From be1ebe0d157fdb1756fa31ed73aef057ca131f3b Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 07:15:41 +0700 Subject: [PATCH] change nix schema --- docs/example.nix | 131 +++++---------- domains/_discord.colin.nix | 10 +- domains/_discord.cutedog5695.nix | 10 +- domains/_discord.justdeveloper.nix | 10 +- domains/_discord.nix | 10 +- domains/_discord.roki.nix | 10 +- domains/batman.nix | 10 +- domains/c.nix | 10 +- domains/colin.nix | 10 +- domains/cutedog5695.nix | 10 +- domains/elkaff.nix | 10 +- domains/j.nix | 10 +- domains/jacob.nix | 10 +- domains/jd.nix | 10 +- domains/job.nix | 10 +- domains/joel.nix | 24 ++- domains/js.nix | 10 +- domains/just.nix | 10 +- domains/justdev.nix | 10 +- domains/justdeveloper.nix | 10 +- domains/juststudio.nix | 10 +- domains/katz.nix | 10 +- domains/no-one-is.nix | 10 +- domains/pxl.nix | 10 +- domains/rchessauth.nix | 10 +- domains/roki.nix | 10 +- domains/satr14.nix | 10 +- domains/stef.nix | 10 +- domains/ukriu.nix | 10 +- domains/you-are.nix | 10 +- flake.nix | 3 +- ...{migrate-json-to-nix.py => migrate-nix.py} | 150 +++++++++--------- 32 files changed, 241 insertions(+), 347 deletions(-) rename scripts/{migrate-json-to-nix.py => migrate-nix.py} (59%) diff --git a/docs/example.nix b/docs/example.nix index 3229e8c..20cb392 100644 --- a/docs/example.nix +++ b/docs/example.nix @@ -1,98 +1,49 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "satr14washere"; email = "admin@satr14.my.id"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ - { - address = "203.0.113.1"; - ttl = 60 * 60; - } - "203.0.113.2" - (ttl (60 * 60) (a "203.0.113.3")) - ]; - - AAAA = [ - "4321:0:1:2:3:4:567:89ab" - ]; - - MX = mx.google; - - TXT = [ - ( - with spf; - strict [ - "a:mail.example.com" - google - ] - ) - ]; - - DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; - - CAA = letsEncrypt "admin@example.com"; - - SRV = [ - { - service = "sip"; - proto = "tcp"; - port = 5060; - target = "sip.example.com"; - } - ]; - - SSHFP = [ - { - algorithm = "ed25519"; - fingerprintType = "sha256"; - fingerprint = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; - } - ]; - OPENPGPKEY = [ - "very long base64 text" - ]; - HTTPS = [ - { - svcPriority = 1; - targetName = "."; - alpn = [ - "http/1.1" - "h2" - "h3" - ]; - ipv4hint = [ - "203.0.113.1" - "203.0.113.2" - "203.0.113.3" - ]; - ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ]; - } - ]; - TLSA = [ - { - certUsage = "dane-ee"; - selector = "spki"; - matchingType = "sha256"; - certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; - } - ]; - - subdomains = rec { - www.A = [ "203.0.113.4" ]; - www2 = host "203.0.113.5" "4321:0:1:2:3:4:567:89bb"; - www3 = host "203.0.113.6" null; - www4 = www3; - - staging = delegateTo [ - "ns1.another.com." - "ns2.another.com." + records = { + A = [ + { + address = "203.0.113.1"; + ttl = 60 * 60; + } + "203.0.113.2" + (ttl (60 * 60) (a "203.0.113.3")) + ]; + AAAA = [ + "4321:0:1:2:3:4:567:89ab" + ]; + MX = mx.google; + TXT = [ + ( + with spf; + strict [ + "a:mail.example.com" + google + ] + ) + ]; + CNAME = [ "example.com." ]; + DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; + CAA = letsEncrypt "admin@example.com"; + SRV = [ + { + service = "sip"; + proto = "tcp"; + port = 5060; + target = "sip.example.com"; + } + ]; + TLSA = [ + { + certUsage = "dane-ee"; + selector = "spki"; + matchingType = "sha256"; + certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; + } ]; - - foo.subdomains.www.CNAME = [ "foo.test.com." ]; }; } diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index 1fa5051..5a3fcf9 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "ColinLeDev"; }; description = "Discord verification"; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; + records = { + TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; + }; } diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix index e3219d2..053e506 100644 --- a/domains/_discord.cutedog5695.nix +++ b/domains/_discord.cutedog5695.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "CuteDog5695"; email = "cutedog5695@gmail.com"; repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; }; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; + records = { + TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; + }; } diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix index c2e7bcf..03c4efc 100644 --- a/domains/_discord.justdeveloper.nix +++ b/domains/_discord.justdeveloper.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; + records = { + TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; + }; } diff --git a/domains/_discord.nix b/domains/_discord.nix index 26b28cb..82fea5e 100644 --- a/domains/_discord.nix +++ b/domains/_discord.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "satr14washere"; }; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; + records = { + TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; + }; } diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix index cc172c9..d87f060 100644 --- a/domains/_discord.roki.nix +++ b/domains/_discord.roki.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Roki100"; discord = "289479495444987904"; }; -in -with dns.lib.combinators; -{ - TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; + records = { + TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; + }; } diff --git a/domains/batman.nix b/domains/batman.nix index 3233a79..3f3c50e 100644 --- a/domains/batman.nix +++ b/domains/batman.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "shadowe1ite"; }; proxy = true; -in -with dns.lib.combinators; -{ - CNAME = [ "shadowe1ite.github.io." ]; + records = { + CNAME = [ "shadowe1ite.github.io." ]; + }; } diff --git a/domains/c.nix b/domains/c.nix index f5bbed6..e6dd392 100644 --- a/domains/c.nix +++ b/domains/c.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "orangci"; email = "c@orangc.xyz"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/colin.nix b/domains/colin.nix index ed5f80e..b53bbce 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "ColinLeDev"; }; description = "My personal portfolio hosted on my server"; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "proxy.col1n.fr." ]; + records = { + CNAME = [ "proxy.col1n.fr." ]; + }; } diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix index f25e458..3691ced 100644 --- a/domains/cutedog5695.nix +++ b/domains/cutedog5695.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "CuteDog5695"; email = "cutedog5695@gmail.com"; repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/elkaff.nix b/domains/elkaff.nix index 8009f98..34db15e 100644 --- a/domains/elkaff.nix +++ b/domains/elkaff.nix @@ -1,10 +1,8 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "elkhaff"; }; -in -with dns.lib.combinators; -{ - CNAME = [ "portofolio-pixel.pages.dev." ]; + records = { + CNAME = [ "portofolio-pixel.pages.dev." ]; + }; } diff --git a/domains/j.nix b/domains/j.nix index f219b3f..db44276 100644 --- a/domains/j.nix +++ b/domains/j.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/jacob.nix b/domains/jacob.nix index 3d8199c..fdba947 100644 --- a/domains/jacob.nix +++ b/domains/jacob.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "jacobrdale"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "hexon404.onrender.com." ]; + records = { + CNAME = [ "hexon404.onrender.com." ]; + }; } diff --git a/domains/jd.nix b/domains/jd.nix index 86d1c92..6fbcf5c 100644 --- a/domains/jd.nix +++ b/domains/jd.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/job.nix b/domains/job.nix index 7926c81..8051716 100644 --- a/domains/job.nix +++ b/domains/job.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "FWEEaaaa1"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ "128.204.223.115" ]; + records = { + A = [ "128.204.223.115" ]; + }; } diff --git a/domains/joel.nix b/domains/joel.nix index bb689c3..22314e4 100644 --- a/domains/joel.nix +++ b/domains/joel.nix @@ -1,19 +1,17 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "joestr"; email = "strasser999@gmail.com"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ "142.132.173.34" ]; - AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; - MX = [ - { - exchange = "achlys.infra.joestr.at."; - preference = 10; - } - ]; + records = { + A = [ "142.132.173.34" ]; + AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; + MX = [ + { + exchange = "achlys.infra.joestr.at."; + preference = 10; + } + ]; + }; } diff --git a/domains/js.nix b/domains/js.nix index f219b3f..db44276 100644 --- a/domains/js.nix +++ b/domains/js.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/just.nix b/domains/just.nix index 86d1c92..6fbcf5c 100644 --- a/domains/just.nix +++ b/domains/just.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/justdev.nix b/domains/justdev.nix index 86d1c92..6fbcf5c 100644 --- a/domains/justdev.nix +++ b/domains/justdev.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix index 86d1c92..6fbcf5c 100644 --- a/domains/justdeveloper.nix +++ b/domains/justdeveloper.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/juststudio.nix b/domains/juststudio.nix index f219b3f..db44276 100644 --- a/domains/juststudio.nix +++ b/domains/juststudio.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/katz.nix b/domains/katz.nix index 1e444a9..cf78f0d 100644 --- a/domains/katz.nix +++ b/domains/katz.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Bananalolok"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ "69.197.135.205" ]; + records = { + A = [ "69.197.135.205" ]; + }; } diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix index 68576d5..4d86e78 100644 --- a/domains/no-one-is.nix +++ b/domains/no-one-is.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "EducatedSuddenBucket"; email = "me@esb.is-a.dev"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; + records = { + CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; + }; } diff --git a/domains/pxl.nix b/domains/pxl.nix index 5dcfa41..ce8eff6 100644 --- a/domains/pxl.nix +++ b/domains/pxl.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "heypxl"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "heypxl.github.io." ]; + records = { + CNAME = [ "heypxl.github.io." ]; + }; } diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix index 1e3ac4b..9ce886d 100644 --- a/domains/rchessauth.nix +++ b/domains/rchessauth.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "vortexprime24"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "fire.hackclub.app." ]; + records = { + CNAME = [ "fire.hackclub.app." ]; + }; } diff --git a/domains/roki.nix b/domains/roki.nix index de83107..cae347c 100644 --- a/domains/roki.nix +++ b/domains/roki.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Roki100"; discord = "289479495444987904"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/satr14.nix b/domains/satr14.nix index 67fdb5c..f9d4cc7 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,10 +1,8 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "satr14washere"; }; -in -with dns.lib.combinators; -{ - CNAME = [ "5th-site.pages.dev." ]; + records = { + CNAME = [ "5th-site.pages.dev." ]; + }; } diff --git a/domains/stef.nix b/domains/stef.nix index 926ab58..054b4c1 100644 --- a/domains/stef.nix +++ b/domains/stef.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Stef-00012"; email = "admin@stefdp.lol"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "proxy.stefdp.lol." ]; + records = { + CNAME = [ "proxy.stefdp.lol." ]; + }; } diff --git a/domains/ukriu.nix b/domains/ukriu.nix index 25a6db6..608454c 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "ukriu"; email = "partofmyid@ukriu.com"; }; description = "my website"; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "ukriu.pages.dev." ]; + records = { + CNAME = [ "ukriu.pages.dev." ]; + }; } diff --git a/domains/you-are.nix b/domains/you-are.nix index 22b50e6..196d500 100644 --- a/domains/you-are.nix +++ b/domains/you-are.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Stef-00012"; email = "admin@stefdp.com"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "proxy.stefdp.com." ]; + records = { + CNAME = [ "proxy.stefdp.com." ]; + }; } diff --git a/flake.nix b/flake.nix index b046670..a847a5d 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ in { name = key; - value = import (./domains + "/${name}") { inherit dns; }; + value = (import (./domains + "/${name}") { inherit dns; }).records; } ) domainFiles; in @@ -41,6 +41,7 @@ }; NS = domain.nameservers; # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. + CNAME = [ "website-e7n.pages.dev." ]; inherit subdomains; } ) diff --git a/scripts/migrate-json-to-nix.py b/scripts/migrate-nix.py similarity index 59% rename from scripts/migrate-json-to-nix.py rename to scripts/migrate-nix.py index b85649f..683b968 100755 --- a/scripts/migrate-json-to-nix.py +++ b/scripts/migrate-nix.py @@ -6,7 +6,7 @@ Reads each JSON domain config and generates a corresponding .nix file following the format from docs/example.nix. Usage: - python3 scripts/migrate-json-to-nix.py [--dry-run] [--delete-json] + python3 scripts/migrate-nix.py [--dry-run] [--delete-json] Options: --dry-run Print generated .nix content to stdout without writing files @@ -15,7 +15,6 @@ Options: import json import sys -import os from pathlib import Path DOMAINS_DIR = Path(__file__).resolve().parent.parent / "domains" @@ -31,37 +30,36 @@ def json_to_nix(data: dict) -> str: lines = [] - # Header - lines.append("{ dns, ... }: let") - - # Owner block - owner_lines = [] - if owner.get("username"): - owner_lines.append(f' username = "{owner["username"]}";') - if owner.get("email"): - owner_lines.append(f' email = "{owner["email"]}";') - if owner.get("discord"): - owner_lines.append(f' discord = "{owner["discord"]}";') - if owner.get("repo"): - owner_lines.append(f' repo = "{owner["repo"]}";') + # Header — no let block, just the function head with `with` + lines.append("{ dns, ... }: with dns.lib.combinators; {") + # Owner block as a top-level attribute lines.append(" owner = {") - for ol in owner_lines: - lines.append(ol) + if owner.get("username"): + lines.append(f' username = "{escape_nix_string(owner["username"])}";') + if owner.get("email"): + lines.append(f' email = "{escape_nix_string(owner["email"])}";') + if owner.get("discord"): + lines.append(f' discord = "{escape_nix_string(owner["discord"])}";') + if owner.get("repo"): + lines.append(f' repo = "{escape_nix_string(owner["repo"])}";') lines.append(" };") + # Description as a top-level attribute if description is not None: lines.append(f' description = "{escape_nix_string(description)}";') + # Proxy as a top-level attribute if proxy is not None: lines.append(f" proxy = {'true' if proxy else 'false'};") - lines.append("in with dns.lib.combinators; {") - - # Records + # Records nested under `records` record_lines = build_record_lines(record) - for rl in record_lines: - lines.append(rl) + if record_lines: + lines.append(" records = {") + for rl in record_lines: + lines.append(rl) + lines.append(" };") lines.append("}") lines.append("") @@ -78,129 +76,131 @@ def escape_nix_string(s: str) -> str: def build_record_lines(record: dict) -> list[str]: - """Build the Nix record lines from the JSON record dict.""" + """Build the Nix record lines from the JSON record dict. + + These are indented with 4 spaces since they sit inside `records = { ... };`. + """ lines = [] if "A" in record: values = record["A"] if isinstance(values, list): if len(values) == 1: - lines.append(f' A = [ "{values[0]}" ];') + lines.append(f' A = [ "{values[0]}" ];') else: - lines.append(" A = [") + lines.append(" A = [") for v in values: - lines.append(f' "{v}"') - lines.append(" ];") + lines.append(f' "{v}"') + lines.append(" ];") else: - lines.append(f' A = [ "{values}" ];') + lines.append(f' A = [ "{values}" ];') if "AAAA" in record: values = record["AAAA"] if isinstance(values, list): if len(values) == 1: - lines.append(f' AAAA = [ "{values[0]}" ];') + lines.append(f' AAAA = [ "{values[0]}" ];') else: - lines.append(" AAAA = [") + lines.append(" AAAA = [") for v in values: - lines.append(f' "{v}"') - lines.append(" ];") + lines.append(f' "{v}"') + lines.append(" ];") else: - lines.append(f' AAAA = [ "{values}" ];') + lines.append(f' AAAA = [ "{values}" ];') if "CNAME" in record: value = record["CNAME"] if isinstance(value, list): value = value[0] - lines.append(f' CNAME = [ "{value}." ];') + lines.append(f' CNAME = [ "{ensure_fqdn(value)}" ];') if "ALIAS" in record: value = record["ALIAS"] if isinstance(value, list): value = value[0] # ALIAS is typically handled as CNAME in dns.nix - lines.append(f' CNAME = [ "{value}." ];') + lines.append(f' CNAME = [ "{ensure_fqdn(value)}" ];') if "MX" in record: values = record["MX"] if isinstance(values, list): - lines.append(" MX = [") + lines.append(" MX = [") for i, v in enumerate(values): - # MX records need priority; default to (i+1)*10 priority = (i + 1) * 10 - lines.append(" {") - lines.append(f' exchange = "{ensure_fqdn(v)}";') - lines.append(f" preference = {priority};") - lines.append(" }") - lines.append(" ];") + lines.append(" {") + lines.append(f' exchange = "{ensure_fqdn(v)}";') + lines.append(f" preference = {priority};") + lines.append(" }") + lines.append(" ];") else: - lines.append(" MX = [") - lines.append(" {") - lines.append(f' exchange = "{ensure_fqdn(values)}";') - lines.append(" preference = 10;") - lines.append(" }") - lines.append(" ];") + lines.append(" MX = [") + lines.append(" {") + lines.append(f' exchange = "{ensure_fqdn(values)}";') + lines.append(" preference = 10;") + lines.append(" }") + lines.append(" ];") if "TXT" in record: values = record["TXT"] if isinstance(values, list): if len(values) == 1: - lines.append(f' TXT = [ "{escape_nix_string(values[0])}" ];') + lines.append(f' TXT = [ "{escape_nix_string(values[0])}" ];') else: - lines.append(" TXT = [") + lines.append(" TXT = [") for v in values: - lines.append(f' "{escape_nix_string(v)}"') - lines.append(" ];") + lines.append(f' "{escape_nix_string(v)}"') + lines.append(" ];") else: - lines.append(f' TXT = [ "{escape_nix_string(values)}" ];') + lines.append(f' TXT = [ "{escape_nix_string(values)}" ];') if "NS" in record: values = record["NS"] if isinstance(values, list): if len(values) == 1: - lines.append(f' NS = [ "{ensure_fqdn(values[0])}" ];') + lines.append(f' NS = [ "{ensure_fqdn(values[0])}" ];') else: - lines.append(" NS = [") + lines.append(" NS = [") for v in values: - lines.append(f' "{ensure_fqdn(v)}"') - lines.append(" ];") + lines.append(f' "{ensure_fqdn(v)}"') + lines.append(" ];") else: - lines.append(f' NS = [ "{ensure_fqdn(values)}" ];') + lines.append(f' NS = [ "{ensure_fqdn(values)}" ];') if "SRV" in record: values = record["SRV"] if isinstance(values, list): - lines.append(" SRV = [") + lines.append(" SRV = [") for srv in values: - lines.append(" {") + lines.append(" {") if "service" in srv: - lines.append(f' service = "{srv["service"]}";') + lines.append(f' service = "{srv["service"]}";') if "proto" in srv: - lines.append(f' proto = "{srv["proto"]}";') + lines.append(f' proto = "{srv["proto"]}";') if "port" in srv: - lines.append(f" port = {srv['port']};") + lines.append(f" port = {srv['port']};") if "priority" in srv: - lines.append(f" priority = {srv['priority']};") + lines.append(f" priority = {srv['priority']};") if "weight" in srv: - lines.append(f" weight = {srv['weight']};") + lines.append(f" weight = {srv['weight']};") if "target" in srv: - lines.append(f' target = "{ensure_fqdn(srv["target"])}";') - lines.append(" }") - lines.append(" ];") + lines.append(f' target = "{ensure_fqdn(srv["target"])}";') + lines.append(" }") + lines.append(" ];") if "CAA" in record: values = record["CAA"] if isinstance(values, list): - lines.append(" CAA = [") + lines.append(" CAA = [") for caa in values: - lines.append(" {") + lines.append(" {") if "flags" in caa: - lines.append(f" flags = {caa['flags']};") + lines.append(f" flags = {caa['flags']};") if "tag" in caa: - lines.append(f' tag = "{caa["tag"]}";') + lines.append(f' tag = "{caa["tag"]}";') if "value" in caa: - lines.append(f' value = "{escape_nix_string(caa["value"])}";') - lines.append(" }") - lines.append(" ];") + lines.append(f' value = "{escape_nix_string(caa["value"])}";') + lines.append(" }") + lines.append(" ];") return lines