diff options
Diffstat (limited to 'sys/ns/nsd.nix')
| -rw-r--r-- | sys/ns/nsd.nix | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/sys/ns/nsd.nix b/sys/ns/nsd.nix index 29dd665..74fa7dd 100644 --- a/sys/ns/nsd.nix +++ b/sys/ns/nsd.nix @@ -5,9 +5,21 @@ in { options.local.ns.server = { enable = mkEnableOption "nsd authoritative server"; + + tsigName = mkOption { + type = types.str; + default = "NOKEY"; + }; }; config = mkIf cfg.enable { + assertions = [ + { + assertion = cfg.tsigName == "NOKEY" || config.services.nsd.keys ? "${cfg.tsigName}"; + message = "TSIG key '${cfg.tsigName}' not defined"; + } + ]; + networking.firewall = let inherit (config.services.nsd) port; @@ -29,7 +41,7 @@ in tcpTimeout = 30; tcpQueryCount = 128; - zones = mapAttrs (_: zone: zone.nsdConfig) config.local.ns.zones; + zones = mapAttrs' (name: zone: nameValuePair "${name}." zone.nsdConfig) config.local.ns.zones; }; }; } |