1{ globals }:
 2{
 3  # Helper to get first IP from machine config
 4  # Uses VPN IPs only (10.100.0.x) for public DNS
 5  getMachineIP =
 6    machine:
 7    let
 8      vpnIps = machine.net.vpn.ips or [ ];
 9    in
10    if builtins.isList vpnIps then builtins.head vpnIps else vpnIps;
11
12  # Generate machine subdomains with wildcard support
13  # Takes a list of machine names and returns an attribute set of DNS records
14  mkMachineRecords =
15    machineList:
16    builtins.listToAttrs (
17      map (machineName: {
18        name = machineName;
19        value = {
20          A = [ (globals.machines.${machineName}.net.ips or (globals.machines.${machineName}.net.vpn.ips)) ];
21          subdomains."*".A = [
22            (globals.machines.${machineName}.net.ips or (globals.machines.${machineName}.net.vpn.ips))
23          ];
24        };
25      }) machineList
26    );
27
28  # Helper to generate service DNS records from globals
29  # Takes a services attribute set and returns DNS records with alias support
30  # Uses VPN IPs only (10.100.0.x) for public DNS
31  mkServiceRecords =
32    services:
33    builtins.listToAttrs (
34      builtins.concatMap (
35        serviceName:
36        let
37          service = services.${serviceName};
38          hostName = if builtins.isAttrs service then service.host else service;
39          hostIP = globals.machines.${hostName}.net.vpn.ips;
40          ip = if builtins.isList hostIP then builtins.head hostIP else hostIP;
41          aliases = if builtins.isAttrs service then (service.aliases or [ ]) else [ ];
42        in
43        [
44          {
45            name = serviceName;
46            value.A = [ ip ];
47          }
48        ]
49        ++ (map (alias: {
50          name = alias;
51          value.A = [ ip ];
52        }) aliases)
53      ) (builtins.attrNames services)
54    );
55}