hosts/ni/services/dns-server: init

configs/nixos/ni/default.nix

@@ -23,6 +23,7 @@
     services.reverse-proxy.enable = true;
     services.download-media.enable = true;
     services.rss-reader.enable = true;
+    services.dns-server.enable = true;
     setups = {
       desktop.enable = true;
       development.enable = true;

configs/nixos/ni/modules/default.nix

@@ -10,6 +10,7 @@
     ./services/monitoring.nix
     ./services/download-media
     ./services/rss-reader
+    ./services/dns-server
     ./services/penpot
     ./setups/desktop.nix
     ./setups/development.nix

configs/nixos/ni/modules/services/dns-server/default.nix

@@ -0,0 +1,42 @@
+{ config, lib, pkgs, ... }:
+
+let
+  hostCfg = config.hosts.ni;
+  cfg = hostCfg.services.dns-server;
+in
+{
+  options.hosts.ni.services.dns-server.enable =
+    lib.mkEnableOption "preferred DNS server";
+
+  config = lib.mkIf cfg.enable {
+    services.nsd = {
+      enable = true;
+      ipv4 = true;
+      ipv6 = true;
+
+      zones."foodogsquared.internal".data = ''
+        $ORIGIN foodogsquared.internal.
+        $TTL 3600
+
+        @ IN SOA ns1.foodogsquared.internal. admin@foodogsquared.one. (
+          2025010101  ;Serial
+          3600        ;Refresh
+          3600        ;Retry
+          3600        ;Expire
+          3600        ;Negative response caching TTL
+        )
+          3600  IN  NS  ns1.foodogsquared.internal.
+
+        ni   3600  IN  A  127.0.0.1.
+        ns1  3600  IN  A  127.0.0.1.
+        rss  3600  IN  A  127.0.0.1.
+      '';
+    };
+
+    security.ipa = {
+      enable = true;
+      domain = "foodogsquared.internal";
+      dyndns.enable = true;
+    };
+  };
+}