ctucx.git: dns-nix

fork of https://github.com/kirelagin/dns.nix

commit 04cce39f89a3132c15a125f69b5d14e22e62be30
parent c17173305350aeaae1571a20be57b45ec7988d75
Author: Kirill Elagin <kirelagin@gmail.com>
Date: Sat, 9 Mar 2019 01:27:51 +0100

Add simple combinators
6 files changed, 146 insertions(+), 56 deletions(-)
M
README.md
|
44
++++++++++++++++++++++++++++++++++++++++++--
M
default.nix
|
3
++-
A
dns/combinators.nix
|
56
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M
dns/default.nix
|
4
++++
A
example.nix
|
42
++++++++++++++++++++++++++++++++++++++++++
D
test.nix
|
53
-----------------------------------------------------
diff --git a/README.md b/README.md
@@ -6,6 +6,46 @@ nix-dns
 This repository provies:
 
 1. NixOS-style module definitions that describe DNS zones.
-2. A DSL to make building DNS zones easier. (Not implemented yet.)
+2. A DSL to make building DNS zones easier.
 
-See `test.nix` for an example of a zone. Run `nix-build test.nix` to get this zone written to a file.
+
+Example
+--------
+
+```nix
+with dns.combinators; {
+  SOA = {  # Human readable names for fields
+    nameServer = "ns.test.com";
+    adminEmail = "admin@test.com";  # Email address with real `@`!
+    serial = 2019030800;
+    # Sane defaults for the remaining ones
+  };
+
+  NS = map ns [  # Why not `map` over your records?
+    "ns.test.com"
+    "ns2.test.com"
+  ];
+
+  A = [
+    { address = "203.0.113.1"; }  # Generic A record
+    { address = "203.0.113.2"; ttl = 60 * 60; }  # Generic A with TTL
+    (a "203.0.113.3")  # Simple a record create with the `a` combinator
+    (ttl (60 * 60) (a "203.0.113.4"))  # Equivalent to the second one
+  ];
+
+  CAA = letsEncrypt "admin@example.com";  # Common template combinators included
+
+  subdomains = {
+    www = {
+      A = [ (a "203.0.114.1") ];
+    };
+    staging = delegateTo [  # Another shortcut combinator
+      "ns1.another.com"
+      "ns2.another.com"
+    ];
+  };
+}
+```
+
+You will find an actual zone definition in `example.nix` and you can build it
+with `nix-build example.nix`.
diff --git a/default.nix b/default.nix
@@ -12,4 +12,5 @@ in
 
 {
   inherit (dns) evalZone writeZone;
-}
+  inherit (dns) combinators;
+} // dns.combinators
diff --git a/dns/combinators.nix b/dns/combinators.nix
@@ -0,0 +1,56 @@
+#
+# © 2019 Kirill Elagin <kirelagin@gmail.com>
+#
+# SPDX-License-Identifier: MIT
+#
+
+{ pkgs }:
+
+let
+  inherit (builtins) map;
+
+in
+
+rec {
+
+#
+# Simple records
+#
+
+a = address: { inherit address; };
+cname = cname: { inherit cname; };
+ns = nsdname: { inherit nsdname; };
+txt = data: { inherit data; };
+
+
+#
+# Modifiers
+#
+
+ttl = ttl: record: record // { inherit ttl; };
+
+
+#
+# Templates/shortcuts
+#
+
+delegateTo = nameservers: {
+  NS = map ns nameservers;
+};
+
+letsEncrypt = email: [
+  { issuerCritical = false;
+    tag = "issue";
+    value = "letsencrypt.org";
+  }
+  { issuerCritical = false;
+    tag = "issuewild";
+    value = ";";
+  }
+  { issuerCritical = false;
+    tag = "iodef";
+    value = "mailto:${email}";
+  }
+];
+
+}
diff --git a/dns/default.nix b/dns/default.nix
@@ -8,7 +8,9 @@
 
 let
   inherit (pkgs) lib;
+
   types = import ./types { inherit pkgs; };
+  combinators = import ./combinators.nix { inherit pkgs; };
 
   evalZone = name: zone:
     (lib.evalModules {

@@ -37,4 +39,6 @@ in
   inherit evalZone writeZone;
 
   inherit types;
+
+  inherit combinators;
 }
diff --git a/example.nix b/example.nix
@@ -0,0 +1,42 @@
+#
+# © 2019 Kirill Elagin <kirelagin@gmail.com>
+#
+# SPDX-License-Identifier: MIT
+#
+
+let
+  dns = import ./. { };
+
+  testZone = with dns.combinators; {
+    SOA = {
+      nameServer = "ns.test.com";
+      adminEmail = "admin@test.com";
+      serial = 2019030800;
+    };
+
+    NS = map ns [
+      "ns.test.com"
+      "ns2.test.com"
+    ];
+
+    A = [
+      { address = "203.0.113.1"; ttl = 60 * 60; }
+      (a "203.0.113.2")
+      (ttl (60 * 60) (a "203.0.113.3"))
+    ];
+
+    CAA = letsEncrypt "admin@example.com";
+
+    subdomains = {
+      www = {
+        A = map a [ "203.0.113.4" ];
+      };
+      staging = delegateTo [
+        "ns1.another.com"
+        "ns2.another.com"
+      ];
+    };
+  };
+in
+
+dns.writeZone "test.com" testZone
diff --git a/test.nix b/test.nix
@@ -1,53 +0,0 @@
-#
-# © 2019 Kirill Elagin <kirelagin@gmail.com>
-#
-# SPDX-License-Identifier: MIT
-#
-
-let
-  dns = import ./. { };
-
-  testZone = {
-    SOA = {
-      nameServer = "ns.test.com";
-      adminEmail = "admin@test.com";
-      serial = 2019030800;
-    };
-
-    NS = [
-      { nsdname = "ns.test.com"; }
-      { nsdname = "ns2.test.com"; }
-    ];
-
-    A = [
-      { address = "1.1.1.1"; ttl = 60 * 60; }
-      { address = "1.0.0.1"; ttl = 60 * 60; }
-    ];
-
-    CAA = [
-      { issuerCritical = false;
-        tag = "issue";
-        value = "letsencrypt.org";
-      }
-      { issuerCritical = false;
-        tag = "issuewild";
-        value = ";";
-      }
-      { issuerCritical = false;
-        tag = "iodef";
-        value = "mailto:admin@example.com";
-      }
-    ];
-
-    subdomains = {
-      www = {
-        A = [ { address = "1.1.1.1"; } ];
-      };
-      staging = {
-        A = [ { address = "1.0.0.1"; } ];
-      };
-    };
-  };
-in
-
-dns.writeZone "test.com" testZone