From 37c2affac975a93a697611ebc1bc1fbd26b7dd95 Mon Sep 17 00:00:00 2001
From: Garionion <git@entr0py.de>
Date: Thu, 14 Jul 2022 21:04:08 +0200
Subject: [PATCH] add dns server

---
 flake.nix                            |  6 ++++-
 hosts/dns/configuration.nix          | 31 +++++++++++++++++++++
 hosts/dns/dns.nix                    | 40 ++++++++++++++++++++++++++++
 hosts/dns/hardware-configuration.nix |  0
 4 files changed, 76 insertions(+), 1 deletion(-)
 create mode 100644 hosts/dns/configuration.nix
 create mode 100644 hosts/dns/dns.nix
 create mode 100644 hosts/dns/hardware-configuration.nix

diff --git a/flake.nix b/flake.nix
index 77a2575..24bcbaa 100644
--- a/flake.nix
+++ b/flake.nix
@@ -26,6 +26,10 @@
         deployment.targetUser = null;
       };
 
+      dns = { config, pkgs, ... }: {
+        deployment.targetHost = "dns.bula22.de";
+      };
+
       monitoring = { config, pkgs, ... }: {
         deployment.targetHost = "monitoring.bula22.de";
       };
@@ -40,7 +44,7 @@
       };
 
       pre-router = { config, pkgs, ... }: {
-        deployment.targetHost = "lightbuffet.entr0py.cloud";
+        deployment.targetHost = "lightbuffet.bula22.de";
         deployment.keys = {
 
         };
diff --git a/hosts/dns/configuration.nix b/hosts/dns/configuration.nix
new file mode 100644
index 0000000..9b12dbf
--- /dev/null
+++ b/hosts/dns/configuration.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ./dns.nix
+   ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "dns-1"; # Define your hostname.
+
+  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+  # Per-interface useDHCP will be mandatory in the future, so this generated config
+  # replicates the default behaviour.
+  networking.useDHCP = false;
+  #networking.interfaces.ens18.useDHCP = false;
+  #networking.interfaces.ens19.useDHCP = false;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "21.11"; # Did you read the comment?
+
+}
diff --git a/hosts/dns/dns.nix b/hosts/dns/dns.nix
new file mode 100644
index 0000000..bdad68d
--- /dev/null
+++ b/hosts/dns/dns.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, lib, ...}:
+
+{
+  networking.firewall.interfaces.ens19.allowedUDPPorts = [ 53 ];
+  services.coredns = {
+    enable = true;
+    config = ''
+      .:53 {
+        log
+        cache
+        unbound
+      }
+    '';
+    package = lib.fix (self: (pkgs.buildGoModule {
+      inherit (pkgs.coredns) pname version src postPatch;
+
+      patches = pkgs.coredns.patches or [ ] ++ [
+        ./coredns-unbound.patch
+      ];
+
+      buildInputs = [ pkgs.unbound ];
+
+      vendorSha256 = "sha256-48S1oT+5uT6d+AM8u93AOTbJkW3CLtaowGv+th3cfyM=";
+
+      preBuild = ''
+        go generate
+
+        postInstall () {
+          cp go.mod $out
+        }
+      '';
+
+    }).overrideAttrs(old: {
+      preBuild = ''
+        cp ${self.passthru.go-modules}/go.mod .
+        go generate
+      '';
+    }));
+  };
+}
\ No newline at end of file
diff --git a/hosts/dns/hardware-configuration.nix b/hosts/dns/hardware-configuration.nix
new file mode 100644
index 0000000..e69de29