deploy powerdns and bgp config

1 files changed, 66 insertions, 0 deletions

diff --git a/modules/powerdns/default.nix b/modules/powerdns/default.nix
new file mode 100644
index 0000000..ae9b497
--- /dev/null
+++ b/modules/powerdns/default.nix
@@ -0,0 +1,66 @@
+{ config, lib, pkgs, ... }:
+
+let
+  primary = ''
+    allow-axfr-ips = 10.0.0.0/8,127.0.0.0/8
+    allow-dnsupdate-from = 10.0.0.0/8,127.0.0.0/8
+    also-notify = 10.10.0.3 10.10.0.4 10.10.0.5
+    only-notify =
+
+    default-soa-content = primary.ns.vapor.systems hostmaster.@ 0 10800 3600 604800 3600
+
+    gpgsql-dbname = pdns
+    gpgsql-host = /var/run/postgresql
+    gpgsql-port = 5432
+    gpgsql-user = pdns
+    launch = gpgsql
+
+    api = yes
+    local-address = 0.0.0.0 [::]
+    primary = yes
+    webserver = yes
+    webserver-address = 10.10.0.1
+    webserver-allow-from = 10.0.0.0/8,127.0.0.0/8
+  '';
+
+  autoprimary = pkgs.writeText "autoprimary.conf" ''
+    10.10.0.1
+  '';
+
+  bind = pkgs.writeText "named.conf" ''
+    include "/var/lib/pdns/named-autosecondary.conf";
+  '';
+
+  secondary = ''
+    autosecondary = yes
+    bind-config = ${bind}
+    bind-supermaster-config = /var/lib/pdns/named-autosecondary.conf
+    bind-supermaster-destdir = /var/lib/pdns/zones
+    bind-supermasters = ${autoprimary}
+    guardian = yes
+    launch = bind
+    local-address = 0.0.0.0 [::]
+    secondary = yes
+
+    allow-notify-from = 10.10.0.1/32
+  '';
+in
+{
+  options.services.powerdns = {
+    role = lib.mkOption {
+      type = lib.types.enum [ "primary" "secondary" ];
+    };
+  };
+
+  config = {
+    environment.systemPackages = [ pkgs.powerdns ];
+    services.powerdns = {
+      enable = true;
+      extraConfig =
+        if config.services.powerdns.role == "primary"
+        then primary
+        else secondary;
+      secretFile = null;
+    };
+  };
+}