docs: move dns-automation plan to completed
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m17s
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m17s
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
61
docs/plans/completed/dns-automation.md
Normal file
61
docs/plans/completed/dns-automation.md
Normal file
@@ -0,0 +1,61 @@
|
|||||||
|
# DNS Automation
|
||||||
|
|
||||||
|
**Status:** Completed (2026-02-04)
|
||||||
|
|
||||||
|
**Goal:** Automatically generate DNS entries from host configurations
|
||||||
|
|
||||||
|
**Approach:** Leverage Nix to generate zone file entries from flake host configurations
|
||||||
|
|
||||||
|
Since most hosts use static IPs defined in their NixOS configurations, we can extract this information and automatically generate A records. This keeps DNS in sync with the actual host configs.
|
||||||
|
|
||||||
|
## Implementation
|
||||||
|
|
||||||
|
- [x] Add optional CNAME field to host configurations
|
||||||
|
- [x] Added `homelab.dns.cnames` option in `modules/homelab/dns.nix`
|
||||||
|
- [x] Added `homelab.dns.enable` to allow opting out (defaults to true)
|
||||||
|
- [x] Documented in CLAUDE.md
|
||||||
|
- [x] Create Nix function to extract DNS records from all hosts
|
||||||
|
- [x] Created `lib/dns-zone.nix` with extraction functions
|
||||||
|
- [x] Parses each host's `networking.hostName` and `systemd.network.networks` IP configuration
|
||||||
|
- [x] Collects CNAMEs from `homelab.dns.cnames`
|
||||||
|
- [x] Filters out VPN interfaces (wg*, tun*, tap*, vti*)
|
||||||
|
- [x] Generates complete zone file with A and CNAME records
|
||||||
|
- [x] Integrate auto-generated records into zone files
|
||||||
|
- [x] External hosts separated to `services/ns/external-hosts.nix`
|
||||||
|
- [x] Zone includes comments showing which records are auto-generated vs external
|
||||||
|
- [x] Update zone file serial number automatically
|
||||||
|
- [x] Uses `self.sourceInfo.lastModified` (git commit timestamp)
|
||||||
|
- [x] Test zone file validity after generation
|
||||||
|
- [x] NSD validates zone at build time via `nsd-checkzone`
|
||||||
|
- [x] Deploy process documented
|
||||||
|
- [x] Merge to master, run auto-upgrade on ns1/ns2
|
||||||
|
|
||||||
|
## Files Created/Modified
|
||||||
|
|
||||||
|
| File | Purpose |
|
||||||
|
|------|---------|
|
||||||
|
| `modules/homelab/dns.nix` | Defines `homelab.dns.*` options |
|
||||||
|
| `modules/homelab/default.nix` | Module import hub |
|
||||||
|
| `lib/dns-zone.nix` | Zone generation functions |
|
||||||
|
| `services/ns/external-hosts.nix` | Non-flake host records |
|
||||||
|
| `services/ns/master-authorative.nix` | Uses generated zone |
|
||||||
|
| `services/ns/secondary-authorative.nix` | Uses generated zone |
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
View generated zone:
|
||||||
|
```bash
|
||||||
|
nix eval .#nixosConfigurations.ns1.config.services.nsd.zones.'"home.2rjus.net"'.data --raw
|
||||||
|
```
|
||||||
|
|
||||||
|
Add CNAMEs to a host:
|
||||||
|
```nix
|
||||||
|
homelab.dns.cnames = [ "alias1" "alias2" ];
|
||||||
|
```
|
||||||
|
|
||||||
|
Exclude a host from DNS:
|
||||||
|
```nix
|
||||||
|
homelab.dns.enable = false;
|
||||||
|
```
|
||||||
|
|
||||||
|
Add non-flake hosts: Edit `services/ns/external-hosts.nix`
|
||||||
@@ -2,30 +2,6 @@
|
|||||||
|
|
||||||
This document contains planned improvements to the NixOS infrastructure that are not directly part of the automated deployment pipeline.
|
This document contains planned improvements to the NixOS infrastructure that are not directly part of the automated deployment pipeline.
|
||||||
|
|
||||||
## DNS Automation
|
## Completed
|
||||||
|
|
||||||
**Goal:** Automatically generate DNS entries from host configurations
|
- [DNS Automation](completed/dns-automation.md) - Automatically generate DNS entries from host configurations
|
||||||
|
|
||||||
**Approach:** Leverage Nix to generate zone file entries from flake host configurations
|
|
||||||
|
|
||||||
Since most hosts use static IPs defined in their NixOS configurations, we can extract this information and automatically generate A records. This keeps DNS in sync with the actual host configs.
|
|
||||||
|
|
||||||
**Tasks:**
|
|
||||||
- [ ] Add optional CNAME field to host configurations
|
|
||||||
- [ ] Add `networking.cnames = [ "alias1" "alias2" ]` or similar option
|
|
||||||
- [ ] Document in host configuration template
|
|
||||||
- [ ] Create Nix function to extract DNS records from all hosts
|
|
||||||
- [ ] Parse each host's `networking.hostName` and IP configuration
|
|
||||||
- [ ] Collect any defined CNAMEs
|
|
||||||
- [ ] Generate zone file fragment with A and CNAME records
|
|
||||||
- [ ] Integrate auto-generated records into zone files
|
|
||||||
- [ ] Keep manual entries separate (for non-flake hosts/services)
|
|
||||||
- [ ] Include generated fragment in main zone file
|
|
||||||
- [ ] Add comments showing which records are auto-generated
|
|
||||||
- [ ] Update zone file serial number automatically
|
|
||||||
- [ ] Test zone file validity after generation
|
|
||||||
- [ ] Either:
|
|
||||||
- [ ] Automatically trigger DNS server reload (Ansible)
|
|
||||||
- [ ] Or document manual step: merge to master, run upgrade on ns1/ns2
|
|
||||||
|
|
||||||
**Deliverable:** DNS A records and CNAMEs automatically generated from host configs
|
|
||||||
|
|||||||
Reference in New Issue
Block a user