nixos/modules/services/networking/skydns.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

{ config, pkgs, lib, ... }:

with lib;

let
  cfg = config.services.skydns;

in {
  options.services.skydns = {
    enable = mkEnableOption "skydns service";

    etcd = {
      machines = mkOption {
        default = [ "http://127.0.0.1:2379" ];
        type = types.listOf types.str;
        description = "Skydns list of etcd endpoints to connect to.";
      };

      tlsKey = mkOption {
        default = null;
        type = types.nullOr types.path;
        description = "Skydns path of TLS client certificate - private key.";
      };

      tlsPem = mkOption {
        default = null;
        type = types.nullOr types.path;
        description = "Skydns path of TLS client certificate - public key.";
      };

      caCert = mkOption {
        default = null;
        type = types.nullOr types.path;
        description = "Skydns path of TLS certificate authority public key.";
      };
    };

    address = mkOption {
      default = "0.0.0.0:53";
      type = types.str;
      description = "Skydns address to bind to.";
    };

    domain = mkOption {
      default = "skydns.local.";
      type = types.str;
      description = "Skydns default domain if not specified by etcd config.";
    };

    nameservers = mkOption {
      default = map (n: n + ":53") config.networking.nameservers;
      type = types.listOf types.str;
      description = "Skydns list of nameservers to forward DNS requests to when not authoritative for a domain.";
      example = ["8.8.8.8:53" "8.8.4.4:53"];
    };

    package = mkOption {
      default = pkgs.skydns;
      defaultText = "pkgs.skydns";
      type = types.package;
      description = "Skydns package to use.";
    };

    extraConfig = mkOption {
      default = {};
      type = types.attrsOf types.str;
      description = "Skydns attribute set of extra config options passed as environemnt variables.";
    };
  };

  config = mkIf (cfg.enable) {
    systemd.services.skydns = {
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" "etcd.service" ];
      description = "Skydns Service";
      environment = {
        ETCD_MACHINES = concatStringsSep "," cfg.etcd.machines;
        ETCD_TLSKEY = cfg.etcd.tlsKey;
        ETCD_TLSPEM = cfg.etcd.tlsPem;
        ETCD_CACERT = cfg.etcd.caCert;
        SKYDNS_ADDR = cfg.address;
        SKYDNS_DOMAIN = cfg.domain;
        SKYDNS_NAMESERVERS = concatStringsSep "," cfg.nameservers;
      };
      serviceConfig = {
        ExecStart = "${cfg.package}/bin/skydns";
      };
    };

    environment.systemPackages = [ cfg.package ];
  };
}