5:CA:F0:D7:F1";
         };
       };
-
-      testvm = {
-        type = "host";
-      };
     };
   };
 }

machines/modules/malobeo/zones.nix

@@ -0,0 +1,39 @@
+{ inputs }:
+
+let
+  vpnNS = "vpn";
+  localNS = "hq";
+  peers = import ./peers.nix;
+  hosts = ((import ../../hosts.nix ) {}).malobeo.hosts;
+
+in
+{
+  SOA = {
+    nameServer = "ns1";
+    adminEmail = "admin@malobeo.org";
+    serial = 2019030800;
+  };
+  useOrigin = false;
+
+  NS = [
+    "ns1.malobeo.org."
+  ];
+
+  A = [ "23.23.23.23" ]; #TODO: update
+  AAAA = [ "4321:0:1:2:3:4:567:89ab" ]; #TODO: update
+
+  subdomains = {
+    ${localNS} = {
+      subdomains = builtins.mapAttrs (name: value: if value.network.local == true then {
+        A = [ value.network.address ];
+      } else {}) hosts;
+    };
+
+    ${vpnNS} = {
+      A = [ peers.vpn.address ];
+      subdomains = builtins.mapAttrs (name: value: if value.role != "server" then {
+        A = [ value.address ];
+      } else {}) peers;
+    };
+  };
+}

machines/ns1/configuration.nix

@@ -0,0 +1,34 @@
+{ config, self, lib, inputs, pkgs,  ... }:
+
+with lib;
+with inputs;
+
+let
+  dns = inputs.dns;
+in
+{
+  networking = {
+    hostName = mkDefault "ns1";
+    useDHCP = false;
+  };
+
+  imports = [
+    ../modules/malobeo_user.nix
+    ../modules/sshd.nix
+    ../modules/minimal_tools.nix
+    ../modules/autoupdate.nix
+  ];
+
+  services.bind = {
+    enable = true;
+    zones = {
+      "malobeo.org" = {
+        master = true;
+        file = pkgs.writeText "zone-malobeo.org" (dns.lib.toString "malobeo.org" (import ../modules/malobeo/zones.nix { inherit inputs; }));
+      };
+    };
+  };
+
+  system.stateVersion = "22.11"; # Did you read the comment?
+}
+