diff options
| author | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-09-21 15:41:05 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-09-21 15:41:05 +0900 |
| commit | 7b5a41d08218df111c015467a44fd3d461337b62 (patch) | |
| tree | 0b7dfeda30533e6bae668330c7da929a7b2d175d | |
| parent | cfdeb163d75cca62fbe1e9c6a05afd5701242bf2 (diff) | |
| download | nixos-conf-7b5a41d08218df111c015467a44fd3d461337b62.tar.gz | |
Enable authoritative DNS server
| -rw-r--r-- | configuration.nix | 5 | ||||
| -rw-r--r-- | dns.nix | 62 |
2 files changed, 67 insertions, 0 deletions
diff --git a/configuration.nix b/configuration.nix index 13bc497..4f86d2a 100644 --- a/configuration.nix +++ b/configuration.nix @@ -30,6 +30,7 @@ }; imports = [ + ./dns.nix ./ipfs.nix ./mail.nix ./matrix.nix @@ -40,6 +41,10 @@ networking = { domain = "loang.net"; hostName = "brno"; + nameservers = [ + "84.200.69.80" "84.200.70.40" + "2001:1608:10:25::1c04:b12f" "2001:1608:10:25::9249:d69b" + ]; }; security.sudo = { diff --git a/dns.nix b/dns.nix new file mode 100644 index 0000000..5e9174f --- /dev/null +++ b/dns.nix @@ -0,0 +1,62 @@ +# Authoritative domain name server +# Copyright (C) 2022 Nguyễn Gia Phong +# +# This file is part of loang configuration. +# +# Loang configuration is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published +# by the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Loang configuration is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with loang configuration. If not, see <https://www.gnu.org/licenses/>. + +{ lib, pkgs, ... }: +let + cnxZone = pkgs.writeText "cnx.gdn.zone" '' + @ SOA ns.cnx.gdn. mcsinyx.disroot.org. 2022091901 10800 3600 604800 3600 + @ NS ns + ns A 37.205.11.127 + ns AAAA 2a03:3b40:100::1:2 + @ A 37.205.11.127 + @ AAAA 2a03:3b40:100::1:2 + ''; + loangZone = pkgs.writeText "loang.net.zone" '' + @ SOA ns.loang.net. mcsinyx.disroot.org. 2022092101 10800 3600 604800 3600 + @ NS ns + @ A 37.205.11.127 + @ AAAA 2a03:3b40:100::1:2 + * A 37.205.11.127 + * AAAA 2a03:3b40:100::1:2 + ''; +in { + networking.firewall = { + allowedTCPPorts = [ 53 ]; + allowedUDPPorts = [ 53 ]; + }; + + services.knot = { + enable = true; + extraConfig = '' + server: + listen: 0.0.0.0@53 + listen: ::@53 + + zone: + - domain: cnx.gdn + file: ${cnxZone} + - domain: loang.net + file: ${loangZone} + + log: + - target: syslog + any: info + ''; + keyFiles = [ ]; + }; +} |