# Authoritative domain name server
# Copyright (C) 2022  Nguyễn Gia Phong
#
# This file is part of loang configuration.
#
# Loang configuration is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Loang configuration is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.

{ lib, pkgs, ... }:
let
  cnxZone = pkgs.writeText "cnx.gdn.zone" ''
    @  SOA  ns.cnx.gdn. mcsinyx.disroot.org. 2022091901 10800 3600 604800 3600
    @  NS   ns
    ns A    37.205.11.127
    ns AAAA 2a03:3b40:100::1:2
    @  A    37.205.11.127
    @  AAAA 2a03:3b40:100::1:2
  '';
  loangZone = pkgs.writeText "loang.net.zone" ''
    @  SOA  ns.loang.net. mcsinyx.disroot.org. 2022092101 10800 3600 604800 3600
    @  NS   ns
    @  A    37.205.11.127
    @  AAAA 2a03:3b40:100::1:2
    *  A    37.205.11.127
    *  AAAA 2a03:3b40:100::1:2
  '';
in {
  networking.firewall = {
    allowedTCPPorts = [ 53 ];
    allowedUDPPorts = [ 53 ];
  };

  services.knot = {
    enable = true;
    extraConfig = ''
      server:
          listen: 0.0.0.0@53
          listen: ::@53

      zone:
        - domain: cnx.gdn
          file: ${cnxZone}
        - domain: loang.net
          file: ${loangZone}

      log:
        - target: syslog
          any: info
    '';
    keyFiles = [ ];
  };
}