1{
 2  globals,
 3  inputs,
 4  ...
 5}:
 6let
 7  dns = inputs.dns;
 8
 9  # Generate zone file content using dns.nix
10  mkZone = zoneName: zoneFile: dns.lib.toString zoneName (import zoneFile { inherit dns globals; });
11in
12{
13  services.bind = {
14    enable = true;
15    forwarders = [
16      "8.8.8.8"
17      "8.8.4.4"
18    ];
19    extraOptions = ''
20      dnssec-validation no;
21    '';
22    cacheNetworks = [ "127.0.0.0/8" ] ++ globals.net.dns.cacheNetworks;
23
24    zones = [
25      # sbr.pm zone
26      {
27        name = "sbr.pm";
28        master = true;
29        file = mkZone "sbr.pm" ./dns/sbr.pm.nix;
30      }
31      # home zone
32      {
33        name = "home";
34        master = true;
35        file = mkZone "home" ./dns/home.nix;
36      }
37      # home reverse zone
38      {
39        name = "192.168.1.in-addr.arpa";
40        master = true;
41        file = mkZone "192.168.1.in-addr.arpa" ./dns/192.168.1.nix;
42      }
43      # vpn zone
44      {
45        name = "vpn";
46        master = true;
47        file = mkZone "vpn" ./dns/vpn.nix;
48      }
49      # vpn reverse zone
50      {
51        name = "10.100.0.in-addr.arpa";
52        master = true;
53        file = mkZone "10.100.0.in-addr.arpa" ./dns/10.100.0.nix;
54      }
55    ];
56  };
57}