diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2026-06-12 01:54:21 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2026-06-12 01:54:21 +0200 |
| commit | bbdf38018b47328b5faa2cef635c37095045be72 (patch) | |
| tree | 8983817d547551ae12508a8ae8731b622d990af4 /tests/common/dns/module/default.nix | |
| parent | feat(server): Make user stuff stateless (diff) | |
| download | atuin-bbdf38018b47328b5faa2cef635c37095045be72.zip | |
feat(server): Really make users stateless (with tests)
This commit also remove another load of unneeded features.
Diffstat (limited to '')
| -rw-r--r-- | tests/common/dns/module/default.nix | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/tests/common/dns/module/default.nix b/tests/common/dns/module/default.nix new file mode 100644 index 00000000..8f4ad37a --- /dev/null +++ b/tests/common/dns/module/default.nix @@ -0,0 +1,86 @@ +{ + config, + lib, + ... +}: let + cfg = config.vhack.dns; + + zones = + builtins.mapAttrs (name: value: { + data = + dns.types.zone.renderToString name value; + }) + cfg.zones; + + dns = import ./dns {inherit lib;}; + + ports = let + parsePorts = listeners: let + splitAddress = addr: lib.splitString "@" addr; + + extractPort = addr: let + split = splitAddress addr; + in + lib.toInt ( + if (builtins.length split) == 2 + then builtins.elemAt split 1 + else "53" + ); + in + builtins.map extractPort listeners; + in + lib.unique (parsePorts cfg.interfaces); +in { + options.vhack.dns = { + enable = lib.mkEnableOption "custom dns server"; + + openFirewall = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Open the following ports: + TCP (${lib.concatStringsSep ", " (map toString ports)}) + UDP (${lib.concatStringsSep ", " (map toString ports)}) + ''; + }; + + interfaces = lib.mkOption { + type = lib.types.listOf lib.types.str; + description = '' + A list of the interfaces to bind to. To select the port add `@` to the end of the + interface. The default port is 53. + ''; + example = [ + "192.168.1.3" + "2001:db8:1::3" + ]; + }; + + zones = lib.mkOption { + type = lib.types.attrsOf dns.types.zone.zone; + description = "DNS zones"; + }; + }; + + config = lib.mkIf cfg.enable { + services.nsd = { + enable = true; + verbosity = 4; + inherit (cfg) interfaces; + inherit zones; + }; + + networking.firewall.allowedUDPPorts = lib.mkIf cfg.openFirewall ports; + networking.firewall.allowedTCPPorts = lib.mkIf cfg.openFirewall ports; + + systemd.services.nsd = { + requires = [ + "network-online.target" + ]; + after = [ + "network.target" + "network-online.target" + ]; + }; + }; +} |