dotfiles/nixos/systems/blowhole/bind.nix

{ pkgs, ... }:
{
  services.bind = {
    enable = true;
    forwarders = [
      "8.8.8.8"
      "8.8.4.4"
    ];
    zones = {
      "vault.in.redalder.org" = {
        file = ./zones/vault.in.redalder.org.zone;
        master = true;
      };
      "hosts.in.redalder.org" = {
        file = ./zones/hosts.in.redalder.org.zone;
        master = true;
      };
    };

    cacheNetworks = [
      "127.0.0.0/8"
      "10.64.1.0/24"
      "10.64.0.0/24"
    ];
    extraOptions = ''
      recursion yes;
    '';
    extraConfig = ''
      zone "consul.in.redalder.org" IN {
        type forward;
        forward only;
        forwarders { 10.64.1.201 port 8600; };
      };
    '';
  };

  networking.firewall.allowedTCPPorts = [
    53
  ];
  networking.firewall.allowedUDPPorts = [
    53
  ];
}
Large rework and cleanup Signed-off-by: main <magic_rb@redalder.org> 2022-07-31 11:03:59 +02:00			`{ pkgs, ... }:`
			`{`
			`services.bind = {`
			`enable = true;`
			`forwarders = [`
			`"8.8.8.8"`
			`"8.8.4.4"`
			`];`
			`zones = {`
			`"vault.in.redalder.org" = {`
			`file = ./zones/vault.in.redalder.org.zone;`
			`master = true;`
			`};`
			`"hosts.in.redalder.org" = {`
			`file = ./zones/hosts.in.redalder.org.zone;`
			`master = true;`
			`};`
			`};`

			`cacheNetworks = [`
			`"127.0.0.0/8"`
			`"10.64.1.0/24"`
			`"10.64.0.0/24"`
			`];`
			`extraOptions = ''`
			`recursion yes;`
			`'';`
			`extraConfig = ''`
			`zone "consul.in.redalder.org" IN {`
			`type forward;`
			`forward only;`
			`forwarders { 10.64.1.201 port 8600; };`
			`};`
			`'';`
			`};`

			`networking.firewall.allowedTCPPorts = [`
			`53`
			`];`
			`networking.firewall.allowedUDPPorts = [`
			`53`
			`];`
			`}`