From 8b9df2c8fc8262c6f56a90745b06390381b33fc0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?KJ=20=C3=98rbekk?= <kj@orbekk.com>
Date: Sun, 21 May 2017 09:20:20 -0400
Subject: shape: Bind configuration

---
 config/dns.nix               | 17 ++++++++++++++++-
 machines/container-shape.nix |  1 +
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/config/dns.nix b/config/dns.nix
index edf9a0e..9f05807 100644
--- a/config/dns.nix
+++ b/config/dns.nix
@@ -1,11 +1,26 @@
 # dnssec-signzone -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N unixtime -o $zone -t db.${zone}
 { config, lib, pkgs, ... }:
+let
+  zones = pkgs.callPackage ../pkgs/zone-files/default.nix { };
+in
 {
   services.bind = {
     enable = true;
+    extraConfig = ''
+      zone orbekk.com {
+        type master;
+	file "/var/run/named/db.orbekk.com.zone";
+	auto-dnssec maintain;
+	key-directory "/opt/secret/bind/orbekk.com";
+	update-policy local;
+	allow-query { any; };
+      };
+    '';
   };
 
   systemd.services.bind = {
-    preStart = lib.mkAfter "echo test";
+    preStart = lib.mkAfter ''
+	cp -f ${zones}/* /var/run/named/
+    '';
   };
 }
diff --git a/machines/container-shape.nix b/machines/container-shape.nix
index 1a5d832..2a194a0 100644
--- a/machines/container-shape.nix
+++ b/machines/container-shape.nix
@@ -11,6 +11,7 @@
     ../config/weechat.nix
     ../config/web-server.nix
     ../config/mail-server.nix
+    ../config/dns.nix
   ];
 
   users.defaultUserShell = lib.mkForce pkgs.bash;
-- 
cgit v1.2.3