53 lines
1.2 KiB
Nix
53 lines
1.2 KiB
Nix
{
|
|
options,
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib;
|
|
with lib.frajul; let
|
|
cfg = config.services.internalDomain;
|
|
in {
|
|
options.services.internalDomain = with types; {
|
|
enable = mkBoolOpt false "Enable dnsmasq, a custom internalDomain server";
|
|
domain = mkOpt str "home.lan" "Internal Domain to use, defaults to home.lan";
|
|
reverseProxyIp = mkOpt str "127.0.0.1" "IP address for the reverse proxy";
|
|
};
|
|
|
|
config =
|
|
(mkIf cfg.enable {
|
|
services.caddy.enable = true;
|
|
|
|
services.caddy.virtualHosts."*.home.lan".extraConfig = ''
|
|
tls internal
|
|
'';
|
|
|
|
networking.firewall.allowedTCPPorts = [53];
|
|
networking.firewall.allowedUDPPorts = [53];
|
|
|
|
services.dnsmasq = {
|
|
enable = true;
|
|
resolveLocalQueries = true;
|
|
alwaysKeepRunning = true;
|
|
settings = {
|
|
server = ["9.9.9.9"];
|
|
inherit (cfg) domain;
|
|
local = "/${cfg.domain}/";
|
|
|
|
bogus-priv = true;
|
|
expand-hosts = true;
|
|
no-hosts = true;
|
|
domain-needed = true;
|
|
no-resolv = true;
|
|
no-poll = true;
|
|
|
|
address = [
|
|
"/${cfg.domain}/${cfg.reverseProxyIp}"
|
|
];
|
|
};
|
|
};
|
|
})
|
|
// {
|
|
};
|
|
}
|