chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2026-01-12 06:49:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

modules.services.coredns: replace bind

Browse Source
This commit is contained in:
陈浩南
2025-11-12 10:17:33 +08:00
parent 10da86a550
commit cae25cbac1
3 changed files with 82 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
modules/services/bind.nix
View File

@@ -1,96 +0,0 @@
inputs:
{
options.nixos.services.bind = let inherit (inputs.lib) mkOption types; in mkOption
{ type = types.nullOr (types.submodule (submoduleInputs: {})); default = null; };
config = let inherit (inputs.config.nixos.services) bind; in inputs.lib.mkIf (bind != null)
{
services.bind =
let
chinaZone = inputs.pkgs.writeText "autoroute.chn.moe.china.zone"
''
$ORIGIN autoroute.chn.moe.
$TTL 3600
@ IN SOA vps6.chn.moe. chn.chn.moe. (
2024071301 ; serial
3600 ; refresh
600 ; retry
604800 ; expire
300 ; minimum
)
@ IN NS vps6.chn.moe.
@ IN A ${inputs.topInputs.self.config.dns."chn.moe".getAddress "vps6"}
'';
globalZone = inputs.pkgs.writeText "autoroute.chn.moe.zone"
''
$ORIGIN autoroute.chn.moe.
$TTL 3600
@ IN SOA vps6.chn.moe. chn.chn.moe. (
2024071301 ; serial
3600 ; refresh
600 ; retry
604800 ; expire
300 ; minimum
)
@ IN NS vps6.chn.moe.
@ IN A ${inputs.topInputs.self.config.dns."chn.moe".getAddress "vps9"}
'';
nullZone = inputs.pkgs.writeText "null.zone" "";
in
{
enable = true;
package = inputs.pkgs.bind.overrideAttrs
(prev: { buildInputs = prev.buildInputs ++ [ inputs.pkgs.libmaxminddb ]; });
listenOn = [(inputs.topInputs.self.config.dns."chn.moe".getAddress "vps6")];
cacheNetworks = [ "any" ];
extraOptions =
''
max-cache-ttl 0;
max-ncache-ttl 0;
allow-recursion { any; };
dnssec-validation no;
geoip-directory "${inputs.config.services.geoipupdate.settings.DatabaseDirectory}";
'';
extraConfig =
''
acl "china" {
geoip country CN;
};
view "china" {
match-clients { china; };
zone "autoroute.chn.moe" {
type master;
file "${chinaZone}";
};
zone "ts.chn.moe" {
type forward;
forward only;
forwarders { 100.100.100.100; };
};
zone "." {
type hint;
file "${nullZone}";
};
};
view "global" {
match-clients { any; };
zone "autoroute.chn.moe" {
type master;
file "${globalZone}";
};
zone "ts.chn.moe" {
type forward;
forward only;
forwarders { 100.100.100.100; };
};
zone "." {
type hint;
file "${nullZone}";
};
};
'';
};
nixos.services.geoipupdate = {};
networking.firewall.allowedUDPPorts = [ 53 ];
};
}

81
modules/services/coredns.nix Normal file
View File

@@ -0,0 +1,81 @@
inputs:
{
options.nixos.services.coredns = let inherit (inputs.lib) mkOption types; in mkOption
{
type = types.nullOr (types.submodule (submoduleInputs: { options =
{
interface = mkOption { type = types.str; };
};}));
default = null;
};
config = let inherit (inputs.config.nixos.services) coredns; in inputs.lib.mkIf (coredns != null)
{
services.coredns =
{
enable = true;
config =
''
autoroute.chn.moe {
bind ${coredns.interface}
geoip ${inputs.config.services.geoipupdate.settings.DatabaseDirectory}/GeoLite2-Country.mmdb
log
errors
metadata
view china {
expr metadata('geoip/country/code') == 'CN'
}
template IN A autoroute.chn.moe {
match ^autoroute\.chn\.moe\.$
answer "{{.Name}} 60 IN A ${inputs.topInputs.self.config.dns."chn.moe".getAddress "vps6"}"
}
template IN AAAA autoroute.chn.moe {
match ^autoroute\.chn\.moe\.$
rcode NXDOMAIN
}
header {
response set aa
}
}
autoroute.chn.moe {
bind ${coredns.interface}
log
errors
metadata
template IN A autoroute.chn.moe {
match ^autoroute\.chn\.moe\.$
answer "{{.Name}} 60 IN A ${inputs.topInputs.self.config.dns."chn.moe".getAddress "vps9"}"
}
template IN AAAA autoroute.chn.moe {
match ^autoroute\.chn\.moe\.$
rcode NXDOMAIN
}
header {
response set aa
}
}
ts.chn.moe {
bind ${coredns.interface}
forward . 100.100.100.100
header {
response set aa
}
log
errors
}
. {
bind ${coredns.interface}
acl {}
errors
log
}
'';
};
nixos.services.geoipupdate = {};
networking.firewall.allowedUDPPorts = [ 53 ];
};
}