torjus/nixos-servers
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

dns-automation #15

Merged
torjus merged 4 commits from dns-automation into master 2026-02-04 21:02:24 +00:00
Conversation 0 Commits 4 Files Changed 15 +319 -112
torjus commented 2026-02-04 20:59:02 +00:00
Owner
Copy Link

Summary

Automatically generate DNS zone file entries from NixOS host configurations, eliminating manual zone file maintenance for flake-managed hosts.

Changes

  • Auto-generated DNS records: A records are now extracted from each host's systemd.network.networks static IP configuration
  • New homelab.dns module: Hosts can set homelab.dns.cnames for CNAME aliases or homelab.dns.enable = false to opt out
  • Smart filtering: Automatically excludes VPN/tunnel interfaces (wg*, tun*, tap*) and DHCP-only hosts
  • Git-based serial: Zone serial number uses self.sourceInfo.lastModified (git commit timestamp) for automatic, monotonic updates
  • External hosts file: Non-flake hosts moved to /services/ns/external-hosts.nix for manual maintenance
  • Cleanup: Removed 14 defunct external hosts that no longer respond to ping

Files

New Purpose
modules/homelab/dns.nix Defines homelab.dns.* options
modules/homelab/default.nix Module import hub
lib/dns-zone.nix Zone generation functions
services/ns/external-hosts.nix Non-flake host records
Modified Changes
services/ns/master-authorative.nix Uses generated zone
services/ns/secondary-authorative.nix Uses generated zone
hosts/{http-proxy,nix-cache01,vault01,auth01} Added CNAMEs
hosts/{template,testvm01} Set homelab.dns.enable = false
system/default.nix Imports homelab module
CLAUDE.md Documents new DNS system
Deleted Reason
services/ns/zones-home-2rjus-net.conf Replaced by auto-generation

Testing

# View generated zone
nix eval .#nixosConfigurations.ns1.config.services.nsd.zones.'"home.2rjus.net"'.data --raw
## Summary Automatically generate DNS zone file entries from NixOS host configurations, eliminating manual zone file maintenance for flake-managed hosts. ### Changes - **Auto-generated DNS records**: A records are now extracted from each host's `systemd.network.networks` static IP configuration - **New `homelab.dns` module**: Hosts can set `homelab.dns.cnames` for CNAME aliases or `homelab.dns.enable = false` to opt out - **Smart filtering**: Automatically excludes VPN/tunnel interfaces (wg*, tun*, tap*) and DHCP-only hosts - **Git-based serial**: Zone serial number uses `self.sourceInfo.lastModified` (git commit timestamp) for automatic, monotonic updates - **External hosts file**: Non-flake hosts moved to `/services/ns/external-hosts.nix` for manual maintenance - **Cleanup**: Removed 14 defunct external hosts that no longer respond to ping ### Files | New | Purpose | |-----|---------| | `modules/homelab/dns.nix` | Defines `homelab.dns.*` options | | `modules/homelab/default.nix` | Module import hub | | `lib/dns-zone.nix` | Zone generation functions | | `services/ns/external-hosts.nix` | Non-flake host records | | Modified | Changes | |----------|---------| | `services/ns/master-authorative.nix` | Uses generated zone | | `services/ns/secondary-authorative.nix` | Uses generated zone | | `hosts/{http-proxy,nix-cache01,vault01,auth01}` | Added CNAMEs | | `hosts/{template,testvm01}` | Set `homelab.dns.enable = false` | | `system/default.nix` | Imports homelab module | | `CLAUDE.md` | Documents new DNS system | | Deleted | Reason | |---------|--------| | `services/ns/zones-home-2rjus-net.conf` | Replaced by auto-generation | ### Testing ```bash # View generated zone nix eval .#nixosConfigurations.ns1.config.services.nsd.zones.'"home.2rjus.net"'.data --raw ```
torjus added 4 commits 2026-02-04 20:59:02 +00:00
dns: auto-generate zone entries from host configurations cee1b264cd 
Replace static zone file with dynamically generated records:
- Add homelab.dns module with enable/cnames options
- Extract IPs from systemd.network configs (filters VPN interfaces)
- Use git commit timestamp as zone serial number
- Move external hosts to separate external-hosts.nix

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: update CLAUDE.md for DNS automation 67d5de3eb8 
- Add /modules/ and /lib/ to directory structure
- Document homelab.dns options and zone auto-generation
- Update "Adding a New Host" workflow (no manual zone editing)
- Expand DNS Architecture section with auto-generation details

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
dns: remove defunct external hosts 83af00458b 
Remove hosts that no longer respond to ping:
- kube-blue1-10 (entire k8s cluster)
- virt-mini1, mpnzb, inc2, testing
- CNAMEs: rook, git (pointed to removed kube-blue nodes)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
docs: add git workflow note about not committing to master
Some checks failed
Run nix flake check / flake-check (pull_request) Successful in 2m16s
Details
Run nix flake check / flake-check (push) Failing after 17m2s
Details
106912499b 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
torjus merged commit 8ca7c4e402 into master 2026-02-04 21:02:24 +00:00
torjus deleted branch dns-automation 2026-02-04 21:02:24 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
torjus
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: torjus/nixos-servers#15
Delete Branch "dns-automation"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?