From c428e0288ade9f518df140e98195a40567e3b314 Mon Sep 17 00:00:00 2001
From: Constantin Gierczak--Galle <git.cst1@mailbox.org>
Date: Fri, 22 Nov 2024 15:13:50 +0100
Subject: [PATCH] feat(dns01): init zone config

---
 machines/dns01/_configuration.nix  |  9 +++++++--
 machines/dns01/beta.dgnum.eu.nix   | 22 ++++++++++++++++++++++
 machines/dns01/dns.nix             |  8 --------
 machines/dns01/nsd.nix             | 21 +++++++++++++++++++++
 machines/dns01/secrets/secrets.nix |  2 +-
 meta/network.nix                   |  7 +++++++
 meta/nodes.nix                     |  9 +++++++++
 7 files changed, 67 insertions(+), 11 deletions(-)
 create mode 100644 machines/dns01/beta.dgnum.eu.nix
 delete mode 100644 machines/dns01/dns.nix
 create mode 100644 machines/dns01/nsd.nix

diff --git a/machines/dns01/_configuration.nix b/machines/dns01/_configuration.nix
index dfaa954..5fe0292 100644
--- a/machines/dns01/_configuration.nix
+++ b/machines/dns01/_configuration.nix
@@ -7,10 +7,15 @@ lib.extra.mkConfig {
 
   enabledServices = [
     # List of services to enable
-    "dns"
+    "nsd"
   ];
 
-  extraConfig = { };
+  extraConfig = {
+    users.users.root.openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKrijwPlb7KQkYPLznMPVzPPT69cLzhEsJzZi9tmxzTh cst1@x270"
+    ];
+  };
 
   root = ./.;
 }
diff --git a/machines/dns01/beta.dgnum.eu.nix b/machines/dns01/beta.dgnum.eu.nix
new file mode 100644
index 0000000..cfb6d7e
--- /dev/null
+++ b/machines/dns01/beta.dgnum.eu.nix
@@ -0,0 +1,22 @@
+{ dns, ... }:
+
+with dns.lib.combinators;
+{
+  SOA = {
+    nameServer = "ns1";
+    adminEmail = "webmaster@dgnum.eu";
+    serial = 2019030800;
+  };
+
+  NS = [
+    # TODO: add nameservers with GLUE and everything
+  ];
+
+  #A = [ "203.0.113.1" ];
+  #AAAA = [ "4321:0:1:2:3:4:567:89ab" ];
+
+  subdomains = {
+    photoprism = host "129.199.146.101" "";
+    immich = host "129.199.146.101" "";
+  };
+}
diff --git a/machines/dns01/dns.nix b/machines/dns01/dns.nix
deleted file mode 100644
index a2c3f9d..0000000
--- a/machines/dns01/dns.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  networking = {
-    firewall = {
-      allowedUDPPorts = [ 53 ];
-    };
-  };
-}
-
diff --git a/machines/dns01/nsd.nix b/machines/dns01/nsd.nix
new file mode 100644
index 0000000..5d9b46d
--- /dev/null
+++ b/machines/dns01/nsd.nix
@@ -0,0 +1,21 @@
+{ dns, ... }:
+
+{
+  services.nsd = {
+    enable = true;
+    zones = {
+      "beta.dgnum.eu" = {
+        # provideXFR = [ ... ];
+        # notify = [ ... ];
+        data = dns.lib.toString "beta.dgnum.eu" (import ./beta.dgnum.eu.nix { inherit dns; });
+      };
+    };
+  };
+  networking = {
+    firewall = {
+      allowedUDPPorts = [
+        53
+      ];
+    };
+  };
+}
diff --git a/machines/dns01/secrets/secrets.nix b/machines/dns01/secrets/secrets.nix
index 5e3898e..16bf5d3 100644
--- a/machines/dns01/secrets/secrets.nix
+++ b/machines/dns01/secrets/secrets.nix
@@ -1,3 +1,3 @@
-(import ../../../keys).mkSecrets [ "router02" ] [
+(import ../../../keys).mkSecrets [ "dns01" ] [
   # List of secrets for router02
 ]
diff --git a/meta/network.nix b/meta/network.nix
index ca31c69..62c03f2 100644
--- a/meta/network.nix
+++ b/meta/network.nix
@@ -1,4 +1,11 @@
 {
+  dns01 = {
+    interfaces = { };
+
+    addresses.ipv4 = [ "129.199.146.102" ];
+
+    hostId = "1758233d";
+  };
   krz01 = {
     interfaces = {
       vmbr0 = {
diff --git a/meta/nodes.nix b/meta/nodes.nix
index f3fca44..c73f6c4 100644
--- a/meta/nodes.nix
+++ b/meta/nodes.nix
@@ -19,6 +19,15 @@
   - luj01 -> VM de Luj
 */
 {
+  dns01 = {
+    site = "pav01";
+
+    # TODO: 
+    hashedPassword = "$y$j9T$eNZQgDN.J5y7KTG2hXgat1$J1i5tjx5dnSZu.C9B7swXi5zMFIkUnmRrnmyLHFAt8/";
+
+    stateVersion = "24.05";
+    nixpkgs = "24.05";
+  };
   krz01 = {
     site = "pav01";