···
6
-
cfg = config.services;
6
+
cfgs = config.services;
9
+
dataDir = "/var/lib/dnschain";
10
+
username = "dnschain";
8
-
dnschainConf = pkgs.writeText "dnschain.conf" ''
12
+
configFile = pkgs.writeText "dnschain.conf" ''
17
+
host = ${cfg.dns.address}
18
+
port = ${toString cfg.dns.port}
oldDNSMethod = NO_OLD_DNS
16
-
# TODO: check what that address is acutally used for
17
-
externalIP = 127.0.0.1
20
+
externalIP = ${cfg.dns.address}
23
+
host = ${cfg.api.hostname}
24
+
port = ${toString cfg.api.port}
25
+
tlsPort = ${toString cfg.api.tlsPort}
···
40
+
enable = mkEnableOption ''
41
+
DNSChain, a blockchain based DNS + HTTP server.
42
+
To resolve .bit domains set <literal>services.namecoind.enable = true;</literal>
43
+
and an RPC username/password.
46
+
dns.address = mkOption {
48
+
default = "127.0.0.1";
39
-
Whether to run dnschain. That implies running
40
-
namecoind as well, so make sure to configure
50
+
The IP address that will be used to reach this machine.
51
+
Leave this unchanged if you do not wish to directly expose the DNSChain resolver.
55
+
dns.port = mkOption {
59
+
The port the DNSChain resolver will bind to.
47
-
services.dnsmasq = {
48
-
resolveDnschainQueries = mkOption {
63
+
api.hostname = mkOption {
65
+
default = "0.0.0.0";
52
-
Resolve <literal>.bit</literal> top-level domains
53
-
with dnschain and namecoind.
67
+
The hostname (or IP address) the DNSChain API server will bind to.
71
+
api.port = mkOption {
75
+
The port the DNSChain API server (HTTP) will bind to.
79
+
api.tlsPort = mkOption {
83
+
The port the DNSChain API server (HTTPS) will bind to.
87
+
extraConfig = mkOption {
95
+
Additional options that will be appended to the configuration file.
101
+
services.dnsmasq.resolveDNSChainQueries = mkOption {
105
+
Resolve <literal>.bit</literal> top-level domains using DNSChain and namecoin.
109
+
services.pdns-recursor.resolveDNSChainQueries = mkOption {
113
+
Resolve <literal>.bit</literal> top-level domains using DNSChain and namecoin.
64
-
config = mkIf cfg.dnschain.enable {
122
+
config = mkIf cfg.enable {
66
-
services.namecoind.enable = true;
68
-
services.dnsmasq.servers = optionals cfg.dnsmasq.resolveDnschainQueries [ "/.bit/127.0.0.1#5333" ];
124
+
services.dnsmasq.servers = optionals cfgs.dnsmasq.resolveDNSChainQueries
125
+
[ "/.bit/127.0.0.1#${toString cfg.dns.port}"
126
+
"/.dns/127.0.0.1#${toString cfg.dns.port}"
70
-
users.extraUsers = singleton
71
-
{ name = "dnschain";
72
-
uid = config.ids.uids.dnschain;
73
-
extraGroups = [ "namecoin" ];
74
-
description = "Dnschain daemon user";
75
-
home = "/var/lib/dnschain";
129
+
services.pdns-recursor.forwardZones = mkIf cfgs.pdns-recursor.resolveDNSChainQueries
130
+
{ bit = "127.0.0.1:${toString cfg.dns.port}";
131
+
dns = "127.0.0.1:${toString cfg.dns.port}";
134
+
users.extraUsers = singleton {
136
+
description = "DNSChain daemon user";
139
+
uid = config.ids.uids.dnschain;
140
+
extraGroups = optional cfgs.namecoind.enable "namecoin";
systemd.services.dnschain = {
80
-
description = "Dnschain Daemon";
81
-
after = [ "namecoind.target" ];
82
-
wantedBy = [ "multi-user.target" ];
83
-
path = [ pkgs.openssl ];
85
-
# Link configuration file into dnschain HOME directory
86
-
if [ "$(${pkgs.coreutils}/bin/realpath /var/lib/dnschain/.dnschain.conf)" != "${dnschainConf}" ]; then
87
-
rm -rf /var/lib/dnschain/.dnschain.conf
88
-
ln -s ${dnschainConf} /var/lib/dnschain/.dnschain.conf
144
+
description = "DNSChain daemon";
145
+
after = optional cfgs.namecoind.enable "namecoind.target";
146
+
wantedBy = [ "multi-user.target" ];
91
-
# Create empty namecoin.conf so that dnschain is not
92
-
# searching for /etc/namecoin/namecoin.conf
93
-
if [ ! -e /var/lib/dnschain/.namecoin/namecoin.conf ]; then
94
-
mkdir -p /var/lib/dnschain/.namecoin
95
-
touch /var/lib/dnschain/.namecoin/namecoin.conf
101
-
EnvironmentFile = config.services.namecoind.userFile;
102
-
ExecStart = "${pkgs.dnschain}/bin/dnschain --rpcuser=\${USER} --rpcpassword=\${PASSWORD} --rpcport=8336";
103
-
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
104
-
ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID";
150
+
Restart = "on-failure";
151
+
ExecStart = "${pkgs.dnschain}/bin/dnschain";
155
+
# Link configuration file into dnschain home directory
156
+
configPath=${dataDir}/.dnschain/dnschain.conf
157
+
mkdir -p ${dataDir}/.dnschain
158
+
if [ "$(realpath $configPath)" != "${configFile}" ]; then
160
+
ln -s ${configFile} $configPath
pyrox.dev