Technitium DNS with failover over dns02

2025-02-21 17:44:36 +01:00 · 2025-02-21 17:44:36 +01:00 · 1efda446f3
commit 1efda446f3
parent 076234c4bd
13 changed files with 235 additions and 0 deletions
--- a/hosts/dns/dhcp-failover.sh
+++ b/hosts/dns/dhcp-failover.sh
@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+set -euo pipefail
+src_dns_server=192.168.1.2
+# DHCP scopes to manage - put the name of each scope you have
+dhcp_scopes=("local-home")  # Use this array for one or many scopes
+
+echo "Checking primary Technitium server status"
+status_code=$(curl --write-out '%{http_code}' --silent --output /dev/null http://$src_dns_server:5380)
+
+if [[ "$status_code" -ne 200 ]]; then
+  echo "Primary DNS/DHCP server is not available. Enabling DHCP on the secondary server."
+  action="enable"
+else
+  echo "Primary DNS/DHCP server is available. Disabling DHCP on the secondary server."
+  action="disable"
+fi
+
+for scope in "${dhcp_scopes[@]}"; do
+  echo "Executing API call to $action DHCP scope: $scope"
+  response=$(curl -X POST "http://localhost:5380/api/dhcp/scopes/$action?token=$DNS1_API&name=$scope" \
+    --silent --write-out "%{http_code}")
+
+  echo "HTTP response code: $response"
+  if [[ "$response" == "200" ]]; then
+    echo "Successfully $action DHCP for scope: $scope"
+  else
+    echo "Failed to $action DHCP for scope: $scope. Check the response body for details."
+  fi
+done
--- a/hosts/dns/dns-01.nix
+++ b/hosts/dns/dns-01.nix
@ -0,0 +1,29 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+
+  age.secrets.dns01-admin-password.file = ../../secrets/dns01-admin-password.age;
+
+  my = {
+
+    networking.technitium-dns-server = {
+      enable = true;
+      dnsOverHttps = true;
+      adminPasswordFile = config.age.secrets.dns01-admin-password.path;
+    };
+
+    utils = {
+      commons.enable = true;
+      commons.gc.enable = true;
+      lxc-standard.enable = true;
+    };
+
+    virtualisation.proxmox.enable = true;
+  };
+
+  system.stateVersion = "24.11";
+}
--- a/hosts/dns/dns-02.nix
+++ b/hosts/dns/dns-02.nix
@ -0,0 +1,46 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+
+  age.secrets = {
+    dns02-admin-password.file = ../../secrets/dns02-admin-password.age;
+    dns02-dhcp-failover.file = ../../secrets/dns02-dhcp-failover.age;
+  };
+
+  my = {
+
+    networking.technitium-dns-server = {
+      enable = true;
+      dnsOverHttps = false;
+      adminPasswordFile = config.age.secrets.dns02-admin-password.path;
+    };
+
+    utils = {
+      commons.enable = true;
+      commons.gc.enable = true;
+      lxc-standard.enable = true;
+    };
+
+    virtualisation.proxmox.enable = true;
+  };
+
+  # systemd.services.dhcp-failover = {
+  #   description = "Set the current server as the primary DHCP server if the other one is down";
+  #   wantedBy = [ "multi-user.target" ];
+  #   path = [ pkgs.curl ];
+  #   serviceConfig = {
+  #     EnvironmentFile = config.age.secrets.dns02-dhcp-failover.path;
+  #     ExecStart = "${pkgs.writeShellScript "dhcp-failover.sh" (builtins.readFile ./dhcp-failover.sh)}";
+  #     Restart = "on-failure";
+  #     DynamicUser = true;
+  #     StandardOutput = "journal";
+  #     StandardError = "journal";
+  #   };
+  # };
+
+  system.stateVersion = "24.11";
+}