2024-12-15 17:22:36 -06:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
|
|
|
|
cfg = config.dns;
|
|
|
|
|
in {
|
|
|
|
|
options.dns = {
|
|
|
|
|
bind = {
|
|
|
|
|
enable = lib.mkEnableOption "BIND DNS server";
|
|
|
|
|
settings = {
|
|
|
|
|
interfaces = lib.mkOption {
|
|
|
|
|
type = lib.types.listOf lib.types.str;
|
|
|
|
|
default = ["127.0.0.1"];
|
2025-01-04 17:51:51 -06:00
|
|
|
description = "Network interfaces BIND should listen on (IPv4)";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
interfaces6 = lib.mkOption {
|
|
|
|
|
type = lib.types.listOf lib.types.str;
|
|
|
|
|
default = ["::1"];
|
|
|
|
|
description = "Network interfaces BIND should listen on (IPv6)";
|
2024-12-15 17:22:36 -06:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
zones = lib.mkOption {
|
|
|
|
|
type = lib.types.listOf (lib.types.submodule {
|
|
|
|
|
options = {
|
|
|
|
|
name = lib.mkOption {
|
|
|
|
|
type = lib.types.str;
|
|
|
|
|
description = "Name of the DNS zone";
|
|
|
|
|
};
|
|
|
|
|
type = lib.mkOption {
|
|
|
|
|
type = lib.types.enum ["master" "slave"];
|
|
|
|
|
default = "master";
|
|
|
|
|
description = "Type of DNS zone";
|
|
|
|
|
};
|
|
|
|
|
file = lib.mkOption {
|
|
|
|
|
type = lib.types.str;
|
|
|
|
|
default = "";
|
|
|
|
|
description = "Path to zone file";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
});
|
|
|
|
|
default = [];
|
|
|
|
|
description = "DNS zones to configure";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
extraConfig = lib.mkOption {
|
|
|
|
|
type = lib.types.lines;
|
|
|
|
|
default = "";
|
|
|
|
|
description = "Additional BIND configuration options";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
technitium = {
|
|
|
|
|
enable = lib.mkEnableOption "Technitium DNS server";
|
|
|
|
|
settings = {
|
|
|
|
|
address = lib.mkOption {
|
|
|
|
|
type = lib.types.str;
|
|
|
|
|
default = "0.0.0.0";
|
|
|
|
|
description = "IP address Technitium should listen on";
|
|
|
|
|
};
|
|
|
|
|
port = lib.mkOption {
|
|
|
|
|
type = lib.types.port;
|
|
|
|
|
default = 5380;
|
|
|
|
|
description = "Port for Technitium DNS server";
|
|
|
|
|
};
|
|
|
|
|
extraOptions = lib.mkOption {
|
|
|
|
|
type = lib.types.attrs;
|
|
|
|
|
default = {};
|
|
|
|
|
description = "Additional Technitium configuration options";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
config = lib.mkMerge [
|
|
|
|
|
(lib.mkIf cfg.bind.enable {
|
2025-01-04 17:46:37 -06:00
|
|
|
services.bind = {
|
2024-12-15 17:22:36 -06:00
|
|
|
enable = true;
|
2025-01-04 17:51:51 -06:00
|
|
|
listenOn = cfg.bind.settings.interfaces;
|
|
|
|
|
listenOnIpv6 = cfg.bind.settings.interfaces6;
|
2024-12-15 17:22:36 -06:00
|
|
|
zones =
|
|
|
|
|
map (zone: {
|
|
|
|
|
name = zone.name;
|
|
|
|
|
type = zone.type;
|
|
|
|
|
file = zone.file;
|
|
|
|
|
})
|
|
|
|
|
cfg.bind.settings.zones;
|
|
|
|
|
extraConfig = cfg.bind.settings.extraConfig;
|
|
|
|
|
};
|
|
|
|
|
networking.firewall = {
|
|
|
|
|
allowedTCPPorts = [53];
|
|
|
|
|
allowedUDPPorts = [53];
|
|
|
|
|
};
|
|
|
|
|
environment.systemPackages = [pkgs.bind];
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
(lib.mkIf cfg.technitium.enable {
|
2025-01-07 17:15:49 -06:00
|
|
|
services.technitium-dns-server = {
|
|
|
|
|
enable = true;
|
|
|
|
|
openFirewall = true;
|
|
|
|
|
firewallTCPPorts = [53 5380 53443];
|
|
|
|
|
firewallUDPPorts = [53];
|
2024-12-15 17:22:36 -06:00
|
|
|
};
|
|
|
|
|
})
|
|
|
|
|
];
|
|
|
|
|
}
|
