vpn.nix

 1{ dns, globals, ... }:
 2with dns.lib.combinators;
 3let
 4  # Machines that have VPN entries
 5  machineList = [
 6    "okinawa"
 7    "aomi"
 8    "shikoku"
 9    "sakhalin"
10    "rhea"
11    "aion"
12    "athena"
13    "demeter"
14    "nagoya"
15    "kyushu"
16  ];
17
18  mkVpnMachineRecords = builtins.listToAttrs (
19    map (machineName: {
20      name = machineName;
21      value =
22        let
23          vpnIP = globals.machines.${machineName}.net.vpn.ips;
24          ip = if builtins.isList vpnIP then builtins.head vpnIP else vpnIP;
25        in
26        {
27          A = [ ip ];
28          subdomains."*".A = [ ip ];
29        };
30    }) machineList
31  );
32in
33{
34  SOA = {
35    nameServer = "ns1.vpn.";
36    adminEmail = "admin.vpn";
37    serial = 3;
38    refresh = 604800;
39    retry = 86400;
40    expire = 2419200;
41    minimum = 604800;
42  };
43
44  NS = [
45    "ns1.vpn."
46    "ns2.vpn."
47  ];
48
49  subdomains = {
50    # Name servers
51    ns1.A = [ (builtins.head globals.machines.shikoku.net.vpn.ips) ];
52    ns2.A = [ (builtins.head globals.machines.sakhalin.net.vpn.ips) ];
53
54    # hass - hardcoded as it's not in the machine list
55    hass.A = [ "10.100.0.81" ];
56  }
57  // mkVpnMachineRecords;
58}