DGNum/infrastructure
9
6
Fork 3
Code Issues 31 Pull requests 32 Projects 1 Releases Packages Wiki Activity Actions

feat(dns): Allow restricting ip records to only one address
All checks were successful
Check workflows / check_workflows (pull_request) Successful in 1m54s
Details
Check meta / check_dns (pull_request) Successful in 1m57s
Details
Build all the nodes / netaccess01 (pull_request) Successful in 22s
Details
Build all the nodes / netcore02 (pull_request) Successful in 23s
Details
Build all the nodes / netcore01 (pull_request) Successful in 23s
Details
Build all the nodes / netcore00 (pull_request) Successful in 23s
Details
Build all the nodes / tower01 (pull_request) Successful in 1m0s
Details
Build all the nodes / vault01 (pull_request) Successful in 1m12s
Details
Build all the nodes / rescue01 (pull_request) Successful in 1m32s
Details
Build the shell / build-shell (pull_request) Successful in 24s
Details
Build all the nodes / web02 (pull_request) Successful in 1m29s
Details
Build all the nodes / web01 (pull_request) Successful in 1m30s
Details
Build all the nodes / web03 (pull_request) Successful in 1m29s
Details
Build all the nodes / storage01 (pull_request) Successful in 1m53s
Details
Build all the nodes / ap01 (pull_request) Successful in 38s
Details
Check meta / check_meta (pull_request) Successful in 16s
Details
Build all the nodes / bridge01 (pull_request) Successful in 1m0s
Details
Build all the nodes / cof02 (pull_request) Successful in 1m8s
Details
Build all the nodes / build01 (pull_request) Successful in 1m14s
Details
Build all the nodes / geo01 (pull_request) Successful in 1m8s
Details
Build all the nodes / geo02 (pull_request) Successful in 1m7s
Details
Build all the nodes / hypervisor01 (pull_request) Successful in 1m6s
Details
Build all the nodes / hypervisor02 (pull_request) Successful in 1m6s
Details
Build all the nodes / hypervisor03 (pull_request) Successful in 1m5s
Details
Build all the nodes / lab-router01 (pull_request) Successful in 1m3s
Details
Build all the nodes / iso (pull_request) Successful in 1m10s
Details
Build all the nodes / compute01 (pull_request) Successful in 1m32s
Details
Run pre-commit on all files / pre-commit (pull_request) Successful in 59s
Details
Build all the nodes / krz01 (pull_request) Successful in 1m51s
Details
Check meta / check_dns (push) Successful in 18s
Details
Check meta / check_meta (push) Successful in 17s
Details
Run pre-commit on all files / pre-commit (push) Successful in 33s
Details
Build all the nodes / netcore00 (push) Successful in 25s
Details
Build all the nodes / netaccess01 (push) Successful in 25s
Details
Build all the nodes / ap01 (push) Successful in 43s
Details
Build all the nodes / bridge01 (push) Successful in 1m6s
Details
Build all the nodes / netcore02 (push) Successful in 24s
Details
Build all the nodes / netcore01 (push) Successful in 24s
Details
Build all the nodes / geo01 (push) Successful in 1m12s
Details
Build all the nodes / hypervisor02 (push) Successful in 1m20s
Details
Build all the nodes / cof02 (push) Successful in 1m21s
Details
Build all the nodes / hypervisor01 (push) Successful in 1m23s
Details
Build all the nodes / geo02 (push) Successful in 1m23s
Details
Build all the nodes / hypervisor03 (push) Successful in 1m23s
Details
Build all the nodes / lab-router01 (push) Successful in 1m24s
Details
Build all the nodes / build01 (push) Successful in 1m27s
Details
Build all the nodes / iso (push) Successful in 1m27s
Details
Build all the nodes / compute01 (push) Successful in 1m39s
Details
Build the shell / build-shell (push) Successful in 25s
Details
Build all the nodes / krz01 (push) Successful in 2m0s
Details
Build all the nodes / tower01 (push) Successful in 1m1s
Details
Build all the nodes / vault01 (push) Successful in 1m10s
Details
Build all the nodes / rescue01 (push) Successful in 1m18s
Details
Build all the nodes / web02 (push) Successful in 1m5s
Details
Build all the nodes / web03 (push) Successful in 1m8s
Details
Build all the nodes / web01 (push) Successful in 1m27s
Details
Build all the nodes / storage01 (push) Successful in 2m4s
Details

Browse source 
This allows simpler migrations
This commit is contained in:
Tom Hubrecht 2025-04-29 10:33:54 +02:00
parent 0ed5d7f1e0
commit c8dde546f6
Signed by: thubrecht
SSH key fingerprint: SHA256:r+nK/SIcWlJ0zFZJGHtlAoRwq1Rm+WcKAm5ADYMoQPc
3 changed files with 23 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

16
meta/dns.nix
View file

@ -247,14 +247,22 @@ in
{ site, ... }:
let
net = meta.network.${host};
f =
x:
if x == [ ] then
[ ]
else if net.singleIpRecord then
[ (builtins.head x) ]
else
x;
inherit (net.addresses) ipv4 ipv6;
in
nameValuePair "${host}.${site}" {
A = ipv4;
AAAA = ipv6;
A = f ipv4;
AAAA = f ipv6;
subdomains = {
v4.A = ipv4;
v6.AAAA = ipv6;
v4.A = f ipv4;
v6.AAAA = f ipv6;
private.A = optional (net.netbirdIp != null) net.netbirdIp;
};
}

1
meta/network.nix
View file

@ -368,6 +368,7 @@
hostId = "8afc7749";
netbirdIp = "100.80.157.46";
singleIpRecord = true;
};
};
}

10
meta/options.nix
View file

@ -20,6 +20,7 @@ let
inherit (lib.types)
attrs
attrsOf
bool
enum
ints
listOf
@ -405,6 +406,15 @@ in
'';
};
singleIpRecord = mkOption {
type = bool;
default = false;
description = ''
When set to true, only the first IP address will be set for
the A or AAAA record int hte DNS zone.
'';
};
# FIXME: Unused
vpnKeys = mkOption {
type = attrsOf vpnKeyType;