prescientmoon/satellite
prescientmoon/satellite
1
Fork 0
Code Activity

Better octodns file structure

Browse source
This commit is contained in:
prescientmoon 2024-10-13 02:34:34 +02:00
parent 190dde841e
commit 35bc79265c
Signed by: prescientmoon
SSH key fingerprint: SHA256:WFp/cO76nbarETAoQcQXuV+0h7XJsEsOCI0UsyPIy6U
33 changed files with 219 additions and 381 deletions

16
modules/nixos/README.md
View file

@ -1,11 +1,9 @@
# Nixos modules
| Name | Attribute | Description |
| ------------------------------------ | ----------------------- | ------------------------------------ |
| [pounce](pounce.nix) | `services.pounce` | Pounce & calico configuration |
| [nginx](nginx.nix) | `satellite.nginx` | Nginx configuration |
| [ports](ports.nix) | `satellite.ports` | Global port specification |
| [cloudflared](cloudflared.nix) | `satellite.cloudflared` | Cloudflare tunnel configuration |
| [pilot](pilot.nix) | `satellite.pilot` | Defines the concept of a "main user" |
| [dns](dns.nix) | `satellite.dns` | DNS record creation |
| [dns-assertions](dns-assertions.nix) | `satellite.dns` | DNS record validation |
| Name | Attribute | Description |
| ------------------------------ | ----------------------- | ------------------------------------ |
| [pounce](pounce.nix) | `services.pounce` | Pounce & calico configuration |
| [nginx](nginx.nix) | `satellite.nginx` | Nginx configuration |
| [ports](ports.nix) | `satellite.ports` | Global port specification |
| [cloudflared](cloudflared.nix) | `satellite.cloudflared` | Cloudflare tunnel configuration |
| [pilot](pilot.nix) | `satellite.pilot` | Defines the concept of a "main user" |

2
modules/nixos/default.nix
View file

@ -7,6 +7,4 @@
nginx = ./nginx.nix;
pilot = ./pilot.nix;
pounce = ./pounce.nix;
dns = ./dns.nix;
dns-assertions = ./dns-assertions.nix;
}

17
modules/nixos/dns-assertions.nix
View file

@ -1,17 +0,0 @@
# This must only be loaded on actual Nixos, otherwise `assertions`
# won't be defined when running `evaluateModules`.
{ config, ... }:
let cfg = config.satellite.dns;
in
{
config.assertions =
let assertProperToUsage = config:
{
assertion = (config.to == null) || (config.type == "CNAME");
message = ''
The option `satellite.dns.records[*].to` can only be used with `CNAME` records.
This was not the case for ${config.type} record at ${config.at}.${config.zone}.
'';
};
in builtins.map assertProperToUsage cfg.records;
}

76
modules/nixos/dns.nix
View file

@ -1,76 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
format = pkgs.formats.yaml { };
cfg = config.satellite.dns;
in
{
options.satellite.dns = {
domain = lib.mkOption {
description = "Default zone to include records in";
type = lib.types.str;
};
records = lib.mkOption {
description = "List of records to create";
default = [ ];
type = lib.types.listOf (
lib.types.submodule (
{ config, ... }:
{
options = {
at = lib.mkOption {
description = "Subdomain to use for entry";
type = lib.types.nullOr lib.types.str;
};
zone = lib.mkOption {
description = "Zone this record is a part of";
type = lib.types.str;
default = cfg.domain;
};
type = lib.mkOption {
type = lib.types.enum [
"A"
"AAAA"
"TXT"
"CNAME"
"MX"
];
description = "The type of the DNS record";
};
to = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "Shorthand for CNMAE-ing to a subdomain of the given zone";
default = null;
};
value = lib.mkOption {
type = format.type;
description = "The value assigned to the record, in octodns format";
};
ttl = lib.mkOption {
type = lib.types.int;
description = "The TTL assigned to the record";
default = 300;
};
enableCloudflareProxy = lib.mkEnableOption "proxying using cloudflare";
};
config.value = lib.mkIf (
config.type == "CNAME" && config.to != null
) "${config.to}.${config.zone}.";
}
)
);
};
};
}