From e41a63d0fdefdfa71f035e10ec17667111c032ac Mon Sep 17 00:00:00 2001
From: Felix Albrigtsen <felix@albrigtsen.it>
Date: Sat, 8 Mar 2025 23:56:12 +0100
Subject: [PATCH] Add pvv.org zone. Init basic reverse ipv4 support.

---
 pvv-subdomains.nix     | 42 ++++++++++++++++++++++++++++++++++++++++++
 zoneConfig.nix         |  6 +++---
 zones/pvv.ntnu.no.nix  | 42 +++++-------------------------------------
 zones/pvv.org.nix      | 27 +++++++++++++++++++++++++++
 zones/reverse-ipv4.nix | 27 +++++++++++++++++++++++++++
 5 files changed, 104 insertions(+), 40 deletions(-)
 create mode 100644 pvv-subdomains.nix
 create mode 100644 zones/pvv.org.nix
 create mode 100644 zones/reverse-ipv4.nix

diff --git a/pvv-subdomains.nix b/pvv-subdomains.nix
new file mode 100644
index 0000000..887ea01
--- /dev/null
+++ b/pvv-subdomains.nix
@@ -0,0 +1,42 @@
+# Generate forwards records from the ./hosts.nix file, intended to be used in the pvv.ntnu.no and pvv.org zones
+{ dns, lib, ... }:
+
+with dns.lib.combinators;
+let
+  hosts = import ./hosts.nix;
+
+  # Normal host forward records
+  hostRecords =
+    (lib.mapAttrs (
+      name: host:
+      lib.filterAttrs (_: value: !builtins.isNull value) {
+
+        A = if !builtins.hasAttr "ipv4" host then null
+            else if builtins.elem (builtins.typeOf host.ipv4) [ "list" "set" ] then host.ipv4
+            else [ host.ipv4 ];
+
+        AAAA = if !builtins.hasAttr "ipv6" host then null
+               else if builtins.elem (builtins.typeOf host.ipv6) [ "list" "set" ] then host.ipv6
+               else [ host.ipv6 ];
+      }
+    ) hosts);
+    # Above can be replaced using dns.nix helpers, without support for roundrobin, custom TTL, etc;
+    # (lib.mapAttrs (name: host: dns.lib.host (host.ipv4 or null) (host.ipv6 or null)) hosts)
+
+
+    # CNAMEs
+  aliasRecords = builtins.listToAttrs (
+      lib.concatLists (
+        lib.mapAttrsToList (
+          target: host:
+          if (!builtins.hasAttr "aliases" host) then [ ]
+          else
+            lib.map (source: {
+              name = source;
+              value.CNAME = [ target ];
+            }) host.aliases
+        ) hosts
+      ) );
+in
+  # TODO: Merge such that an error is raised if a label exists in more than one of these sets:
+  ( hostRecords // aliasRecords )
diff --git a/zoneConfig.nix b/zoneConfig.nix
index dea93f7..8df1a78 100644
--- a/zoneConfig.nix
+++ b/zoneConfig.nix
@@ -12,9 +12,9 @@ let
       (name: path: writeText "${name}.zone" (dns.lib.toString name (import path { inherit dns lib; })))
       {
         "pvv.ntnu.no" = ./zones/pvv.ntnu.no.nix;
-        #"pvv.org" = ./zones/pvv.ntnu.no.nix;
-        #"reverse-ipv4" = /zones/reverse-ipv4.nix
-        #"reverse-ipv6" = /zones/reverse-ipv6.nix
+        "pvv.org" = ./zones/pvv.org.nix;
+        "reverse-ipv4" = ./zones/reverse-ipv4.nix;
+        #"reverse-ipv6" = ./zones/reverse-ipv6.nix;
       };
 in
 stdenvNoCC.mkDerivation {
diff --git a/zones/pvv.ntnu.no.nix b/zones/pvv.ntnu.no.nix
index c5b7a7e..0a19646 100644
--- a/zones/pvv.ntnu.no.nix
+++ b/zones/pvv.ntnu.no.nix
@@ -2,9 +2,11 @@
 
 with dns.lib.combinators;
 let
-  hosts = import ../hosts.nix;
+  pvvHostRecords = import ../pvv-subdomains.nix { inherit dns lib; };
 in
 {
+  useOrigin = true; # Don't output fully qualified names
+
   SOA = {
     nameServer = "dvask.pvv.ntnu.no";
     adminEmail = "drift@pvv.ntnu.no";
@@ -18,42 +20,8 @@ in
   CNAME = [ "www.pvv.ntnu.no" ];
 
   subdomains =
-    # Normal host forward records
-    (lib.mapAttrs (
-      name: host:
-      lib.filterAttrs (_: value: !builtins.isNull value) {
-
-        A = if !builtins.hasAttr "ipv4" host then null
-            else if builtins.elem (builtins.typeOf host.ipv4) [ "list" "set" ] then host.ipv4
-            else [ host.ipv4 ];
-
-        AAAA = if !builtins.hasAttr "ipv6" host then null
-               else if builtins.elem (builtins.typeOf host.ipv6) [ "list" "set" ] then host.ipv6
-               else [ host.ipv6 ];
-      }
-    ) hosts)
-
-    # Above can be replaced using dns.nix helpers, without support for roundrobin, custom TTL, etc;
-    # (lib.mapAttrs (name: host: dns.lib.host (host.ipv4 or null) (host.ipv6 or null)) hosts)
-
-
-    # CNAMEs
-    // builtins.listToAttrs (
-      lib.concatLists (
-        lib.mapAttrsToList (
-          target: host:
-          if (!builtins.hasAttr "aliases" host) then [ ]
-          else
-            lib.map (source: {
-              name = source;
-              value.CNAME = [ target ];
-            }) host.aliases
-        ) hosts
-      )
-      )
-
-    # Custom DNS subdomains
-    // {
+    pvvHostRecords
+    // { # Override with custom / additional subdomains
       "_dmarc".TXT = [ "v=DMARC1; p=quarantine; fo=1;" ]; # TODO: Better example, as dns.nix has the DMARC type
     };
 }
diff --git a/zones/pvv.org.nix b/zones/pvv.org.nix
new file mode 100644
index 0000000..6c98f5d
--- /dev/null
+++ b/zones/pvv.org.nix
@@ -0,0 +1,27 @@
+{ dns, lib, ... }:
+
+with dns.lib.combinators;
+let
+  pvvHostRecords = import ../pvv-subdomains.nix { inherit dns lib; };
+in
+{
+  useOrigin = true; # Don't output fully qualified names
+
+  SOA = {
+    nameServer = "dvask.pvv.ntnu.no";
+    adminEmail = "drift@pvv.ntnu.no";
+    serial = 2025021701; # TODO: Automate
+  };
+  NS = [
+    "dvask.pvv.ntnu.no"
+    "nn.unintett.no"
+  ];
+
+  CNAME = [ "www.pvv.org" ];
+
+  subdomains =
+    pvvHostRecords
+    // { # Override with custom / additional subdomains
+
+    };
+}
diff --git a/zones/reverse-ipv4.nix b/zones/reverse-ipv4.nix
new file mode 100644
index 0000000..9feeebd
--- /dev/null
+++ b/zones/reverse-ipv4.nix
@@ -0,0 +1,27 @@
+{ dns, lib, ... }:
+
+with dns.lib.combinators;
+let
+  hosts = import ../hosts.nix;
+  ptrdnameSuffix = ".pvv.ntnu.no.";
+in
+{
+  useOrigin = true; # Don't output fully qualified names
+
+  SOA = {
+    nameServer = "dvask.pvv.ntnu.no";
+    adminEmail = "drift@pvv.ntnu.no";
+    serial = 2025021701; # TODO: Automate
+  };
+  NS = [
+    "dvask.pvv.ntnu.no"
+    "nn.unintett.no"
+  ];
+
+  subdomains = let
+    ptr = ptrdname: { PTR = [ ptrdname ]; };
+    pvvptr = ptrdname: ptr (ptrdname + ptrdnameSuffix);
+  in {
+    "129" = ptr "el-swd.nettel.ntnu.no."; # Gateway router/switch
+  };
+}