sys/ns: switch to vpsfree secondary dns

1 files changed, 13 insertions, 1 deletions

diff --git a/sys/ns/nsd.nix b/sys/ns/nsd.nix
index 29dd665..74fa7dd 100644
--- a/sys/ns/nsd.nix
+++ b/sys/ns/nsd.nix
@@ -5,9 +5,21 @@ in
 {
   options.local.ns.server = {
     enable = mkEnableOption "nsd authoritative server";
+
+    tsigName = mkOption {
+      type = types.str;
+      default = "NOKEY";
+    };
   };
 
   config = mkIf cfg.enable {
+    assertions = [
+      {
+        assertion = cfg.tsigName == "NOKEY" || config.services.nsd.keys ? "${cfg.tsigName}";
+        message = "TSIG key '${cfg.tsigName}' not defined";
+      }
+    ];
+
     networking.firewall =
       let
         inherit (config.services.nsd) port;
@@ -29,7 +41,7 @@ in
       tcpTimeout = 30;
       tcpQueryCount = 128;
 
-      zones = mapAttrs (_: zone: zone.nsdConfig) config.local.ns.zones;
+      zones = mapAttrs' (name: zone: nameValuePair "${name}." zone.nsdConfig) config.local.ns.zones;
     };
   };
 }