pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Technitium DNS with failover over dns02

Browse source
This commit is contained in:
pazpi 2025-02-21 17:44:36 +01:00
parent 076234c4bd
commit 1efda446f3
13 changed files with 235 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
hosts/default.nix
View file

@ -178,4 +178,25 @@ in
# specialArgs = { };
};
dns01 = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
myModules
proxmoxModule
./dns/dns-01.nix
agenix.nixosModules.default
];
# specialArgs = { };
};
dns02 = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
myModules
proxmoxModule
./dns/dns-02.nix
agenix.nixosModules.default
];
# specialArgs = { };
};
}

18
hosts/deployments.nix
View file

@ -98,6 +98,24 @@ in
];
};
dns01.deployment = {
targetHost = hosts.dns01;
tags = [
"lxc"
"bacco"
"dns"
];
};
dns02.deployment = {
targetHost = hosts.dns02;
tags = [
"lxc"
"bacco"
"dns"
];
};
deadbeef.deployment = {
allowLocalDeployment = true;
targetHost = null;

29
hosts/dns/dhcp-failover.sh Normal file
View file

@ -0,0 +1,29 @@
#!/usr/bin/env bash
set -euo pipefail
src_dns_server=192.168.1.2
# DHCP scopes to manage - put the name of each scope you have
dhcp_scopes=("local-home") # Use this array for one or many scopes
echo "Checking primary Technitium server status"
status_code=$(curl --write-out '%{http_code}' --silent --output /dev/null http://$src_dns_server:5380)
if [[ "$status_code" -ne 200 ]]; then
echo "Primary DNS/DHCP server is not available. Enabling DHCP on the secondary server."
action="enable"
else
echo "Primary DNS/DHCP server is available. Disabling DHCP on the secondary server."
action="disable"
fi
for scope in "${dhcp_scopes[@]}"; do
echo "Executing API call to $action DHCP scope: $scope"
response=$(curl -X POST "http://localhost:5380/api/dhcp/scopes/$action?token=$DNS1_API&name=$scope" \
--silent --write-out "%{http_code}")
echo "HTTP response code: $response"
if [[ "$response" == "200" ]]; then
echo "Successfully $action DHCP for scope: $scope"
else
echo "Failed to $action DHCP for scope: $scope. Check the response body for details."
fi
done

29
hosts/dns/dns-01.nix Normal file
View file

@ -0,0 +1,29 @@
{
config,
pkgs,
lib,
...
}:
{
age.secrets.dns01-admin-password.file = ../../secrets/dns01-admin-password.age;
my = {
networking.technitium-dns-server = {
enable = true;
dnsOverHttps = true;
adminPasswordFile = config.age.secrets.dns01-admin-password.path;
};
utils = {
commons.enable = true;
commons.gc.enable = true;
lxc-standard.enable = true;
};
virtualisation.proxmox.enable = true;
};
system.stateVersion = "24.11";
}

46
hosts/dns/dns-02.nix Normal file
View file

@ -0,0 +1,46 @@
{
config,
pkgs,
lib,
...
}:
{
age.secrets = {
dns02-admin-password.file = ../../secrets/dns02-admin-password.age;
dns02-dhcp-failover.file = ../../secrets/dns02-dhcp-failover.age;
};
my = {
networking.technitium-dns-server = {
enable = true;
dnsOverHttps = false;
adminPasswordFile = config.age.secrets.dns02-admin-password.path;
};
utils = {
commons.enable = true;
commons.gc.enable = true;
lxc-standard.enable = true;
};
virtualisation.proxmox.enable = true;
};
# systemd.services.dhcp-failover = {
# description = "Set the current server as the primary DHCP server if the other one is down";
# wantedBy = [ "multi-user.target" ];
# path = [ pkgs.curl ];
# serviceConfig = {
# EnvironmentFile = config.age.secrets.dns02-dhcp-failover.path;
# ExecStart = "${pkgs.writeShellScript "dhcp-failover.sh" (builtins.readFile ./dhcp-failover.sh)}";
# Restart = "on-failure";
# DynamicUser = true;
# StandardOutput = "journal";
# StandardError = "journal";
# };
# };
system.stateVersion = "24.11";
}

2
hosts/parameters.nix
View file

@ -9,6 +9,8 @@
plex = "plex.internal";
portainer = "portainer.internal";
colmena = "colmena.internal";
dns01 = "192.168.1.2";
dns02 = "192.168.1.3";
};
domains = {
public = "pasetto.me";