From 58c8d0f6d297731b5b6131ebb4774201abb1b812 Mon Sep 17 00:00:00 2001 From: Tom Hubrecht Date: Fri, 23 Feb 2024 12:20:12 +0100 Subject: [PATCH] feat(dns): Split out config --- default.nix | 2 ++ meta/default.nix | 32 ++++++++++++------------------- meta/dns.nix | 49 +++++++++++++++++++++++------------------------- meta/verify.nix | 2 +- 4 files changed, 38 insertions(+), 47 deletions(-) diff --git a/default.nix b/default.nix index 9213fa7..46daed7 100644 --- a/default.nix +++ b/default.nix @@ -63,6 +63,8 @@ in import ./meta/nodes.nix ); + dns = import ./meta/dns.nix; + shells = { default = pkgs.mkShell { name = "dgnum-infra"; diff --git a/meta/default.nix b/meta/default.nix index 8724d91..cb622a2 100644 --- a/meta/default.nix +++ b/meta/default.nix @@ -2,24 +2,16 @@ # Metadata for the nodes. You can add custom attributes, they are # accessible through the specialArg meta in the config. -let - dns = args: import ./dns.nix (args // { inherit meta; }); +lib: - meta = - lib: - (lib.evalModules { - modules = [ - ./options.nix - { - network = import ./network.nix; - nodes = import ./nodes.nix; - organization = import ./organization.nix; - } - ]; - class = "dgnumMeta"; - }).config; -in - -{ - inherit dns meta; -} +(lib.evalModules { + modules = [ + ./options.nix + { + network = import ./network.nix; + nodes = import ./nodes.nix; + organization = import ./organization.nix; + } + ]; + class = "dgnumMeta"; +}).config diff --git a/meta/dns.nix b/meta/dns.nix index 716ad8f..4d2cb43 100644 --- a/meta/dns.nix +++ b/meta/dns.nix @@ -1,35 +1,21 @@ -{ - lib, - meta, - dns, - ... -}: +{ lib, dns, ... }: let + inherit (lib) mapAttrs' nameValuePair; inherit (lib.extra) fuseAttrs mapSingleFuse; inherit (dns.lib.combinators) mx spf ttl; - meta' = meta lib; + meta = (import ./.) lib; mkCNAME = host: { CNAME = [ host ]; }; - mkRecord = - host: - let - net = meta'.network.${host}; - in - { - A = net.addresses.publicV4; - AAAA = net.addresses.publicV6; - }; - - mkHosted = server: mapSingleFuse (_: mkCNAME "${server}.${meta'.nodes.${server}.site}.infra"); + mkHosted = server: mapSingleFuse (_: mkCNAME "${server}.${meta.nodes.${server}.site}.infra"); cnames = builtins.mapAttrs (_: to: { CNAME = [ to ]; }) { - dev = "dev.pages.codeberg.page."; - irc = "public.p.lahfa.xyz."; - webmail = "kurisu.dual.lahfa.xyz."; + "dev" = "dev.pages.codeberg.page."; + "irc" = "public.p.lahfa.xyz."; + "webmail" = "kurisu.dual.lahfa.xyz."; "*.cal" = "cal.dgnum.eu."; "retired" = "web-static"; @@ -108,10 +94,6 @@ let ) ); - infra.subdomains = - builtins.mapAttrs (_: nodes: { subdomains = mapSingleFuse mkRecord nodes; }) - meta.infra; - kurisuDKIM = [ { selector = "kurisu"; @@ -164,12 +146,27 @@ in }; } // { - infra = infra // { + infra = { MX = map (ttl 3600) [ (mx.mx 10 "kurisu.lahfa.xyz.") ]; TXT = [ (spf.strict [ "a:kurisu.lahfa.xyz" ]) ]; DMARC = [ { p = "none"; } ]; DKIM = kurisuDKIM; + + subdomains = + mapAttrs' + ( + host: + { site, ... }: + nameValuePair "${host}.${site}" ( + with meta.network.${host}.addresses; + { + A = ipv4; + AAAA = ipv6; + } + ) + ) + meta.nodes; }; }; } diff --git a/meta/verify.nix b/meta/verify.nix index 80d374a..4b6cef2 100644 --- a/meta/verify.nix +++ b/meta/verify.nix @@ -3,4 +3,4 @@ let pkgs = import sources.nixpkgs { }; in -builtins.deepSeq ((import ./.).meta pkgs.lib) { } +builtins.deepSeq ((import ./.) pkgs.lib) { }