commit 647800770b353ee9df2b18d5df5ffcc9c88c2688 · ryan.freumh.org/eilean-nix

+1 -1

modules/default.nix

···

       4
       4
        
       

     

       5
       5
        
       {

     

       6
       6
        
         imports = [

     

       7
       7
       -
           ./dns/default.nix

     

       7
       7
       +
           ./services/dns/default.nix

     

       8
       8
        
           ./mailserver/default.nix

     

       9
       9
        
           ./mastodon.nix

     

       10
       10
        
           ./mailserver.nix

+1 -1

modules/dns.nix

···

       11
       11
        
           };

     

       12
       12
        
         };

     

       13
       13
        
         

     

       14
       14
       -
         config.dns = lib.mkIf cfg.dns.enable {

     

       14
       14
       +
         config.eilean.services.dns = lib.mkIf cfg.dns.enable {

     

       15
       15
        
           enable = true;

     

       16
       16
        
           zones.${config.networking.domain} = {

     

       17
       17
        
             soa.serial = lib.mkDefault 0;

+1 -1

modules/dns/bind.nix modules/services/dns/bind.nix

···

       1
       1
        
       { pkgs, config, lib, ... }:

     

       2
       2
        
       

     

       3
       3
       -
       let cfg = config.dns; in {

     

       3
       3
       +
       let cfg = config.eilean.services.dns; in {

     

       4
       4
        
         services.bind = lib.mkIf (cfg.enable && cfg.server == "bind") {

     

       5
       5
        
           enable = true;

     

       6
       6
        
           # recursive resolver

+2 -2

modules/dns/default.nix modules/services/dns/default.nix

···

       63
       63
        
       {

     

       64
       64
        
         imports = [ ./bind.nix ];

     

       65
       65
        
       

     

       66
       66
       -
         options.dns = {

     

       66
       66
       +
         options.eilean.services.dns = {

     

       67
       67
        
           enable = lib.mkEnableOption "DNS server";

     

       68
       68
        
           server = mkOption {

     

       69
       69
        
             type = types.enum [ "bind" ];

     
···

       78
       78
        
           };

     

       79
       79
        
         };

     

       80
       80
        
       

     

       81
       81
       -
         config.networking.firewall = lib.mkIf config.dns.openFirewall {

     

       81
       81
       +
         config.networking.firewall = lib.mkIf config.eilean.services.dns.openFirewall {

     

       82
       82
        
           allowedTCPPorts = [ 53 ];

     

       83
       83
        
           allowedUDPPorts = [ 53 ];

     

       84
       84
        
         };

modules/dns/zonefile.nix modules/services/dns/zonefile.nix

+1 -1

modules/gitea.nix

···

       83
       83
        
             SystemCallFilter = lib.mkForce [];

     

       84
       84
        
           };

     

       85
       85
        
       

     

       86
       86
       -
           dns.zones.${config.networking.domain}.records = [

     

       86
       86
       +
           eilean.services.dns.zones.${config.networking.domain}.records = [

     

       87
       87
        
             {

     

       88
       88
        
               name = "git";

     

       89
       89
        
               type = "CNAME";

+1 -1

modules/headscale.nix

···

       48
       48
        
       

     

       49
       49
        
           environment.systemPackages = [ config.services.headscale.package ];

     

       50
       50
        
       

     

       51
       51
       -
           dns.zones.${cfg.headscale.zone}.records = [

     

       51
       51
       +
           eilean.services.dns.zones.${cfg.headscale.zone}.records = [

     

       52
       52
        
             {

     

       53
       53
        
               name = "${cfg.headscale.domain}.";

     

       54
       54
        
               type = "CNAME";

+1 -1

modules/mailserver.nix

···

       43
       43
        
             return 301 $scheme://${domain}$request_uri;

     

       44
       44
        
           '';

     

       45
       45
        
       

     

       46
       46
       -
           dns.zones.${config.networking.domain}.records = [

     

       46
       46
       +
           eilean.services.dns.zones.${config.networking.domain}.records = [

     

       47
       47
        
             {

     

       48
       48
        
               name = "mail";

     

       49
       49
        
               type = "A";

+1 -1

modules/mastodon.nix

···

       68
       68
        
             };

     

       69
       69
        
           };

     

       70
       70
        
       

     

       71
       71
       -
           dns.zones.${config.networking.domain}.records = [

     

       71
       71
       +
           eilean.services.dns.zones.${config.networking.domain}.records = [

     

       72
       72
        
             {

     

       73
       73
        
               name = "mastodon";

     

       74
       74
        
               type = "CNAME";

+1 -1

modules/matrix.nix

···

       120
       120
        
             extraConfigFiles = [ "${config.eilean.secretsDir}/matrix-turn-shared-secret" ];

     

       121
       121
        
           };

     

       122
       122
        
       

     

       123
       123
       -
           dns.zones.${config.networking.domain}.records = [

     

       123
       123
       +
           eilean.services.dns.zones.${config.networking.domain}.records = [

     

       124
       124
        
             {

     

       125
       125
        
               name = "matrix";

     

       126
       126
        
               type = "CNAME";

+1 -1

modules/turn.nix

···

       57
       57
        
           };

     

       58
       58
        
           users.groups."turnserver".members = [ config.services.nginx.user ];

     

       59
       59
        
       

     

       60
       60
       -
           dns.zones.${config.networking.domain}.records = [

     

       60
       60
       +
           eilean.services.dns.zones.${config.networking.domain}.records = [

     

       61
       61
        
             {

     

       62
       62
        
               name = "turn";

     

       63
       63
        
               type = "CNAME";