From ab97a7bffd9b369bb55220b4542de3ccddda5803 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Wed, 7 Dec 2022 12:32:21 +0100
Subject: [PATCH] Staging: Add CNAME target meta parameter, will be used for
 diplonat auto dns update

---
 cluster/staging/site/neptune.nix |  1 +
 deploy_nixos                     |  2 +-
 nix/deuxfleurs.nix               | 24 ++++++++++++++++--------
 3 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/cluster/staging/site/neptune.nix b/cluster/staging/site/neptune.nix
index 7126dcd..3da3717 100644
--- a/cluster/staging/site/neptune.nix
+++ b/cluster/staging/site/neptune.nix
@@ -7,6 +7,7 @@
   deuxfleurs.lan_ip_prefix_length = 24;
   deuxfleurs.ipv6_prefix_length = 64;
   deuxfleurs.nameservers = [ "192.168.1.1" ];
+  deuxfleurs.cname_target = "neptune.site.staging.deuxfleurs.org.";
 
   networking.firewall.allowedTCPPorts = [ 80 443 ];
 
diff --git a/deploy_nixos b/deploy_nixos
index ba93f33..4663acf 100755
--- a/deploy_nixos
+++ b/deploy_nixos
@@ -15,4 +15,4 @@ fi
 #cmd "nix-channel --add https://nixos.org/channels/nixos-22.05 nixos"
 #cmd nixos-rebuild switch --upgrade --show-trace
 
-cmd nixos-rebuild switch --show-trace
+cmd nixos-rebuild switch
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix
index a83dda4..28161dc 100644
--- a/nix/deuxfleurs.nix
+++ b/nix/deuxfleurs.nix
@@ -90,6 +90,10 @@ in
       description = "Site (availability zone) on which this node is deployed";
       type = types.str;
     };
+    cname_target = mkOption {
+      description = "DNS CNAME target to use for services hosted in this site, for domain names that are updated by DiploNAT";
+      type = types.nullOr types.str;
+    };
     nameservers = mkOption {
       description = "External DNS servers to use";
       type = types.listOf types.str;
@@ -124,7 +128,16 @@ in
     };
   };
 
-  config = {
+  config =
+    let node_meta = {
+        "site" = cfg.site_name;
+        "public_ipv6" = cfg.ipv6;
+      } //
+      (if cfg.cname_target != null
+        then { "cname_target" = cfg.cname_target; }
+        else {});
+    in
+  {
     # Configure admin accounts on all nodes
     users.users = builtins.mapAttrs (name: publicKeys: {
       isNormalUser = true;
@@ -240,10 +253,8 @@ in
         // (if cfg.bootstrap then { bootstrap_expect = 3; } else {})
       else {}) //
     {
+      inherit node_meta;
       datacenter = cfg.cluster_name;
-      node_meta = {
-        "site" = cfg.site_name;
-      };
       ui_config = {
         enabled = true;
       };
@@ -304,10 +315,7 @@ in
       client = {
         enabled = true;
         network_interface = "wg0";
-        meta = {
-          "site" = cfg.site_name;
-          "public_ipv6" = cfg.ipv6;
-        };
+        meta = node_meta;
       };
       telemetry = {
         publish_allocation_metrics = true;