feat(refactor): ready for merge

2025-10-14 21:50:44 +02:00
parent 63f495fa0d
commit 07333b4544
15 changed files with 125 additions and 85 deletions
--- a/modules/server/infra/traefik/default.nix
+++ b/modules/server/infra/traefik/default.nix
@@ -1,5 +1,6 @@
 {
  lib,
+  clib,
  config,
  pkgs,
  self,
@@ -29,21 +30,21 @@
  #       }
  #   ) (lib.filterAttrs (name: service: service.enable) services);

-  generateRouters = services:
+  generateRouters = services: config:
    lib.mapAttrs' (
      name: service:
-        lib.nameValuePair "${service.subdomain}" {
+        lib.nameValuePair name {
          entryPoints = ["websecure"];
-          rule = "Host(`${config.clib.server.mkServiceUrl service}`)";
-          service = service.subdomain;
+          # FIX 3: Use backticks for the Host rule and interpolation
+          rule = "Host(`${clib.server.mkFullDomain config service}`)";
+          service = name;
          tls.certResolver = "letsencrypt";
        }
    ) (lib.filterAttrs (_: s: s.enable) services);

-  # Generates all Traefik backend services
  generateServices = services:
    lib.mapAttrs' (name: service:
-      lib.nameValuePair "${service.subdomain}" {
+      lib.nameValuePair name {
        loadBalancer.servers = [{url = "http://localhost:${toString service.port}";}];
      }) (lib.filterAttrs (name: service: service.enable) services);

@@ -168,12 +169,10 @@ in {

        dynamicConfigOptions = {
          http = {
-            # Generate the services from your central list
            services = generateServices srv.services;

-            # Generate the routers and manually add the special 'api' router
            routers =
-              (generateRouters srv.services)
+              (generateRouters srv.services config)
              // {
                api = {
                  entryPoints = ["websecure"];
--- a/modules/server/infra/unbound/default.nix
+++ b/modules/server/infra/unbound/default.nix
@@ -8,10 +8,22 @@
  cfg = config.server.infra.${unit};
  srv = config.server;

-  generateLocalRecords = services:
-    lib.mapAttrsToList (
-      name: service: "local-data: \"${service.subdomain}.${srv.domain}. A ${srv.ip}\""
-    ) (lib.filterAttrs (name: service: service.enable) services);
+  svcNames = lib.attrNames srv.services;
+
+  localARecords = builtins.concatLists (map (
+      name: let
+        s = srv.services.${name};
+      in
+        if s != null && s.enable && s.subdomain != null
+        then [''"${s.subdomain}.${srv.domain}. A ${srv.ip}"'']
+        else []
+    )
+    svcNames);
+
+  revParts = lib.lists.reverseList (lib.splitString "." srv.ip);
+  revName = lib.concatStringsSep "." revParts;
+
+  localPTRs = ["${revName}.in-addr.arpa. PTR traefik.${srv.domain}"];

  hostIp = hostname:
    if hostname == "ziggy"
@@ -104,10 +116,10 @@ in {
              "255.255.255.255/32"
              "2001:db8::/32"
            ];
-            local-data = generateLocalRecords srv.services;
-            local-data-ptr = [
-              "local-data: \"traefik.${srv.domain}. A ${srv.ip}\""
-            ];
+            local-data = localARecords;
+
+            # Example PTR entry: "14.88.168.192.in-addr.arpa. PTR traefik.cnix.dev."
+            # local-data-ptr = localPTRs;
          };
        };
      };