summaryrefslogblamecommitdiff
path: root/components/services/bind.nix
blob: 4444d212fd4f6112420d8a25ec38d6e7cba7c351 (plain) (tree) 
39840ae ^












6dae353 ^

39840ae ^


626351f ^

39840ae ^







626351f ^

39840ae ^



626351f ^






39840ae ^



6dae353 ^






39840ae ^



1
2
3
4
5
6
7
8
9
10
11
12

13

14
15

16

17
18
19
20
21
22
23

24

25
26
27

28
29
30
31
32
33

34
35
36

37
38
39
40
41
42

43
44
45












                                                             
                                                        

                                              
 






                                                      
 


                                     





                              


             





                                                       


      
{lib, config, pkgs, ...}: {
  options.bind.enable = lib.mkEnableOption "Bind dns server";

  config = lib.mkIf config.bind.enable {
    services.bind = {
      enable = true;

      forwarders = [ "208.67.222.222" "208.67.220.220" ];

      zones = {
        "home.arpa" = {
          master = true;
          allowQuery = [ "127.0.0.0/8" "10.69.0.0/24" ];
          file = pkgs.writeText "home.arpa" ''
            $TTL 86400

            @ IN SOA ns1.home.arpa. admin.home.arpa. (
              2026031801 ; serial
              3600       ; refresh
              900        ; retry
              604800     ; expire
              86400      ; minimum TTL
            )

            @   IN NS  ns1.home.arpa.
            ns1 IN A   10.69.0.1
            @   IN A   10.69.0.1

            music   IN CNAME @
            images  IN CNAME @
            papers  IN CNAME @
            cinema  IN CNAME @
            torrent IN CNAME @
          '';
        };
      };

      extraOptions = ''
        recursion yes;
        allow-recursion { 127.0.0.0/8; 10.69.0.0/24; };
        forward only;
      '';
    };
  };
}
generated by cgit v1.3 (git 2.53.0) at 2026-03-24 03:38:43 +0000