diff options
Diffstat (limited to 'modules/powerdns')
| -rw-r--r-- | modules/powerdns/default.nix | 66 | ||||
| -rw-r--r-- | modules/powerdns/pdns-primary.conf | 18 | ||||
| -rw-r--r-- | modules/powerdns/pdns-secondary.conf | 7 |
3 files changed, 91 insertions, 0 deletions
diff --git a/modules/powerdns/default.nix b/modules/powerdns/default.nix new file mode 100644 index 0000000..ae9b497 --- /dev/null +++ b/modules/powerdns/default.nix @@ -0,0 +1,66 @@ +{ config, lib, pkgs, ... }: + +let + primary = '' + allow-axfr-ips = 10.0.0.0/8,127.0.0.0/8 + allow-dnsupdate-from = 10.0.0.0/8,127.0.0.0/8 + also-notify = 10.10.0.3 10.10.0.4 10.10.0.5 + only-notify = + + default-soa-content = primary.ns.vapor.systems hostmaster.@ 0 10800 3600 604800 3600 + + gpgsql-dbname = pdns + gpgsql-host = /var/run/postgresql + gpgsql-port = 5432 + gpgsql-user = pdns + launch = gpgsql + + api = yes + local-address = 0.0.0.0 [::] + primary = yes + webserver = yes + webserver-address = 10.10.0.1 + webserver-allow-from = 10.0.0.0/8,127.0.0.0/8 + ''; + + autoprimary = pkgs.writeText "autoprimary.conf" '' + 10.10.0.1 + ''; + + bind = pkgs.writeText "named.conf" '' + include "/var/lib/pdns/named-autosecondary.conf"; + ''; + + secondary = '' + autosecondary = yes + bind-config = ${bind} + bind-supermaster-config = /var/lib/pdns/named-autosecondary.conf + bind-supermaster-destdir = /var/lib/pdns/zones + bind-supermasters = ${autoprimary} + guardian = yes + launch = bind + local-address = 0.0.0.0 [::] + secondary = yes + + allow-notify-from = 10.10.0.1/32 + ''; +in +{ + options.services.powerdns = { + role = lib.mkOption { + type = lib.types.enum [ "primary" "secondary" ]; + }; + }; + + config = { + environment.systemPackages = [ pkgs.powerdns ]; + services.powerdns = { + enable = true; + extraConfig = + if config.services.powerdns.role == "primary" + then primary + else secondary; + secretFile = null; + }; + }; +} diff --git a/modules/powerdns/pdns-primary.conf b/modules/powerdns/pdns-primary.conf new file mode 100644 index 0000000..0d76e7a --- /dev/null +++ b/modules/powerdns/pdns-primary.conf @@ -0,0 +1,18 @@ +allow-axfr-ips = 10.0.0.0/8,127.0.0.0/8 +allow-dnsupdate-from = 10.0.0.0/8,127.0.0.0/8 +also-notify = + +default-soa-content = primary.ns.vapor.systems hostmaster.@ 0 10800 3600 604800 3600 + +gpgsql-dbname = pdns +gpgsql-host = /var/run/postgresql +gpgsql-port = 5432 +gpgsql-user = pdns +launch = gpgsql + +api = yes +local-address = 0.0.0.0 [::] +primary = yes +webserver = yes +webserver-address = 10.10.0.1 +webserver-allow-from = 10.0.0.0/8,127.0.0.0/8 diff --git a/modules/powerdns/pdns-secondary.conf b/modules/powerdns/pdns-secondary.conf new file mode 100644 index 0000000..5c9c769 --- /dev/null +++ b/modules/powerdns/pdns-secondary.conf @@ -0,0 +1,7 @@ +autosecondary = yes +bind-supermaster-config = /var/lib/pdns/named-autosecondary.conf +bind-supermasters = /var/lib/pdns/autoprimary.conf +guardian = yes +launch = bind +local-address = 0.0.0.0 [::] +secondary = yes |