From 97dbf4b4fa0c3a91e9d6239c2df27568ba888f06 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 21 Mar 2026 11:54:50 +0000 Subject: [PATCH 01/32] [automated] update stats --- stats/count.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stats/count.txt b/stats/count.txt index e85087a..64bb6b7 100644 --- a/stats/count.txt +++ b/stats/count.txt @@ -1 +1 @@ -31 +30 From 0015313795a473d13743d90bce35d5c2892ef4ac Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sat, 21 Mar 2026 19:13:53 +0700 Subject: [PATCH 02/32] base flake.nix and example --- .gitignore | 3 +- docs/example.nix | 78 ++++++++++++++++++++++++++++++++++++++++++++++ domains/satr14.nix | 5 +++ flake.nix | 26 ++++++++++++---- 4 files changed, 105 insertions(+), 7 deletions(-) create mode 100644 docs/example.nix create mode 100644 domains/satr14.nix diff --git a/.gitignore b/.gitignore index 6d32cd8..0ff973d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ creds.json -types-dnscontrol.d.ts \ No newline at end of file +types-dnscontrol.d.ts +result \ No newline at end of file diff --git a/docs/example.nix b/docs/example.nix new file mode 100644 index 0000000..5a58fe9 --- /dev/null +++ b/docs/example.nix @@ -0,0 +1,78 @@ +{ dns, ... }: let + owner = { + username = "satr14washere"; + email = "admin@satr14.my.id"; + }; + proxy = false; +in with dns.lib.combinators; { + A = [ + { address = "203.0.113.1"; ttl = 60 * 60; } + "203.0.113.2" + (ttl (60 * 60) (a "203.0.113.3")) + ]; + + AAAA = [ + "4321:0:1:2:3:4:567:89ab" + ]; + + MX = mx.google; + + TXT = [ + (with spf; strict [ "a:mail.example.com" google ]) + ]; + + DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; + + CAA = letsEncrypt "admin@example.com"; + + SRV = [ + { + service = "sip"; + proto = "tcp"; + port = 5060; + target = "sip.example.com"; + } + ]; + + SSHFP = [ + { + algorithm = "ed25519"; + fingerprintType = "sha256"; + fingerprint = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; + } + ]; + OPENPGPKEY = [ + "very long base64 text" + ]; + HTTPS = [ + { + svcPriority = 1; + targetName = "."; + alpn = [ "http/1.1" "h2" "h3" ]; + ipv4hint = [ "203.0.113.1" "203.0.113.2" "203.0.113.3" ]; + ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ]; + } + ]; + TLSA = [ + { + certUsage = "dane-ee"; + selector = "spki"; + matchingType = "sha256"; + certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; + } + ]; + + subdomains = rec { + www.A = [ "203.0.113.4" ]; + www2 = host "203.0.113.5" "4321:0:1:2:3:4:567:89bb"; + www3 = host "203.0.113.6" null; + www4 = www3; + + staging = delegateTo [ + "ns1.another.com." + "ns2.another.com." + ]; + + foo.subdomains.www.CNAME = [ "foo.test.com." ]; + }; +} diff --git a/domains/satr14.nix b/domains/satr14.nix new file mode 100644 index 0000000..e9b421c --- /dev/null +++ b/domains/satr14.nix @@ -0,0 +1,5 @@ +{ ... }: let + owner.username = "satr14washere"; +in { + CNAME = "5th-site.pages.dev"; +} \ No newline at end of file diff --git a/flake.nix b/flake.nix index b35d8b3..5bbc857 100644 --- a/flake.nix +++ b/flake.nix @@ -1,5 +1,5 @@ { - description = "Zone File Generator For part-of.my.id"; + description = "Zone File Generator"; inputs.dns.url = "github:nix-community/dns.nix"; outputs = { dns, ... }: let @@ -11,6 +11,20 @@ "fattouche.ns.cloudflare.com" ]; }; + + domainFiles = let + dir = ./domains; + entries = builtins.readDir ./domains; + nixFiles = builtins.filter (name: builtins.match ".*\\.nix$" name != null) (builtins.attrNames entries); + in map (name: { + subdomain = builtins.replaceStrings [ ".nix" ] [ "" ] name; + config = import (dir + "/${name}") { inherit dns; }; + }) nixFiles; + + subdomainsFromFiles = builtins.listToAttrs (map (entry: { + name = entry.subdomain; + value = entry.config; + }) domainFiles); in { packages.x86_64-linux = builtins.mapAttrs (_: domain: dns.util.x86_64-linux.writeZone domain.domain ( @@ -21,12 +35,12 @@ serial = builtins.currentTime; }; NS = domain.nameservers; - - # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are just so that dns.nix builds a valid zone file. - - A = [ "1.1.1.1" ]; + + # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. + + subdomains = subdomainsFromFiles; } ) ) domains; }; -} +} \ No newline at end of file From e7d62df069ed9ae7d3d595e6bab6b92b05a1fd5e Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sat, 21 Mar 2026 19:15:20 +0700 Subject: [PATCH 03/32] todo implementation --- flake.nix | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/flake.nix b/flake.nix index 5bbc857..9dd8906 100644 --- a/flake.nix +++ b/flake.nix @@ -11,20 +11,6 @@ "fattouche.ns.cloudflare.com" ]; }; - - domainFiles = let - dir = ./domains; - entries = builtins.readDir ./domains; - nixFiles = builtins.filter (name: builtins.match ".*\\.nix$" name != null) (builtins.attrNames entries); - in map (name: { - subdomain = builtins.replaceStrings [ ".nix" ] [ "" ] name; - config = import (dir + "/${name}") { inherit dns; }; - }) nixFiles; - - subdomainsFromFiles = builtins.listToAttrs (map (entry: { - name = entry.subdomain; - value = entry.config; - }) domainFiles); in { packages.x86_64-linux = builtins.mapAttrs (_: domain: dns.util.x86_64-linux.writeZone domain.domain ( @@ -38,7 +24,8 @@ # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. - subdomains = subdomainsFromFiles; + #subdomains = ; + # ^^ todo: implement file imports from ./domains } ) ) domains; From 71102fabc8c16e13be5762fae46aad2ec7e4b555 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sat, 21 Mar 2026 19:33:49 +0700 Subject: [PATCH 04/32] remove apex, managed seperately --- domains/@.json | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 domains/@.json diff --git a/domains/@.json b/domains/@.json deleted file mode 100644 index 9c9947c..0000000 --- a/domains/@.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "description": "dashboard and main website", - "owner": { - "username": "partofmyid" - }, - "record": { - "ALIAS": "website-e7n.pages.dev" - } -} From a97ad1b804202c2d60bd0dcb18e737282273cb09 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sat, 21 Mar 2026 20:13:05 +0700 Subject: [PATCH 05/32] migrated nix files --- domains/_discord.colin.nix | 9 + domains/_discord.cutedog5695.nix | 10 ++ domains/_discord.justdeveloper.nix | 10 ++ domains/_discord.nix | 8 + domains/_discord.roki.nix | 8 + domains/batman.nix | 8 + domains/c.nix | 9 + domains/colin.nix | 9 + domains/cutedog5695.nix | 10 ++ domains/elkaff.nix | 7 + domains/j.nix | 10 ++ domains/jacob.nix | 8 + domains/jd.nix | 10 ++ domains/job.nix | 8 + domains/joel.nix | 16 ++ domains/js.nix | 10 ++ domains/just.nix | 10 ++ domains/justdev.nix | 10 ++ domains/justdeveloper.nix | 10 ++ domains/juststudio.nix | 10 ++ domains/katz.nix | 8 + domains/no-one-is.nix | 9 + domains/pxl.nix | 8 + domains/rchessauth.nix | 8 + domains/roki.nix | 9 + domains/satr14.nix | 12 +- domains/stef.nix | 9 + domains/ukriu.nix | 10 ++ domains/you-are.nix | 9 + scripts/migrate-json-to-nix.py | 279 +++++++++++++++++++++++++++++ 30 files changed, 546 insertions(+), 5 deletions(-) create mode 100644 domains/_discord.colin.nix create mode 100644 domains/_discord.cutedog5695.nix create mode 100644 domains/_discord.justdeveloper.nix create mode 100644 domains/_discord.nix create mode 100644 domains/_discord.roki.nix create mode 100644 domains/batman.nix create mode 100644 domains/c.nix create mode 100644 domains/colin.nix create mode 100644 domains/cutedog5695.nix create mode 100644 domains/elkaff.nix create mode 100644 domains/j.nix create mode 100644 domains/jacob.nix create mode 100644 domains/jd.nix create mode 100644 domains/job.nix create mode 100644 domains/joel.nix create mode 100644 domains/js.nix create mode 100644 domains/just.nix create mode 100644 domains/justdev.nix create mode 100644 domains/justdeveloper.nix create mode 100644 domains/juststudio.nix create mode 100644 domains/katz.nix create mode 100644 domains/no-one-is.nix create mode 100644 domains/pxl.nix create mode 100644 domains/rchessauth.nix create mode 100644 domains/roki.nix create mode 100644 domains/stef.nix create mode 100644 domains/ukriu.nix create mode 100644 domains/you-are.nix create mode 100755 scripts/migrate-json-to-nix.py diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix new file mode 100644 index 0000000..e107e70 --- /dev/null +++ b/domains/_discord.colin.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "ColinLeDev"; + }; + description = "Discord verification"; + proxy = false; +in with dns.lib.combinators; { + TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; +} diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix new file mode 100644 index 0000000..8b6e78e --- /dev/null +++ b/domains/_discord.cutedog5695.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "CuteDog5695"; + email = "cutedog5695@gmail.com"; + repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; + }; + proxy = false; +in with dns.lib.combinators; { + TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; +} diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix new file mode 100644 index 0000000..c1025bb --- /dev/null +++ b/domains/_discord.justdeveloper.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; +} diff --git a/domains/_discord.nix b/domains/_discord.nix new file mode 100644 index 0000000..ee3009d --- /dev/null +++ b/domains/_discord.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "satr14washere"; + }; + proxy = false; +in with dns.lib.combinators; { + TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; +} diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix new file mode 100644 index 0000000..5b1d452 --- /dev/null +++ b/domains/_discord.roki.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "Roki100"; + discord = "289479495444987904"; + }; +in with dns.lib.combinators; { + TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; +} diff --git a/domains/batman.nix b/domains/batman.nix new file mode 100644 index 0000000..0ad04bd --- /dev/null +++ b/domains/batman.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "shadowe1ite"; + }; + proxy = true; +in with dns.lib.combinators; { + CNAME = [ "shadowe1ite.github.io." ]; +} diff --git a/domains/c.nix b/domains/c.nix new file mode 100644 index 0000000..bed0b01 --- /dev/null +++ b/domains/c.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "orangci"; + email = "c@orangc.xyz"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/colin.nix b/domains/colin.nix new file mode 100644 index 0000000..277aba7 --- /dev/null +++ b/domains/colin.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "ColinLeDev"; + }; + description = "My personal portfolio hosted on my server"; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "proxy.col1n.fr." ]; +} diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix new file mode 100644 index 0000000..f20329f --- /dev/null +++ b/domains/cutedog5695.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "CuteDog5695"; + email = "cutedog5695@gmail.com"; + repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/elkaff.nix b/domains/elkaff.nix new file mode 100644 index 0000000..9ead547 --- /dev/null +++ b/domains/elkaff.nix @@ -0,0 +1,7 @@ +{ dns, ... }: let + owner = { + username = "elkhaff"; + }; +in with dns.lib.combinators; { + CNAME = [ "portofolio-pixel.pages.dev." ]; +} diff --git a/domains/j.nix b/domains/j.nix new file mode 100644 index 0000000..8cd38c6 --- /dev/null +++ b/domains/j.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/jacob.nix b/domains/jacob.nix new file mode 100644 index 0000000..46839f9 --- /dev/null +++ b/domains/jacob.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "jacobrdale"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "hexon404.onrender.com." ]; +} diff --git a/domains/jd.nix b/domains/jd.nix new file mode 100644 index 0000000..4555867 --- /dev/null +++ b/domains/jd.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/job.nix b/domains/job.nix new file mode 100644 index 0000000..c2623ab --- /dev/null +++ b/domains/job.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "FWEEaaaa1"; + }; + proxy = false; +in with dns.lib.combinators; { + A = [ "128.204.223.115" ]; +} diff --git a/domains/joel.nix b/domains/joel.nix new file mode 100644 index 0000000..f1ad335 --- /dev/null +++ b/domains/joel.nix @@ -0,0 +1,16 @@ +{ dns, ... }: let + owner = { + username = "joestr"; + email = "strasser999@gmail.com"; + }; + proxy = false; +in with dns.lib.combinators; { + A = [ "142.132.173.34" ]; + AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; + MX = [ + { + exchange = "achlys.infra.joestr.at."; + preference = 10; + } + ]; +} diff --git a/domains/js.nix b/domains/js.nix new file mode 100644 index 0000000..8cd38c6 --- /dev/null +++ b/domains/js.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/just.nix b/domains/just.nix new file mode 100644 index 0000000..4555867 --- /dev/null +++ b/domains/just.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/justdev.nix b/domains/justdev.nix new file mode 100644 index 0000000..4555867 --- /dev/null +++ b/domains/justdev.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix new file mode 100644 index 0000000..4555867 --- /dev/null +++ b/domains/justdeveloper.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/juststudio.nix b/domains/juststudio.nix new file mode 100644 index 0000000..8cd38c6 --- /dev/null +++ b/domains/juststudio.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/katz.nix b/domains/katz.nix new file mode 100644 index 0000000..c369c96 --- /dev/null +++ b/domains/katz.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "Bananalolok"; + }; + proxy = false; +in with dns.lib.combinators; { + A = [ "69.197.135.205" ]; +} diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix new file mode 100644 index 0000000..8fcb680 --- /dev/null +++ b/domains/no-one-is.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "EducatedSuddenBucket"; + email = "me@esb.is-a.dev"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; +} diff --git a/domains/pxl.nix b/domains/pxl.nix new file mode 100644 index 0000000..2b3bce0 --- /dev/null +++ b/domains/pxl.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "heypxl"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "heypxl.github.io." ]; +} diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix new file mode 100644 index 0000000..6ddd4c4 --- /dev/null +++ b/domains/rchessauth.nix @@ -0,0 +1,8 @@ +{ dns, ... }: let + owner = { + username = "vortexprime24"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "fire.hackclub.app." ]; +} diff --git a/domains/roki.nix b/domains/roki.nix new file mode 100644 index 0000000..43d30e6 --- /dev/null +++ b/domains/roki.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "Roki100"; + discord = "289479495444987904"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "edge.redirect.pizza." ]; +} diff --git a/domains/satr14.nix b/domains/satr14.nix index e9b421c..fa6e690 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,5 +1,7 @@ -{ ... }: let - owner.username = "satr14washere"; -in { - CNAME = "5th-site.pages.dev"; -} \ No newline at end of file +{ dns, ... }: let + owner = { + username = "satr14washere"; + }; +in with dns.lib.combinators; { + CNAME = [ "5th-site.pages.dev." ]; +} diff --git a/domains/stef.nix b/domains/stef.nix new file mode 100644 index 0000000..88e3870 --- /dev/null +++ b/domains/stef.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "Stef-00012"; + email = "admin@stefdp.lol"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "proxy.stefdp.lol." ]; +} diff --git a/domains/ukriu.nix b/domains/ukriu.nix new file mode 100644 index 0000000..bab016a --- /dev/null +++ b/domains/ukriu.nix @@ -0,0 +1,10 @@ +{ dns, ... }: let + owner = { + username = "ukriu"; + email = "partofmyid@ukriu.com"; + }; + description = "my website"; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "ukriu.pages.dev." ]; +} diff --git a/domains/you-are.nix b/domains/you-are.nix new file mode 100644 index 0000000..3cad0e8 --- /dev/null +++ b/domains/you-are.nix @@ -0,0 +1,9 @@ +{ dns, ... }: let + owner = { + username = "Stef-00012"; + email = "admin@stefdp.com"; + }; + proxy = false; +in with dns.lib.combinators; { + CNAME = [ "proxy.stefdp.com." ]; +} diff --git a/scripts/migrate-json-to-nix.py b/scripts/migrate-json-to-nix.py new file mode 100755 index 0000000..b85649f --- /dev/null +++ b/scripts/migrate-json-to-nix.py @@ -0,0 +1,279 @@ +#!/usr/bin/env python3 +""" +Migration script to convert domains/*.json to domains/*.nix + +Reads each JSON domain config and generates a corresponding .nix file +following the format from docs/example.nix. + +Usage: + python3 scripts/migrate-json-to-nix.py [--dry-run] [--delete-json] + +Options: + --dry-run Print generated .nix content to stdout without writing files + --delete-json Delete the original .json files after successful conversion +""" + +import json +import sys +import os +from pathlib import Path + +DOMAINS_DIR = Path(__file__).resolve().parent.parent / "domains" + + +def json_to_nix(data: dict) -> str: + """Convert a single domain JSON config to a .nix file string.""" + owner = data.get("owner", {}) + description = data.get("description") + record = data.get("record", {}) + # Some files use "proxy", others use "proxied" + proxy = data.get("proxied", data.get("proxy")) + + lines = [] + + # Header + lines.append("{ dns, ... }: let") + + # Owner block + owner_lines = [] + if owner.get("username"): + owner_lines.append(f' username = "{owner["username"]}";') + if owner.get("email"): + owner_lines.append(f' email = "{owner["email"]}";') + if owner.get("discord"): + owner_lines.append(f' discord = "{owner["discord"]}";') + if owner.get("repo"): + owner_lines.append(f' repo = "{owner["repo"]}";') + + lines.append(" owner = {") + for ol in owner_lines: + lines.append(ol) + lines.append(" };") + + if description is not None: + lines.append(f' description = "{escape_nix_string(description)}";') + + if proxy is not None: + lines.append(f" proxy = {'true' if proxy else 'false'};") + + lines.append("in with dns.lib.combinators; {") + + # Records + record_lines = build_record_lines(record) + for rl in record_lines: + lines.append(rl) + + lines.append("}") + lines.append("") + + return "\n".join(lines) + + +def escape_nix_string(s: str) -> str: + """Escape special characters for a Nix double-quoted string.""" + s = s.replace("\\", "\\\\") + s = s.replace('"', '\\"') + s = s.replace("${", "\\${") + return s + + +def build_record_lines(record: dict) -> list[str]: + """Build the Nix record lines from the JSON record dict.""" + lines = [] + + if "A" in record: + values = record["A"] + if isinstance(values, list): + if len(values) == 1: + lines.append(f' A = [ "{values[0]}" ];') + else: + lines.append(" A = [") + for v in values: + lines.append(f' "{v}"') + lines.append(" ];") + else: + lines.append(f' A = [ "{values}" ];') + + if "AAAA" in record: + values = record["AAAA"] + if isinstance(values, list): + if len(values) == 1: + lines.append(f' AAAA = [ "{values[0]}" ];') + else: + lines.append(" AAAA = [") + for v in values: + lines.append(f' "{v}"') + lines.append(" ];") + else: + lines.append(f' AAAA = [ "{values}" ];') + + if "CNAME" in record: + value = record["CNAME"] + if isinstance(value, list): + value = value[0] + lines.append(f' CNAME = [ "{value}." ];') + + if "ALIAS" in record: + value = record["ALIAS"] + if isinstance(value, list): + value = value[0] + # ALIAS is typically handled as CNAME in dns.nix + lines.append(f' CNAME = [ "{value}." ];') + + if "MX" in record: + values = record["MX"] + if isinstance(values, list): + lines.append(" MX = [") + for i, v in enumerate(values): + # MX records need priority; default to (i+1)*10 + priority = (i + 1) * 10 + lines.append(" {") + lines.append(f' exchange = "{ensure_fqdn(v)}";') + lines.append(f" preference = {priority};") + lines.append(" }") + lines.append(" ];") + else: + lines.append(" MX = [") + lines.append(" {") + lines.append(f' exchange = "{ensure_fqdn(values)}";') + lines.append(" preference = 10;") + lines.append(" }") + lines.append(" ];") + + if "TXT" in record: + values = record["TXT"] + if isinstance(values, list): + if len(values) == 1: + lines.append(f' TXT = [ "{escape_nix_string(values[0])}" ];') + else: + lines.append(" TXT = [") + for v in values: + lines.append(f' "{escape_nix_string(v)}"') + lines.append(" ];") + else: + lines.append(f' TXT = [ "{escape_nix_string(values)}" ];') + + if "NS" in record: + values = record["NS"] + if isinstance(values, list): + if len(values) == 1: + lines.append(f' NS = [ "{ensure_fqdn(values[0])}" ];') + else: + lines.append(" NS = [") + for v in values: + lines.append(f' "{ensure_fqdn(v)}"') + lines.append(" ];") + else: + lines.append(f' NS = [ "{ensure_fqdn(values)}" ];') + + if "SRV" in record: + values = record["SRV"] + if isinstance(values, list): + lines.append(" SRV = [") + for srv in values: + lines.append(" {") + if "service" in srv: + lines.append(f' service = "{srv["service"]}";') + if "proto" in srv: + lines.append(f' proto = "{srv["proto"]}";') + if "port" in srv: + lines.append(f" port = {srv['port']};") + if "priority" in srv: + lines.append(f" priority = {srv['priority']};") + if "weight" in srv: + lines.append(f" weight = {srv['weight']};") + if "target" in srv: + lines.append(f' target = "{ensure_fqdn(srv["target"])}";') + lines.append(" }") + lines.append(" ];") + + if "CAA" in record: + values = record["CAA"] + if isinstance(values, list): + lines.append(" CAA = [") + for caa in values: + lines.append(" {") + if "flags" in caa: + lines.append(f" flags = {caa['flags']};") + if "tag" in caa: + lines.append(f' tag = "{caa["tag"]}";') + if "value" in caa: + lines.append(f' value = "{escape_nix_string(caa["value"])}";') + lines.append(" }") + lines.append(" ];") + + return lines + + +def ensure_fqdn(domain: str) -> str: + """Ensure a domain name ends with a dot (FQDN).""" + if not domain.endswith("."): + return domain + "." + return domain + + +def migrate_file(json_path: Path, dry_run: bool = False, delete_json: bool = False) -> bool: + """Migrate a single JSON file to .nix. Returns True on success.""" + try: + with open(json_path, "r") as f: + data = json.load(f) + except json.JSONDecodeError as e: + print(f" ERROR: Failed to parse {json_path.name}: {e}", file=sys.stderr) + return False + + nix_content = json_to_nix(data) + nix_filename = json_path.stem + ".nix" + nix_path = json_path.parent / nix_filename + + if dry_run: + print(f"--- {nix_filename} ---") + print(nix_content) + return True + + with open(nix_path, "w") as f: + f.write(nix_content) + + print(f" Created {nix_path.name}") + + if delete_json: + json_path.unlink() + print(f" Deleted {json_path.name}") + + return True + + +def main(): + dry_run = "--dry-run" in sys.argv + delete_json = "--delete-json" in sys.argv + + if not DOMAINS_DIR.exists(): + print(f"Error: domains directory not found at {DOMAINS_DIR}", file=sys.stderr) + sys.exit(1) + + json_files = sorted(DOMAINS_DIR.glob("*.json")) + + if not json_files: + print("No JSON files found in domains/") + sys.exit(0) + + print(f"Found {len(json_files)} JSON file(s) to migrate") + if dry_run: + print("(dry run — no files will be written)\n") + + success = 0 + failed = 0 + + for json_path in json_files: + print(f"Migrating {json_path.name}...") + if migrate_file(json_path, dry_run=dry_run, delete_json=delete_json): + success += 1 + else: + failed += 1 + + print(f"\nDone: {success} succeeded, {failed} failed") + if failed > 0: + sys.exit(1) + + +if __name__ == "__main__": + main() \ No newline at end of file From 08350def49fdaed61148fd40c83aafb6e1df6372 Mon Sep 17 00:00:00 2001 From: orangc Date: Sat, 21 Mar 2026 16:32:42 +0300 Subject: [PATCH 06/32] style: formatting with nixfmt --- docs/example.nix | 35 +++++++++++------ domains/_discord.colin.nix | 10 ++--- domains/_discord.cutedog5695.nix | 11 ++---- domains/_discord.justdeveloper.nix | 11 ++---- domains/_discord.nix | 9 ++--- domains/_discord.roki.nix | 9 ++--- domains/batman.nix | 9 ++--- domains/c.nix | 10 ++--- domains/colin.nix | 10 ++--- domains/cutedog5695.nix | 11 ++---- domains/elkaff.nix | 8 ++-- domains/j.nix | 11 ++---- domains/jacob.nix | 9 ++--- domains/jd.nix | 11 ++---- domains/job.nix | 9 ++--- domains/joel.nix | 10 ++--- domains/js.nix | 11 ++---- domains/just.nix | 11 ++---- domains/justdev.nix | 11 ++---- domains/justdeveloper.nix | 11 ++---- domains/juststudio.nix | 11 ++---- domains/katz.nix | 9 ++--- domains/no-one-is.nix | 10 ++--- domains/pxl.nix | 9 ++--- domains/rchessauth.nix | 9 ++--- domains/roki.nix | 10 ++--- domains/satr14.nix | 8 ++-- domains/stef.nix | 10 ++--- domains/ukriu.nix | 11 ++---- domains/you-are.nix | 10 ++--- flake.nix | 61 ++++++++++++++++-------------- 31 files changed, 144 insertions(+), 241 deletions(-) diff --git a/docs/example.nix b/docs/example.nix index 5a58fe9..bd700f3 100644 --- a/docs/example.nix +++ b/docs/example.nix @@ -1,12 +1,11 @@ -{ dns, ... }: let - owner = { - username = "satr14washere"; - email = "admin@satr14.my.id"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ A = [ - { address = "203.0.113.1"; ttl = 60 * 60; } + { + address = "203.0.113.1"; + ttl = 60 * 60; + } "203.0.113.2" (ttl (60 * 60) (a "203.0.113.3")) ]; @@ -18,7 +17,13 @@ in with dns.lib.combinators; { MX = mx.google; TXT = [ - (with spf; strict [ "a:mail.example.com" google ]) + ( + with spf; + strict [ + "a:mail.example.com" + google + ] + ) ]; DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; @@ -48,8 +53,16 @@ in with dns.lib.combinators; { { svcPriority = 1; targetName = "."; - alpn = [ "http/1.1" "h2" "h3" ]; - ipv4hint = [ "203.0.113.1" "203.0.113.2" "203.0.113.3" ]; + alpn = [ + "http/1.1" + "h2" + "h3" + ]; + ipv4hint = [ + "203.0.113.1" + "203.0.113.2" + "203.0.113.3" + ]; ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ]; } ]; diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index e107e70..aff9a5d 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "ColinLeDev"; - }; - description = "Discord verification"; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; } diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix index 8b6e78e..597ab61 100644 --- a/domains/_discord.cutedog5695.nix +++ b/domains/_discord.cutedog5695.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "CuteDog5695"; - email = "cutedog5695@gmail.com"; - repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; } diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix index c1025bb..a7ac99e 100644 --- a/domains/_discord.justdeveloper.nix +++ b/domains/_discord.justdeveloper.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; } diff --git a/domains/_discord.nix b/domains/_discord.nix index ee3009d..95090d8 100644 --- a/domains/_discord.nix +++ b/domains/_discord.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "satr14washere"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; } diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix index 5b1d452..48e6a52 100644 --- a/domains/_discord.roki.nix +++ b/domains/_discord.roki.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "Roki100"; - discord = "289479495444987904"; - }; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; } diff --git a/domains/batman.nix b/domains/batman.nix index 0ad04bd..3b6202d 100644 --- a/domains/batman.nix +++ b/domains/batman.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "shadowe1ite"; - }; - proxy = true; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "shadowe1ite.github.io." ]; } diff --git a/domains/c.nix b/domains/c.nix index bed0b01..9ecb30a 100644 --- a/domains/c.nix +++ b/domains/c.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "orangci"; - email = "c@orangc.xyz"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/colin.nix b/domains/colin.nix index 277aba7..4fe7a4a 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "ColinLeDev"; - }; - description = "My personal portfolio hosted on my server"; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "proxy.col1n.fr." ]; } diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix index f20329f..9ecb30a 100644 --- a/domains/cutedog5695.nix +++ b/domains/cutedog5695.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "CuteDog5695"; - email = "cutedog5695@gmail.com"; - repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/elkaff.nix b/domains/elkaff.nix index 9ead547..109e65c 100644 --- a/domains/elkaff.nix +++ b/domains/elkaff.nix @@ -1,7 +1,5 @@ -{ dns, ... }: let - owner = { - username = "elkhaff"; - }; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "portofolio-pixel.pages.dev." ]; } diff --git a/domains/j.nix b/domains/j.nix index 8cd38c6..9ecb30a 100644 --- a/domains/j.nix +++ b/domains/j.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "support@juststudio.is-a.dev"; - repo = "https://github.com/JustStudio7/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/jacob.nix b/domains/jacob.nix index 46839f9..34c1508 100644 --- a/domains/jacob.nix +++ b/domains/jacob.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "jacobrdale"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "hexon404.onrender.com." ]; } diff --git a/domains/jd.nix b/domains/jd.nix index 4555867..9ecb30a 100644 --- a/domains/jd.nix +++ b/domains/jd.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/job.nix b/domains/job.nix index c2623ab..df2d227 100644 --- a/domains/job.nix +++ b/domains/job.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "FWEEaaaa1"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ A = [ "128.204.223.115" ]; } diff --git a/domains/joel.nix b/domains/joel.nix index f1ad335..c5af765 100644 --- a/domains/joel.nix +++ b/domains/joel.nix @@ -1,10 +1,6 @@ -{ dns, ... }: let - owner = { - username = "joestr"; - email = "strasser999@gmail.com"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ A = [ "142.132.173.34" ]; AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; MX = [ diff --git a/domains/js.nix b/domains/js.nix index 8cd38c6..9ecb30a 100644 --- a/domains/js.nix +++ b/domains/js.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "support@juststudio.is-a.dev"; - repo = "https://github.com/JustStudio7/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/just.nix b/domains/just.nix index 4555867..9ecb30a 100644 --- a/domains/just.nix +++ b/domains/just.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/justdev.nix b/domains/justdev.nix index 4555867..9ecb30a 100644 --- a/domains/justdev.nix +++ b/domains/justdev.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix index 4555867..9ecb30a 100644 --- a/domains/justdeveloper.nix +++ b/domains/justdeveloper.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/juststudio.nix b/domains/juststudio.nix index 8cd38c6..9ecb30a 100644 --- a/domains/juststudio.nix +++ b/domains/juststudio.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "JustDeveloper1"; - email = "support@juststudio.is-a.dev"; - repo = "https://github.com/JustStudio7/Website"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/katz.nix b/domains/katz.nix index c369c96..0751913 100644 --- a/domains/katz.nix +++ b/domains/katz.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "Bananalolok"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ A = [ "69.197.135.205" ]; } diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix index 8fcb680..391d7e6 100644 --- a/domains/no-one-is.nix +++ b/domains/no-one-is.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "EducatedSuddenBucket"; - email = "me@esb.is-a.dev"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; } diff --git a/domains/pxl.nix b/domains/pxl.nix index 2b3bce0..0076d71 100644 --- a/domains/pxl.nix +++ b/domains/pxl.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "heypxl"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "heypxl.github.io." ]; } diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix index 6ddd4c4..9b7f17f 100644 --- a/domains/rchessauth.nix +++ b/domains/rchessauth.nix @@ -1,8 +1,5 @@ -{ dns, ... }: let - owner = { - username = "vortexprime24"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "fire.hackclub.app." ]; } diff --git a/domains/roki.nix b/domains/roki.nix index 43d30e6..9ecb30a 100644 --- a/domains/roki.nix +++ b/domains/roki.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "Roki100"; - discord = "289479495444987904"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/satr14.nix b/domains/satr14.nix index fa6e690..cfc5b01 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,7 +1,5 @@ -{ dns, ... }: let - owner = { - username = "satr14washere"; - }; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "5th-site.pages.dev." ]; } diff --git a/domains/stef.nix b/domains/stef.nix index 88e3870..47f7470 100644 --- a/domains/stef.nix +++ b/domains/stef.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "Stef-00012"; - email = "admin@stefdp.lol"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "proxy.stefdp.lol." ]; } diff --git a/domains/ukriu.nix b/domains/ukriu.nix index bab016a..48bb496 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -1,10 +1,5 @@ -{ dns, ... }: let - owner = { - username = "ukriu"; - email = "partofmyid@ukriu.com"; - }; - description = "my website"; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "ukriu.pages.dev." ]; } diff --git a/domains/you-are.nix b/domains/you-are.nix index 3cad0e8..914193f 100644 --- a/domains/you-are.nix +++ b/domains/you-are.nix @@ -1,9 +1,5 @@ -{ dns, ... }: let - owner = { - username = "Stef-00012"; - email = "admin@stefdp.com"; - }; - proxy = false; -in with dns.lib.combinators; { +{ dns, ... }: +with dns.lib.combinators; +{ CNAME = [ "proxy.stefdp.com." ]; } diff --git a/flake.nix b/flake.nix index 9dd8906..e5b61ba 100644 --- a/flake.nix +++ b/flake.nix @@ -2,32 +2,37 @@ description = "Zone File Generator"; inputs.dns.url = "github:nix-community/dns.nix"; - outputs = { dns, ... }: let - email = "admin@satr14.my.id"; - domains."0" = { - domain = "part-of.my.id"; - nameservers = [ - "adele.ns.cloudflare.com" - "fattouche.ns.cloudflare.com" - ]; + outputs = + { dns, ... }: + let + email = "admin@satr14.my.id"; + domains."0" = { + domain = "part-of.my.id"; + nameservers = [ + "adele.ns.cloudflare.com" + "fattouche.ns.cloudflare.com" + ]; + }; + in + { + packages.x86_64-linux = builtins.mapAttrs ( + _: domain: + dns.util.x86_64-linux.writeZone domain.domain ( + with dns.lib.combinators; + { + SOA = { + adminEmail = email; + nameServer = builtins.head domain.nameservers; + serial = builtins.currentTime; + }; + NS = domain.nameservers; + + # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. + + #subdomains = ; + # ^^ todo: implement file imports from ./domains + } + ) + ) domains; }; - in { - packages.x86_64-linux = builtins.mapAttrs (_: domain: - dns.util.x86_64-linux.writeZone domain.domain ( - with dns.lib.combinators; { - SOA = { - adminEmail = email; - nameServer = builtins.head domain.nameservers; - serial = builtins.currentTime; - }; - NS = domain.nameservers; - - # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. - - #subdomains = ; - # ^^ todo: implement file imports from ./domains - } - ) - ) domains; - }; -} \ No newline at end of file +} From 291bc39a7affb0782a309c2b78a40880381d141f Mon Sep 17 00:00:00 2001 From: orangc Date: Sat, 21 Mar 2026 16:52:05 +0300 Subject: [PATCH 07/32] feat(nix): recursively import domain files via mapping --- flake.nix | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index e5b61ba..c35e986 100644 --- a/flake.nix +++ b/flake.nix @@ -13,6 +13,21 @@ "fattouche.ns.cloudflare.com" ]; }; + + domains = builtins.readDir ./domains; + domainFiles = builtins.filterAttrs ( + name: type: type == "regular" && builtins.match ".*\\.nix" name != null + ) domains; + subdomains = builtins.mapAttrs' ( + name: _: + let + key = builtins.replaceStrings [ ".nix" ] [ "" ] name; + in + { + name = key; + value = import (./domains + "/${name}") { inherit dns; }; + } + ) domainFiles; in { packages.x86_64-linux = builtins.mapAttrs ( @@ -29,8 +44,7 @@ # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. - #subdomains = ; - # ^^ todo: implement file imports from ./domains + inherit subdomains; } ) ) domains; From 20ebb7da08220d167425d4d3e91f33d3ba70efaa Mon Sep 17 00:00:00 2001 From: orangc Date: Sat, 21 Mar 2026 17:05:14 +0300 Subject: [PATCH 08/32] fix(nix): importing thing was brokeb --- flake.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/flake.nix b/flake.nix index c35e986..b442857 100644 --- a/flake.nix +++ b/flake.nix @@ -14,11 +14,13 @@ ]; }; - domains = builtins.readDir ./domains; - domainFiles = builtins.filterAttrs ( + inherit (import { }) lib; + + domainsFolder = builtins.readDir ./domains; + domainFiles = lib.filterAttrs ( name: type: type == "regular" && builtins.match ".*\\.nix" name != null - ) domains; - subdomains = builtins.mapAttrs' ( + ) domainsFolder; + subdomains = lib.mapAttrs' ( name: _: let key = builtins.replaceStrings [ ".nix" ] [ "" ] name; From 3fac80dcfc7d30e00f992a317b9afa5e3df11914 Mon Sep 17 00:00:00 2001 From: orangci Date: Sat, 21 Mar 2026 17:09:29 +0300 Subject: [PATCH 09/32] Revert "Nix" --- docs/example.nix | 35 +++++--------- domains/_discord.colin.nix | 10 ++-- domains/_discord.cutedog5695.nix | 11 +++-- domains/_discord.justdeveloper.nix | 11 +++-- domains/_discord.nix | 9 ++-- domains/_discord.roki.nix | 9 ++-- domains/batman.nix | 9 ++-- domains/c.nix | 10 ++-- domains/colin.nix | 10 ++-- domains/cutedog5695.nix | 11 +++-- domains/elkaff.nix | 8 ++-- domains/j.nix | 11 +++-- domains/jacob.nix | 9 ++-- domains/jd.nix | 11 +++-- domains/job.nix | 9 ++-- domains/joel.nix | 10 ++-- domains/js.nix | 11 +++-- domains/just.nix | 11 +++-- domains/justdev.nix | 11 +++-- domains/justdeveloper.nix | 11 +++-- domains/juststudio.nix | 11 +++-- domains/katz.nix | 9 ++-- domains/no-one-is.nix | 10 ++-- domains/pxl.nix | 9 ++-- domains/rchessauth.nix | 9 ++-- domains/roki.nix | 10 ++-- domains/satr14.nix | 8 ++-- domains/stef.nix | 10 ++-- domains/ukriu.nix | 11 +++-- domains/you-are.nix | 10 ++-- flake.nix | 77 +++++++++++------------------- 31 files changed, 241 insertions(+), 160 deletions(-) diff --git a/docs/example.nix b/docs/example.nix index bd700f3..5a58fe9 100644 --- a/docs/example.nix +++ b/docs/example.nix @@ -1,11 +1,12 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "satr14washere"; + email = "admin@satr14.my.id"; + }; + proxy = false; +in with dns.lib.combinators; { A = [ - { - address = "203.0.113.1"; - ttl = 60 * 60; - } + { address = "203.0.113.1"; ttl = 60 * 60; } "203.0.113.2" (ttl (60 * 60) (a "203.0.113.3")) ]; @@ -17,13 +18,7 @@ with dns.lib.combinators; MX = mx.google; TXT = [ - ( - with spf; - strict [ - "a:mail.example.com" - google - ] - ) + (with spf; strict [ "a:mail.example.com" google ]) ]; DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; @@ -53,16 +48,8 @@ with dns.lib.combinators; { svcPriority = 1; targetName = "."; - alpn = [ - "http/1.1" - "h2" - "h3" - ]; - ipv4hint = [ - "203.0.113.1" - "203.0.113.2" - "203.0.113.3" - ]; + alpn = [ "http/1.1" "h2" "h3" ]; + ipv4hint = [ "203.0.113.1" "203.0.113.2" "203.0.113.3" ]; ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ]; } ]; diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index aff9a5d..e107e70 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "ColinLeDev"; + }; + description = "Discord verification"; + proxy = false; +in with dns.lib.combinators; { TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; } diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix index 597ab61..8b6e78e 100644 --- a/domains/_discord.cutedog5695.nix +++ b/domains/_discord.cutedog5695.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "CuteDog5695"; + email = "cutedog5695@gmail.com"; + repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; + }; + proxy = false; +in with dns.lib.combinators; { TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; } diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix index a7ac99e..c1025bb 100644 --- a/domains/_discord.justdeveloper.nix +++ b/domains/_discord.justdeveloper.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; } diff --git a/domains/_discord.nix b/domains/_discord.nix index 95090d8..ee3009d 100644 --- a/domains/_discord.nix +++ b/domains/_discord.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "satr14washere"; + }; + proxy = false; +in with dns.lib.combinators; { TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; } diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix index 48e6a52..5b1d452 100644 --- a/domains/_discord.roki.nix +++ b/domains/_discord.roki.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "Roki100"; + discord = "289479495444987904"; + }; +in with dns.lib.combinators; { TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; } diff --git a/domains/batman.nix b/domains/batman.nix index 3b6202d..0ad04bd 100644 --- a/domains/batman.nix +++ b/domains/batman.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "shadowe1ite"; + }; + proxy = true; +in with dns.lib.combinators; { CNAME = [ "shadowe1ite.github.io." ]; } diff --git a/domains/c.nix b/domains/c.nix index 9ecb30a..bed0b01 100644 --- a/domains/c.nix +++ b/domains/c.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "orangci"; + email = "c@orangc.xyz"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/colin.nix b/domains/colin.nix index 4fe7a4a..277aba7 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "ColinLeDev"; + }; + description = "My personal portfolio hosted on my server"; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "proxy.col1n.fr." ]; } diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix index 9ecb30a..f20329f 100644 --- a/domains/cutedog5695.nix +++ b/domains/cutedog5695.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "CuteDog5695"; + email = "cutedog5695@gmail.com"; + repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/elkaff.nix b/domains/elkaff.nix index 109e65c..9ead547 100644 --- a/domains/elkaff.nix +++ b/domains/elkaff.nix @@ -1,5 +1,7 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "elkhaff"; + }; +in with dns.lib.combinators; { CNAME = [ "portofolio-pixel.pages.dev." ]; } diff --git a/domains/j.nix b/domains/j.nix index 9ecb30a..8cd38c6 100644 --- a/domains/j.nix +++ b/domains/j.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/jacob.nix b/domains/jacob.nix index 34c1508..46839f9 100644 --- a/domains/jacob.nix +++ b/domains/jacob.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "jacobrdale"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "hexon404.onrender.com." ]; } diff --git a/domains/jd.nix b/domains/jd.nix index 9ecb30a..4555867 100644 --- a/domains/jd.nix +++ b/domains/jd.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/job.nix b/domains/job.nix index df2d227..c2623ab 100644 --- a/domains/job.nix +++ b/domains/job.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "FWEEaaaa1"; + }; + proxy = false; +in with dns.lib.combinators; { A = [ "128.204.223.115" ]; } diff --git a/domains/joel.nix b/domains/joel.nix index c5af765..f1ad335 100644 --- a/domains/joel.nix +++ b/domains/joel.nix @@ -1,6 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "joestr"; + email = "strasser999@gmail.com"; + }; + proxy = false; +in with dns.lib.combinators; { A = [ "142.132.173.34" ]; AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; MX = [ diff --git a/domains/js.nix b/domains/js.nix index 9ecb30a..8cd38c6 100644 --- a/domains/js.nix +++ b/domains/js.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/just.nix b/domains/just.nix index 9ecb30a..4555867 100644 --- a/domains/just.nix +++ b/domains/just.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/justdev.nix b/domains/justdev.nix index 9ecb30a..4555867 100644 --- a/domains/justdev.nix +++ b/domains/justdev.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix index 9ecb30a..4555867 100644 --- a/domains/justdeveloper.nix +++ b/domains/justdeveloper.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/juststudio.nix b/domains/juststudio.nix index 9ecb30a..8cd38c6 100644 --- a/domains/juststudio.nix +++ b/domains/juststudio.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/katz.nix b/domains/katz.nix index 0751913..c369c96 100644 --- a/domains/katz.nix +++ b/domains/katz.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "Bananalolok"; + }; + proxy = false; +in with dns.lib.combinators; { A = [ "69.197.135.205" ]; } diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix index 391d7e6..8fcb680 100644 --- a/domains/no-one-is.nix +++ b/domains/no-one-is.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "EducatedSuddenBucket"; + email = "me@esb.is-a.dev"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; } diff --git a/domains/pxl.nix b/domains/pxl.nix index 0076d71..2b3bce0 100644 --- a/domains/pxl.nix +++ b/domains/pxl.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "heypxl"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "heypxl.github.io." ]; } diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix index 9b7f17f..6ddd4c4 100644 --- a/domains/rchessauth.nix +++ b/domains/rchessauth.nix @@ -1,5 +1,8 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "vortexprime24"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "fire.hackclub.app." ]; } diff --git a/domains/roki.nix b/domains/roki.nix index 9ecb30a..43d30e6 100644 --- a/domains/roki.nix +++ b/domains/roki.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "Roki100"; + discord = "289479495444987904"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/satr14.nix b/domains/satr14.nix index cfc5b01..fa6e690 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,5 +1,7 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "satr14washere"; + }; +in with dns.lib.combinators; { CNAME = [ "5th-site.pages.dev." ]; } diff --git a/domains/stef.nix b/domains/stef.nix index 47f7470..88e3870 100644 --- a/domains/stef.nix +++ b/domains/stef.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "Stef-00012"; + email = "admin@stefdp.lol"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "proxy.stefdp.lol." ]; } diff --git a/domains/ukriu.nix b/domains/ukriu.nix index 48bb496..bab016a 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -1,5 +1,10 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "ukriu"; + email = "partofmyid@ukriu.com"; + }; + description = "my website"; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "ukriu.pages.dev." ]; } diff --git a/domains/you-are.nix b/domains/you-are.nix index 914193f..3cad0e8 100644 --- a/domains/you-are.nix +++ b/domains/you-are.nix @@ -1,5 +1,9 @@ -{ dns, ... }: -with dns.lib.combinators; -{ +{ dns, ... }: let + owner = { + username = "Stef-00012"; + email = "admin@stefdp.com"; + }; + proxy = false; +in with dns.lib.combinators; { CNAME = [ "proxy.stefdp.com." ]; } diff --git a/flake.nix b/flake.nix index b442857..9dd8906 100644 --- a/flake.nix +++ b/flake.nix @@ -2,53 +2,32 @@ description = "Zone File Generator"; inputs.dns.url = "github:nix-community/dns.nix"; - outputs = - { dns, ... }: - let - email = "admin@satr14.my.id"; - domains."0" = { - domain = "part-of.my.id"; - nameservers = [ - "adele.ns.cloudflare.com" - "fattouche.ns.cloudflare.com" - ]; - }; - - inherit (import { }) lib; - - domainsFolder = builtins.readDir ./domains; - domainFiles = lib.filterAttrs ( - name: type: type == "regular" && builtins.match ".*\\.nix" name != null - ) domainsFolder; - subdomains = lib.mapAttrs' ( - name: _: - let - key = builtins.replaceStrings [ ".nix" ] [ "" ] name; - in - { - name = key; - value = import (./domains + "/${name}") { inherit dns; }; - } - ) domainFiles; - in - { - packages.x86_64-linux = builtins.mapAttrs ( - _: domain: - dns.util.x86_64-linux.writeZone domain.domain ( - with dns.lib.combinators; - { - SOA = { - adminEmail = email; - nameServer = builtins.head domain.nameservers; - serial = builtins.currentTime; - }; - NS = domain.nameservers; - - # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. - - inherit subdomains; - } - ) - ) domains; + outputs = { dns, ... }: let + email = "admin@satr14.my.id"; + domains."0" = { + domain = "part-of.my.id"; + nameservers = [ + "adele.ns.cloudflare.com" + "fattouche.ns.cloudflare.com" + ]; }; -} + in { + packages.x86_64-linux = builtins.mapAttrs (_: domain: + dns.util.x86_64-linux.writeZone domain.domain ( + with dns.lib.combinators; { + SOA = { + adminEmail = email; + nameServer = builtins.head domain.nameservers; + serial = builtins.currentTime; + }; + NS = domain.nameservers; + + # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. + + #subdomains = ; + # ^^ todo: implement file imports from ./domains + } + ) + ) domains; + }; +} \ No newline at end of file From 4ca3912135b1963b44cff168652dff6c27d54f5c Mon Sep 17 00:00:00 2001 From: orangc Date: Sat, 21 Mar 2026 17:12:28 +0300 Subject: [PATCH 10/32] feat(nix): recursively import domain files via mapping --- docs/example.nix | 32 ++++++++++--- domains/_discord.colin.nix | 7 ++- domains/_discord.cutedog5695.nix | 7 ++- domains/_discord.justdeveloper.nix | 7 ++- domains/_discord.nix | 7 ++- domains/_discord.roki.nix | 7 ++- domains/batman.nix | 7 ++- domains/c.nix | 7 ++- domains/colin.nix | 7 ++- domains/cutedog5695.nix | 7 ++- domains/elkaff.nix | 7 ++- domains/j.nix | 7 ++- domains/jacob.nix | 7 ++- domains/jd.nix | 7 ++- domains/job.nix | 7 ++- domains/joel.nix | 7 ++- domains/js.nix | 7 ++- domains/just.nix | 7 ++- domains/justdev.nix | 7 ++- domains/justdeveloper.nix | 7 ++- domains/juststudio.nix | 7 ++- domains/katz.nix | 7 ++- domains/no-one-is.nix | 7 ++- domains/pxl.nix | 7 ++- domains/rchessauth.nix | 7 ++- domains/roki.nix | 7 ++- domains/satr14.nix | 7 ++- domains/stef.nix | 7 ++- domains/ukriu.nix | 7 ++- domains/you-are.nix | 7 ++- flake.nix | 74 ++++++++++++++++++------------ 31 files changed, 216 insertions(+), 93 deletions(-) diff --git a/docs/example.nix b/docs/example.nix index 5a58fe9..3229e8c 100644 --- a/docs/example.nix +++ b/docs/example.nix @@ -1,12 +1,18 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "satr14washere"; email = "admin@satr14.my.id"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ A = [ - { address = "203.0.113.1"; ttl = 60 * 60; } + { + address = "203.0.113.1"; + ttl = 60 * 60; + } "203.0.113.2" (ttl (60 * 60) (a "203.0.113.3")) ]; @@ -18,7 +24,13 @@ in with dns.lib.combinators; { MX = mx.google; TXT = [ - (with spf; strict [ "a:mail.example.com" google ]) + ( + with spf; + strict [ + "a:mail.example.com" + google + ] + ) ]; DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; @@ -48,8 +60,16 @@ in with dns.lib.combinators; { { svcPriority = 1; targetName = "."; - alpn = [ "http/1.1" "h2" "h3" ]; - ipv4hint = [ "203.0.113.1" "203.0.113.2" "203.0.113.3" ]; + alpn = [ + "http/1.1" + "h2" + "h3" + ]; + ipv4hint = [ + "203.0.113.1" + "203.0.113.2" + "203.0.113.3" + ]; ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ]; } ]; diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index e107e70..1fa5051 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "ColinLeDev"; }; description = "Discord verification"; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; } diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix index 8b6e78e..e3219d2 100644 --- a/domains/_discord.cutedog5695.nix +++ b/domains/_discord.cutedog5695.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "CuteDog5695"; email = "cutedog5695@gmail.com"; repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; } diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix index c1025bb..c2e7bcf 100644 --- a/domains/_discord.justdeveloper.nix +++ b/domains/_discord.justdeveloper.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; } diff --git a/domains/_discord.nix b/domains/_discord.nix index ee3009d..26b28cb 100644 --- a/domains/_discord.nix +++ b/domains/_discord.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "satr14washere"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; } diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix index 5b1d452..cc172c9 100644 --- a/domains/_discord.roki.nix +++ b/domains/_discord.roki.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "Roki100"; discord = "289479495444987904"; }; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; } diff --git a/domains/batman.nix b/domains/batman.nix index 0ad04bd..3233a79 100644 --- a/domains/batman.nix +++ b/domains/batman.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "shadowe1ite"; }; proxy = true; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "shadowe1ite.github.io." ]; } diff --git a/domains/c.nix b/domains/c.nix index bed0b01..f5bbed6 100644 --- a/domains/c.nix +++ b/domains/c.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "orangci"; email = "c@orangc.xyz"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/colin.nix b/domains/colin.nix index 277aba7..ed5f80e 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "ColinLeDev"; }; description = "My personal portfolio hosted on my server"; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "proxy.col1n.fr." ]; } diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix index f20329f..f25e458 100644 --- a/domains/cutedog5695.nix +++ b/domains/cutedog5695.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "CuteDog5695"; email = "cutedog5695@gmail.com"; repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/elkaff.nix b/domains/elkaff.nix index 9ead547..8009f98 100644 --- a/domains/elkaff.nix +++ b/domains/elkaff.nix @@ -1,7 +1,10 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "elkhaff"; }; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "portofolio-pixel.pages.dev." ]; } diff --git a/domains/j.nix b/domains/j.nix index 8cd38c6..f219b3f 100644 --- a/domains/j.nix +++ b/domains/j.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/jacob.nix b/domains/jacob.nix index 46839f9..3d8199c 100644 --- a/domains/jacob.nix +++ b/domains/jacob.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "jacobrdale"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "hexon404.onrender.com." ]; } diff --git a/domains/jd.nix b/domains/jd.nix index 4555867..86d1c92 100644 --- a/domains/jd.nix +++ b/domains/jd.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/job.nix b/domains/job.nix index c2623ab..7926c81 100644 --- a/domains/job.nix +++ b/domains/job.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "FWEEaaaa1"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ A = [ "128.204.223.115" ]; } diff --git a/domains/joel.nix b/domains/joel.nix index f1ad335..bb689c3 100644 --- a/domains/joel.nix +++ b/domains/joel.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "joestr"; email = "strasser999@gmail.com"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ A = [ "142.132.173.34" ]; AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; MX = [ diff --git a/domains/js.nix b/domains/js.nix index 8cd38c6..f219b3f 100644 --- a/domains/js.nix +++ b/domains/js.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/just.nix b/domains/just.nix index 4555867..86d1c92 100644 --- a/domains/just.nix +++ b/domains/just.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/justdev.nix b/domains/justdev.nix index 4555867..86d1c92 100644 --- a/domains/justdev.nix +++ b/domains/justdev.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix index 4555867..86d1c92 100644 --- a/domains/justdeveloper.nix +++ b/domains/justdeveloper.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/juststudio.nix b/domains/juststudio.nix index 8cd38c6..f219b3f 100644 --- a/domains/juststudio.nix +++ b/domains/juststudio.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/katz.nix b/domains/katz.nix index c369c96..1e444a9 100644 --- a/domains/katz.nix +++ b/domains/katz.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "Bananalolok"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ A = [ "69.197.135.205" ]; } diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix index 8fcb680..68576d5 100644 --- a/domains/no-one-is.nix +++ b/domains/no-one-is.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "EducatedSuddenBucket"; email = "me@esb.is-a.dev"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; } diff --git a/domains/pxl.nix b/domains/pxl.nix index 2b3bce0..5dcfa41 100644 --- a/domains/pxl.nix +++ b/domains/pxl.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "heypxl"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "heypxl.github.io." ]; } diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix index 6ddd4c4..1e3ac4b 100644 --- a/domains/rchessauth.nix +++ b/domains/rchessauth.nix @@ -1,8 +1,11 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "vortexprime24"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "fire.hackclub.app." ]; } diff --git a/domains/roki.nix b/domains/roki.nix index 43d30e6..de83107 100644 --- a/domains/roki.nix +++ b/domains/roki.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "Roki100"; discord = "289479495444987904"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "edge.redirect.pizza." ]; } diff --git a/domains/satr14.nix b/domains/satr14.nix index fa6e690..67fdb5c 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,7 +1,10 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "satr14washere"; }; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "5th-site.pages.dev." ]; } diff --git a/domains/stef.nix b/domains/stef.nix index 88e3870..926ab58 100644 --- a/domains/stef.nix +++ b/domains/stef.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "Stef-00012"; email = "admin@stefdp.lol"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "proxy.stefdp.lol." ]; } diff --git a/domains/ukriu.nix b/domains/ukriu.nix index bab016a..25a6db6 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -1,10 +1,13 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "ukriu"; email = "partofmyid@ukriu.com"; }; description = "my website"; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "ukriu.pages.dev." ]; } diff --git a/domains/you-are.nix b/domains/you-are.nix index 3cad0e8..22b50e6 100644 --- a/domains/you-are.nix +++ b/domains/you-are.nix @@ -1,9 +1,12 @@ -{ dns, ... }: let +{ dns, ... }: +let owner = { username = "Stef-00012"; email = "admin@stefdp.com"; }; proxy = false; -in with dns.lib.combinators; { +in +with dns.lib.combinators; +{ CNAME = [ "proxy.stefdp.com." ]; } diff --git a/flake.nix b/flake.nix index 9dd8906..b046670 100644 --- a/flake.nix +++ b/flake.nix @@ -1,33 +1,49 @@ { description = "Zone File Generator"; inputs.dns.url = "github:nix-community/dns.nix"; - - outputs = { dns, ... }: let - email = "admin@satr14.my.id"; - domains."0" = { - domain = "part-of.my.id"; - nameservers = [ - "adele.ns.cloudflare.com" - "fattouche.ns.cloudflare.com" - ]; - }; - in { - packages.x86_64-linux = builtins.mapAttrs (_: domain: - dns.util.x86_64-linux.writeZone domain.domain ( - with dns.lib.combinators; { - SOA = { - adminEmail = email; - nameServer = builtins.head domain.nameservers; - serial = builtins.currentTime; - }; - NS = domain.nameservers; - - # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. - - #subdomains = ; - # ^^ todo: implement file imports from ./domains + outputs = + { dns, ... }: + let + email = "admin@satr14.my.id"; + domains."0" = { + domain = "part-of.my.id"; + nameservers = [ + "adele.ns.cloudflare.com" + "fattouche.ns.cloudflare.com" + ]; + }; + inherit (import { }) lib; + domainsFolder = builtins.readDir ./domains; + domainFiles = lib.filterAttrs ( + name: type: type == "regular" && builtins.match ".*\\.nix" name != null + ) domainsFolder; + subdomains = lib.mapAttrs' ( + name: _: + let + key = builtins.replaceStrings [ ".nix" ] [ "" ] name; + in + { + name = key; + value = import (./domains + "/${name}") { inherit dns; }; } - ) - ) domains; - }; -} \ No newline at end of file + ) domainFiles; + in + { + packages.x86_64-linux = builtins.mapAttrs ( + _: domain: + dns.util.x86_64-linux.writeZone domain.domain ( + with dns.lib.combinators; + { + SOA = { + adminEmail = email; + nameServer = builtins.head domain.nameservers; + serial = builtins.currentTime; + }; + NS = domain.nameservers; + # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. + inherit subdomains; + } + ) + ) domains; + }; +} From be1ebe0d157fdb1756fa31ed73aef057ca131f3b Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 07:15:41 +0700 Subject: [PATCH 11/32] change nix schema --- docs/example.nix | 131 +++++---------- domains/_discord.colin.nix | 10 +- domains/_discord.cutedog5695.nix | 10 +- domains/_discord.justdeveloper.nix | 10 +- domains/_discord.nix | 10 +- domains/_discord.roki.nix | 10 +- domains/batman.nix | 10 +- domains/c.nix | 10 +- domains/colin.nix | 10 +- domains/cutedog5695.nix | 10 +- domains/elkaff.nix | 10 +- domains/j.nix | 10 +- domains/jacob.nix | 10 +- domains/jd.nix | 10 +- domains/job.nix | 10 +- domains/joel.nix | 24 ++- domains/js.nix | 10 +- domains/just.nix | 10 +- domains/justdev.nix | 10 +- domains/justdeveloper.nix | 10 +- domains/juststudio.nix | 10 +- domains/katz.nix | 10 +- domains/no-one-is.nix | 10 +- domains/pxl.nix | 10 +- domains/rchessauth.nix | 10 +- domains/roki.nix | 10 +- domains/satr14.nix | 10 +- domains/stef.nix | 10 +- domains/ukriu.nix | 10 +- domains/you-are.nix | 10 +- flake.nix | 3 +- ...{migrate-json-to-nix.py => migrate-nix.py} | 150 +++++++++--------- 32 files changed, 241 insertions(+), 347 deletions(-) rename scripts/{migrate-json-to-nix.py => migrate-nix.py} (59%) diff --git a/docs/example.nix b/docs/example.nix index 3229e8c..20cb392 100644 --- a/docs/example.nix +++ b/docs/example.nix @@ -1,98 +1,49 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "satr14washere"; email = "admin@satr14.my.id"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ - { - address = "203.0.113.1"; - ttl = 60 * 60; - } - "203.0.113.2" - (ttl (60 * 60) (a "203.0.113.3")) - ]; - - AAAA = [ - "4321:0:1:2:3:4:567:89ab" - ]; - - MX = mx.google; - - TXT = [ - ( - with spf; - strict [ - "a:mail.example.com" - google - ] - ) - ]; - - DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; - - CAA = letsEncrypt "admin@example.com"; - - SRV = [ - { - service = "sip"; - proto = "tcp"; - port = 5060; - target = "sip.example.com"; - } - ]; - - SSHFP = [ - { - algorithm = "ed25519"; - fingerprintType = "sha256"; - fingerprint = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; - } - ]; - OPENPGPKEY = [ - "very long base64 text" - ]; - HTTPS = [ - { - svcPriority = 1; - targetName = "."; - alpn = [ - "http/1.1" - "h2" - "h3" - ]; - ipv4hint = [ - "203.0.113.1" - "203.0.113.2" - "203.0.113.3" - ]; - ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ]; - } - ]; - TLSA = [ - { - certUsage = "dane-ee"; - selector = "spki"; - matchingType = "sha256"; - certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; - } - ]; - - subdomains = rec { - www.A = [ "203.0.113.4" ]; - www2 = host "203.0.113.5" "4321:0:1:2:3:4:567:89bb"; - www3 = host "203.0.113.6" null; - www4 = www3; - - staging = delegateTo [ - "ns1.another.com." - "ns2.another.com." + records = { + A = [ + { + address = "203.0.113.1"; + ttl = 60 * 60; + } + "203.0.113.2" + (ttl (60 * 60) (a "203.0.113.3")) + ]; + AAAA = [ + "4321:0:1:2:3:4:567:89ab" + ]; + MX = mx.google; + TXT = [ + ( + with spf; + strict [ + "a:mail.example.com" + google + ] + ) + ]; + CNAME = [ "example.com." ]; + DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; + CAA = letsEncrypt "admin@example.com"; + SRV = [ + { + service = "sip"; + proto = "tcp"; + port = 5060; + target = "sip.example.com"; + } + ]; + TLSA = [ + { + certUsage = "dane-ee"; + selector = "spki"; + matchingType = "sha256"; + certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; + } ]; - - foo.subdomains.www.CNAME = [ "foo.test.com." ]; }; } diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index 1fa5051..5a3fcf9 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "ColinLeDev"; }; description = "Discord verification"; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; + records = { + TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; + }; } diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix index e3219d2..053e506 100644 --- a/domains/_discord.cutedog5695.nix +++ b/domains/_discord.cutedog5695.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "CuteDog5695"; email = "cutedog5695@gmail.com"; repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; }; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; + records = { + TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; + }; } diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix index c2e7bcf..03c4efc 100644 --- a/domains/_discord.justdeveloper.nix +++ b/domains/_discord.justdeveloper.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; + records = { + TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; + }; } diff --git a/domains/_discord.nix b/domains/_discord.nix index 26b28cb..82fea5e 100644 --- a/domains/_discord.nix +++ b/domains/_discord.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "satr14washere"; }; proxy = false; -in -with dns.lib.combinators; -{ - TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; + records = { + TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; + }; } diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix index cc172c9..d87f060 100644 --- a/domains/_discord.roki.nix +++ b/domains/_discord.roki.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Roki100"; discord = "289479495444987904"; }; -in -with dns.lib.combinators; -{ - TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; + records = { + TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; + }; } diff --git a/domains/batman.nix b/domains/batman.nix index 3233a79..3f3c50e 100644 --- a/domains/batman.nix +++ b/domains/batman.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "shadowe1ite"; }; proxy = true; -in -with dns.lib.combinators; -{ - CNAME = [ "shadowe1ite.github.io." ]; + records = { + CNAME = [ "shadowe1ite.github.io." ]; + }; } diff --git a/domains/c.nix b/domains/c.nix index f5bbed6..e6dd392 100644 --- a/domains/c.nix +++ b/domains/c.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "orangci"; email = "c@orangc.xyz"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/colin.nix b/domains/colin.nix index ed5f80e..b53bbce 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "ColinLeDev"; }; description = "My personal portfolio hosted on my server"; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "proxy.col1n.fr." ]; + records = { + CNAME = [ "proxy.col1n.fr." ]; + }; } diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix index f25e458..3691ced 100644 --- a/domains/cutedog5695.nix +++ b/domains/cutedog5695.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "CuteDog5695"; email = "cutedog5695@gmail.com"; repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/elkaff.nix b/domains/elkaff.nix index 8009f98..34db15e 100644 --- a/domains/elkaff.nix +++ b/domains/elkaff.nix @@ -1,10 +1,8 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "elkhaff"; }; -in -with dns.lib.combinators; -{ - CNAME = [ "portofolio-pixel.pages.dev." ]; + records = { + CNAME = [ "portofolio-pixel.pages.dev." ]; + }; } diff --git a/domains/j.nix b/domains/j.nix index f219b3f..db44276 100644 --- a/domains/j.nix +++ b/domains/j.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/jacob.nix b/domains/jacob.nix index 3d8199c..fdba947 100644 --- a/domains/jacob.nix +++ b/domains/jacob.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "jacobrdale"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "hexon404.onrender.com." ]; + records = { + CNAME = [ "hexon404.onrender.com." ]; + }; } diff --git a/domains/jd.nix b/domains/jd.nix index 86d1c92..6fbcf5c 100644 --- a/domains/jd.nix +++ b/domains/jd.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/job.nix b/domains/job.nix index 7926c81..8051716 100644 --- a/domains/job.nix +++ b/domains/job.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "FWEEaaaa1"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ "128.204.223.115" ]; + records = { + A = [ "128.204.223.115" ]; + }; } diff --git a/domains/joel.nix b/domains/joel.nix index bb689c3..22314e4 100644 --- a/domains/joel.nix +++ b/domains/joel.nix @@ -1,19 +1,17 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "joestr"; email = "strasser999@gmail.com"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ "142.132.173.34" ]; - AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; - MX = [ - { - exchange = "achlys.infra.joestr.at."; - preference = 10; - } - ]; + records = { + A = [ "142.132.173.34" ]; + AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; + MX = [ + { + exchange = "achlys.infra.joestr.at."; + preference = 10; + } + ]; + }; } diff --git a/domains/js.nix b/domains/js.nix index f219b3f..db44276 100644 --- a/domains/js.nix +++ b/domains/js.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/just.nix b/domains/just.nix index 86d1c92..6fbcf5c 100644 --- a/domains/just.nix +++ b/domains/just.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/justdev.nix b/domains/justdev.nix index 86d1c92..6fbcf5c 100644 --- a/domains/justdev.nix +++ b/domains/justdev.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix index 86d1c92..6fbcf5c 100644 --- a/domains/justdeveloper.nix +++ b/domains/justdeveloper.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "justdeveloper@juststudio.is-a.dev"; repo = "https://github.com/JustDeveloper1/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/juststudio.nix b/domains/juststudio.nix index f219b3f..db44276 100644 --- a/domains/juststudio.nix +++ b/domains/juststudio.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "JustDeveloper1"; email = "support@juststudio.is-a.dev"; repo = "https://github.com/JustStudio7/Website"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/katz.nix b/domains/katz.nix index 1e444a9..cf78f0d 100644 --- a/domains/katz.nix +++ b/domains/katz.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Bananalolok"; }; proxy = false; -in -with dns.lib.combinators; -{ - A = [ "69.197.135.205" ]; + records = { + A = [ "69.197.135.205" ]; + }; } diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix index 68576d5..4d86e78 100644 --- a/domains/no-one-is.nix +++ b/domains/no-one-is.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "EducatedSuddenBucket"; email = "me@esb.is-a.dev"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; + records = { + CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; + }; } diff --git a/domains/pxl.nix b/domains/pxl.nix index 5dcfa41..ce8eff6 100644 --- a/domains/pxl.nix +++ b/domains/pxl.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "heypxl"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "heypxl.github.io." ]; + records = { + CNAME = [ "heypxl.github.io." ]; + }; } diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix index 1e3ac4b..9ce886d 100644 --- a/domains/rchessauth.nix +++ b/domains/rchessauth.nix @@ -1,11 +1,9 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "vortexprime24"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "fire.hackclub.app." ]; + records = { + CNAME = [ "fire.hackclub.app." ]; + }; } diff --git a/domains/roki.nix b/domains/roki.nix index de83107..cae347c 100644 --- a/domains/roki.nix +++ b/domains/roki.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Roki100"; discord = "289479495444987904"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "edge.redirect.pizza." ]; + records = { + CNAME = [ "edge.redirect.pizza." ]; + }; } diff --git a/domains/satr14.nix b/domains/satr14.nix index 67fdb5c..f9d4cc7 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,10 +1,8 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "satr14washere"; }; -in -with dns.lib.combinators; -{ - CNAME = [ "5th-site.pages.dev." ]; + records = { + CNAME = [ "5th-site.pages.dev." ]; + }; } diff --git a/domains/stef.nix b/domains/stef.nix index 926ab58..054b4c1 100644 --- a/domains/stef.nix +++ b/domains/stef.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Stef-00012"; email = "admin@stefdp.lol"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "proxy.stefdp.lol." ]; + records = { + CNAME = [ "proxy.stefdp.lol." ]; + }; } diff --git a/domains/ukriu.nix b/domains/ukriu.nix index 25a6db6..608454c 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -1,13 +1,11 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "ukriu"; email = "partofmyid@ukriu.com"; }; description = "my website"; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "ukriu.pages.dev." ]; + records = { + CNAME = [ "ukriu.pages.dev." ]; + }; } diff --git a/domains/you-are.nix b/domains/you-are.nix index 22b50e6..196d500 100644 --- a/domains/you-are.nix +++ b/domains/you-are.nix @@ -1,12 +1,10 @@ -{ dns, ... }: -let +{ dns, ... }: with dns.lib.combinators; { owner = { username = "Stef-00012"; email = "admin@stefdp.com"; }; proxy = false; -in -with dns.lib.combinators; -{ - CNAME = [ "proxy.stefdp.com." ]; + records = { + CNAME = [ "proxy.stefdp.com." ]; + }; } diff --git a/flake.nix b/flake.nix index b046670..a847a5d 100644 --- a/flake.nix +++ b/flake.nix @@ -24,7 +24,7 @@ in { name = key; - value = import (./domains + "/${name}") { inherit dns; }; + value = (import (./domains + "/${name}") { inherit dns; }).records; } ) domainFiles; in @@ -41,6 +41,7 @@ }; NS = domain.nameservers; # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are included just so that dns.nix builds a valid zone file. + CNAME = [ "website-e7n.pages.dev." ]; inherit subdomains; } ) diff --git a/scripts/migrate-json-to-nix.py b/scripts/migrate-nix.py similarity index 59% rename from scripts/migrate-json-to-nix.py rename to scripts/migrate-nix.py index b85649f..683b968 100755 --- a/scripts/migrate-json-to-nix.py +++ b/scripts/migrate-nix.py @@ -6,7 +6,7 @@ Reads each JSON domain config and generates a corresponding .nix file following the format from docs/example.nix. Usage: - python3 scripts/migrate-json-to-nix.py [--dry-run] [--delete-json] + python3 scripts/migrate-nix.py [--dry-run] [--delete-json] Options: --dry-run Print generated .nix content to stdout without writing files @@ -15,7 +15,6 @@ Options: import json import sys -import os from pathlib import Path DOMAINS_DIR = Path(__file__).resolve().parent.parent / "domains" @@ -31,37 +30,36 @@ def json_to_nix(data: dict) -> str: lines = [] - # Header - lines.append("{ dns, ... }: let") - - # Owner block - owner_lines = [] - if owner.get("username"): - owner_lines.append(f' username = "{owner["username"]}";') - if owner.get("email"): - owner_lines.append(f' email = "{owner["email"]}";') - if owner.get("discord"): - owner_lines.append(f' discord = "{owner["discord"]}";') - if owner.get("repo"): - owner_lines.append(f' repo = "{owner["repo"]}";') + # Header — no let block, just the function head with `with` + lines.append("{ dns, ... }: with dns.lib.combinators; {") + # Owner block as a top-level attribute lines.append(" owner = {") - for ol in owner_lines: - lines.append(ol) + if owner.get("username"): + lines.append(f' username = "{escape_nix_string(owner["username"])}";') + if owner.get("email"): + lines.append(f' email = "{escape_nix_string(owner["email"])}";') + if owner.get("discord"): + lines.append(f' discord = "{escape_nix_string(owner["discord"])}";') + if owner.get("repo"): + lines.append(f' repo = "{escape_nix_string(owner["repo"])}";') lines.append(" };") + # Description as a top-level attribute if description is not None: lines.append(f' description = "{escape_nix_string(description)}";') + # Proxy as a top-level attribute if proxy is not None: lines.append(f" proxy = {'true' if proxy else 'false'};") - lines.append("in with dns.lib.combinators; {") - - # Records + # Records nested under `records` record_lines = build_record_lines(record) - for rl in record_lines: - lines.append(rl) + if record_lines: + lines.append(" records = {") + for rl in record_lines: + lines.append(rl) + lines.append(" };") lines.append("}") lines.append("") @@ -78,129 +76,131 @@ def escape_nix_string(s: str) -> str: def build_record_lines(record: dict) -> list[str]: - """Build the Nix record lines from the JSON record dict.""" + """Build the Nix record lines from the JSON record dict. + + These are indented with 4 spaces since they sit inside `records = { ... };`. + """ lines = [] if "A" in record: values = record["A"] if isinstance(values, list): if len(values) == 1: - lines.append(f' A = [ "{values[0]}" ];') + lines.append(f' A = [ "{values[0]}" ];') else: - lines.append(" A = [") + lines.append(" A = [") for v in values: - lines.append(f' "{v}"') - lines.append(" ];") + lines.append(f' "{v}"') + lines.append(" ];") else: - lines.append(f' A = [ "{values}" ];') + lines.append(f' A = [ "{values}" ];') if "AAAA" in record: values = record["AAAA"] if isinstance(values, list): if len(values) == 1: - lines.append(f' AAAA = [ "{values[0]}" ];') + lines.append(f' AAAA = [ "{values[0]}" ];') else: - lines.append(" AAAA = [") + lines.append(" AAAA = [") for v in values: - lines.append(f' "{v}"') - lines.append(" ];") + lines.append(f' "{v}"') + lines.append(" ];") else: - lines.append(f' AAAA = [ "{values}" ];') + lines.append(f' AAAA = [ "{values}" ];') if "CNAME" in record: value = record["CNAME"] if isinstance(value, list): value = value[0] - lines.append(f' CNAME = [ "{value}." ];') + lines.append(f' CNAME = [ "{ensure_fqdn(value)}" ];') if "ALIAS" in record: value = record["ALIAS"] if isinstance(value, list): value = value[0] # ALIAS is typically handled as CNAME in dns.nix - lines.append(f' CNAME = [ "{value}." ];') + lines.append(f' CNAME = [ "{ensure_fqdn(value)}" ];') if "MX" in record: values = record["MX"] if isinstance(values, list): - lines.append(" MX = [") + lines.append(" MX = [") for i, v in enumerate(values): - # MX records need priority; default to (i+1)*10 priority = (i + 1) * 10 - lines.append(" {") - lines.append(f' exchange = "{ensure_fqdn(v)}";') - lines.append(f" preference = {priority};") - lines.append(" }") - lines.append(" ];") + lines.append(" {") + lines.append(f' exchange = "{ensure_fqdn(v)}";') + lines.append(f" preference = {priority};") + lines.append(" }") + lines.append(" ];") else: - lines.append(" MX = [") - lines.append(" {") - lines.append(f' exchange = "{ensure_fqdn(values)}";') - lines.append(" preference = 10;") - lines.append(" }") - lines.append(" ];") + lines.append(" MX = [") + lines.append(" {") + lines.append(f' exchange = "{ensure_fqdn(values)}";') + lines.append(" preference = 10;") + lines.append(" }") + lines.append(" ];") if "TXT" in record: values = record["TXT"] if isinstance(values, list): if len(values) == 1: - lines.append(f' TXT = [ "{escape_nix_string(values[0])}" ];') + lines.append(f' TXT = [ "{escape_nix_string(values[0])}" ];') else: - lines.append(" TXT = [") + lines.append(" TXT = [") for v in values: - lines.append(f' "{escape_nix_string(v)}"') - lines.append(" ];") + lines.append(f' "{escape_nix_string(v)}"') + lines.append(" ];") else: - lines.append(f' TXT = [ "{escape_nix_string(values)}" ];') + lines.append(f' TXT = [ "{escape_nix_string(values)}" ];') if "NS" in record: values = record["NS"] if isinstance(values, list): if len(values) == 1: - lines.append(f' NS = [ "{ensure_fqdn(values[0])}" ];') + lines.append(f' NS = [ "{ensure_fqdn(values[0])}" ];') else: - lines.append(" NS = [") + lines.append(" NS = [") for v in values: - lines.append(f' "{ensure_fqdn(v)}"') - lines.append(" ];") + lines.append(f' "{ensure_fqdn(v)}"') + lines.append(" ];") else: - lines.append(f' NS = [ "{ensure_fqdn(values)}" ];') + lines.append(f' NS = [ "{ensure_fqdn(values)}" ];') if "SRV" in record: values = record["SRV"] if isinstance(values, list): - lines.append(" SRV = [") + lines.append(" SRV = [") for srv in values: - lines.append(" {") + lines.append(" {") if "service" in srv: - lines.append(f' service = "{srv["service"]}";') + lines.append(f' service = "{srv["service"]}";') if "proto" in srv: - lines.append(f' proto = "{srv["proto"]}";') + lines.append(f' proto = "{srv["proto"]}";') if "port" in srv: - lines.append(f" port = {srv['port']};") + lines.append(f" port = {srv['port']};") if "priority" in srv: - lines.append(f" priority = {srv['priority']};") + lines.append(f" priority = {srv['priority']};") if "weight" in srv: - lines.append(f" weight = {srv['weight']};") + lines.append(f" weight = {srv['weight']};") if "target" in srv: - lines.append(f' target = "{ensure_fqdn(srv["target"])}";') - lines.append(" }") - lines.append(" ];") + lines.append(f' target = "{ensure_fqdn(srv["target"])}";') + lines.append(" }") + lines.append(" ];") if "CAA" in record: values = record["CAA"] if isinstance(values, list): - lines.append(" CAA = [") + lines.append(" CAA = [") for caa in values: - lines.append(" {") + lines.append(" {") if "flags" in caa: - lines.append(f" flags = {caa['flags']};") + lines.append(f" flags = {caa['flags']};") if "tag" in caa: - lines.append(f' tag = "{caa["tag"]}";') + lines.append(f' tag = "{caa["tag"]}";') if "value" in caa: - lines.append(f' value = "{escape_nix_string(caa["value"])}";') - lines.append(" }") - lines.append(" ];") + lines.append(f' value = "{escape_nix_string(caa["value"])}";') + lines.append(" }") + lines.append(" ];") return lines From de22d7bd14b1b0c669f16c67365a322d4e546eaa Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 07:15:54 +0700 Subject: [PATCH 12/32] zone comparison helpers --- .gitignore | 6 +- scripts/compare-zones.sh | 200 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 205 insertions(+), 1 deletion(-) create mode 100755 scripts/compare-zones.sh diff --git a/.gitignore b/.gitignore index 0ff973d..770061e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,7 @@ +# DNSControl files creds.json types-dnscontrol.d.ts -result \ No newline at end of file + +# Zone files +result +part-of.my.id.txt \ No newline at end of file diff --git a/scripts/compare-zones.sh b/scripts/compare-zones.sh new file mode 100755 index 0000000..8e93292 --- /dev/null +++ b/scripts/compare-zones.sh @@ -0,0 +1,200 @@ +#!/usr/bin/env bash +# +# compare-zones.sh — Compare a Cloudflare zone export against a nix-built zone file +# +# Usage: +# ./scripts/compare-zones.sh [nix-result] +# +# Arguments: +# cloudflare-export.txt Path to the Cloudflare zone export (BIND format) +# nix-result Path to the nix-built zone file (default: ./result) +# +# Examples: +# ./scripts/compare-zones.sh part-of.my.id.txt +# ./scripts/compare-zones.sh part-of.my.id.txt result +# nix build .#0 && ./scripts/compare-zones.sh part-of.my.id.txt result + +set -euo pipefail + +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[0;33m' +CYAN='\033[0;36m' +BOLD='\033[1m' +RESET='\033[0m' + +usage() { + echo "Usage: $0 [nix-result]" + echo "" + echo "Compare a Cloudflare zone export against a nix-built zone file." + echo "" + echo "Arguments:" + echo " cloudflare-export.txt Path to the Cloudflare BIND zone export" + echo " nix-result Path to the nix-built zone file (default: ./result)" + exit 1 +} + +if [[ $# -lt 1 ]]; then + usage +fi + +CF_EXPORT="$1" +NIX_RESULT="${2:-./result}" + +if [[ ! -f "$CF_EXPORT" ]]; then + echo -e "${RED}Error:${RESET} Cloudflare export not found: $CF_EXPORT" + exit 1 +fi + +if [[ ! -e "$NIX_RESULT" ]]; then + echo -e "${RED}Error:${RESET} Nix result not found: $NIX_RESULT" + echo "Hint: run 'nix build .#0' first" + exit 1 +fi + +# If result is a symlink (nix build output), resolve it +if [[ -L "$NIX_RESULT" ]]; then + NIX_RESULT="$(readlink -f "$NIX_RESULT")" +fi + +TMPDIR="$(mktemp -d)" +trap 'rm -rf "$TMPDIR"' EXIT + +# normalize_zone +# +# Extracts resource records (A, AAAA, CNAME, MX, TXT, SRV, CAA, NS, SOA), +# strips comments, normalizes whitespace and TTLs, and sorts. +normalize_zone() { + local input="$1" + local output="$2" + + # 1. Remove comment-only lines and blank lines + # 2. Strip inline comments ("; ...") + # 3. Collapse whitespace + # 4. Normalize: (drop TTL) + # 5. Ensure FQDNs on NS/CNAME/MX targets end with a dot + # 6. Sort for stable comparison + grep -E '^\S+' "$input" \ + | grep -v '^\s*;' \ + | grep -v '^\s*$' \ + | grep -v '^\$' \ + | sed 's/\s*;.*$//' \ + | sed 's/\t\+/ /g; s/ \+/ /g' \ + | awk ' + { + # Expected formats after cleanup: + # name TTL IN TYPE rdata... + # name IN TYPE rdata... + # + # We want to output: name TYPE rdata... + + name = $1 + idx = 2 + + # Skip TTL if present (a number) + if ($idx ~ /^[0-9]+$/) idx++ + + # Skip class (IN, CS, CH, HS) + if (toupper($idx) == "IN" || toupper($idx) == "CS" || toupper($idx) == "CH" || toupper($idx) == "HS") idx++ + + rtype = toupper($idx) + idx++ + + # Skip SOA — it will always differ (serial, timers) + if (rtype == "SOA") next + + rdata = "" + for (i = idx; i <= NF; i++) { + val = $i + # Ensure trailing dot on targets for NS, CNAME, MX (last field) + if ((rtype == "NS" || rtype == "CNAME") && i == idx) { + if (val !~ /\.$/) val = val "." + } + if (rtype == "MX" && i == NF) { + if (val !~ /\.$/) val = val "." + } + if (rdata != "") rdata = rdata " " + rdata = rdata val + } + + print name " " rtype " " rdata + } + ' \ + | sort > "$output" +} + +echo -e "${BOLD}Comparing zones${RESET}" +echo -e " Cloudflare export: ${CYAN}$CF_EXPORT${RESET}" +echo -e " Nix result: ${CYAN}$NIX_RESULT${RESET}" +echo "" + +normalize_zone "$CF_EXPORT" "$TMPDIR/cf.norm" +normalize_zone "$NIX_RESULT" "$TMPDIR/nix.norm" + +CF_COUNT=$(wc -l < "$TMPDIR/cf.norm") +NIX_COUNT=$(wc -l < "$TMPDIR/nix.norm") + +echo -e " Cloudflare records: ${BOLD}$CF_COUNT${RESET} (excluding SOA)" +echo -e " Nix records: ${BOLD}$NIX_COUNT${RESET} (excluding SOA)" +echo "" + +# Compute differences +# Lines only in Cloudflare = missing from nix +# Lines only in nix = extra in nix +comm -23 "$TMPDIR/cf.norm" "$TMPDIR/nix.norm" > "$TMPDIR/only-cf.txt" +comm -13 "$TMPDIR/cf.norm" "$TMPDIR/nix.norm" > "$TMPDIR/only-nix.txt" +comm -12 "$TMPDIR/cf.norm" "$TMPDIR/nix.norm" > "$TMPDIR/matching.txt" + +MATCH_COUNT=$(wc -l < "$TMPDIR/matching.txt") +ONLY_CF_COUNT=$(wc -l < "$TMPDIR/only-cf.txt") +ONLY_NIX_COUNT=$(wc -l < "$TMPDIR/only-nix.txt") + +echo -e "${BOLD}Results${RESET}" +echo -e " ${GREEN}✓ Matching:${RESET} $MATCH_COUNT" +echo -e " ${RED}✗ Only in Cloudflare:${RESET} $ONLY_CF_COUNT (missing from nix build)" +echo -e " ${YELLOW}+ Only in Nix:${RESET} $ONLY_NIX_COUNT (extra in nix build)" +echo "" + +if [[ "$ONLY_CF_COUNT" -gt 0 ]]; then + echo -e "${RED}${BOLD}Records only in Cloudflare (missing from nix):${RESET}" + while IFS= read -r line; do + echo -e " ${RED}-${RESET} $line" + done < "$TMPDIR/only-cf.txt" + echo "" +fi + +if [[ "$ONLY_NIX_COUNT" -gt 0 ]]; then + echo -e "${YELLOW}${BOLD}Records only in Nix (not in Cloudflare):${RESET}" + while IFS= read -r line; do + echo -e " ${YELLOW}+${RESET} $line" + done < "$TMPDIR/only-nix.txt" + echo "" +fi + +if [[ "$ONLY_CF_COUNT" -eq 0 && "$ONLY_NIX_COUNT" -eq 0 ]]; then + echo -e "${GREEN}${BOLD}✓ Zones are identical!${RESET}" + exit 0 +else + # Show a unified-style diff for a quick overview + echo -e "${BOLD}Diff (unified):${RESET}" + diff -u \ + --label "cloudflare" "$TMPDIR/cf.norm" \ + --label "nix" "$TMPDIR/nix.norm" \ + | head -80 || true + echo "" + + # Summarize by record type + echo -e "${BOLD}Summary by record type:${RESET}" + echo -e " ${BOLD}Type CF-only Nix-only Matching${RESET}" + { + cat "$TMPDIR/only-cf.txt" "$TMPDIR/only-nix.txt" "$TMPDIR/matching.txt" + } | awk '{print $2}' | sort -u | while read -r rtype; do + cf_only=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/only-cf.txt" || true) + nix_only=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/only-nix.txt" || true) + matching=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/matching.txt" || true) + printf " %-6s %7d %8d %8d\n" "$rtype" "$cf_only" "$nix_only" "$matching" + done + echo "" + + exit 1 +fi \ No newline at end of file From f1c21760a50f8088775e08ae540101be16dbcb35 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 07:27:32 +0700 Subject: [PATCH 13/32] make generic --- .gitignore | 2 +- scripts/compare-zones.sh | 148 +++++++++++++++++++-------------------- 2 files changed, 75 insertions(+), 75 deletions(-) diff --git a/.gitignore b/.gitignore index 770061e..83e780f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,5 @@ creds.json types-dnscontrol.d.ts # Zone files -result +result* part-of.my.id.txt \ No newline at end of file diff --git a/scripts/compare-zones.sh b/scripts/compare-zones.sh index 8e93292..4bf234f 100755 --- a/scripts/compare-zones.sh +++ b/scripts/compare-zones.sh @@ -1,18 +1,16 @@ #!/usr/bin/env bash # -# compare-zones.sh — Compare a Cloudflare zone export against a nix-built zone file +# compare-zones.sh — Compare two BIND-format zone files +# +# Normalizes both files (strips comments, TTLs, SOA records, and whitespace +# differences) then performs a record-by-record comparison. # # Usage: -# ./scripts/compare-zones.sh [nix-result] -# -# Arguments: -# cloudflare-export.txt Path to the Cloudflare zone export (BIND format) -# nix-result Path to the nix-built zone file (default: ./result) +# ./scripts/compare-zones.sh # # Examples: -# ./scripts/compare-zones.sh part-of.my.id.txt +# ./scripts/compare-zones.sh expected.zone generated.zone # ./scripts/compare-zones.sh part-of.my.id.txt result -# nix build .#0 && ./scripts/compare-zones.sh part-of.my.id.txt result set -euo pipefail @@ -24,56 +22,57 @@ BOLD='\033[1m' RESET='\033[0m' usage() { - echo "Usage: $0 [nix-result]" + echo "Usage: $0 " echo "" - echo "Compare a Cloudflare zone export against a nix-built zone file." + echo "Compare two BIND-format zone files." echo "" echo "Arguments:" - echo " cloudflare-export.txt Path to the Cloudflare BIND zone export" - echo " nix-result Path to the nix-built zone file (default: ./result)" + echo " zone-file-a Path to the first zone file" + echo " zone-file-b Path to the second zone file" exit 1 } -if [[ $# -lt 1 ]]; then +if [[ $# -lt 2 ]]; then usage fi -CF_EXPORT="$1" -NIX_RESULT="${2:-./result}" +FILE_A="$1" +FILE_B="$2" -if [[ ! -f "$CF_EXPORT" ]]; then - echo -e "${RED}Error:${RESET} Cloudflare export not found: $CF_EXPORT" - exit 1 -fi +for f in "$FILE_A" "$FILE_B"; do + resolved="$f" + # Resolve symlinks (e.g. nix store results) + if [[ -L "$resolved" ]]; then + resolved="$(readlink -f "$resolved")" + fi + if [[ ! -f "$resolved" ]]; then + echo -e "${RED}Error:${RESET} File not found: $f" + exit 1 + fi +done -if [[ ! -e "$NIX_RESULT" ]]; then - echo -e "${RED}Error:${RESET} Nix result not found: $NIX_RESULT" - echo "Hint: run 'nix build .#0' first" - exit 1 -fi - -# If result is a symlink (nix build output), resolve it -if [[ -L "$NIX_RESULT" ]]; then - NIX_RESULT="$(readlink -f "$NIX_RESULT")" -fi +# Resolve symlinks for display +RESOLVED_A="$FILE_A" +RESOLVED_B="$FILE_B" +[[ -L "$FILE_A" ]] && RESOLVED_A="$(readlink -f "$FILE_A")" +[[ -L "$FILE_B" ]] && RESOLVED_B="$(readlink -f "$FILE_B")" TMPDIR="$(mktemp -d)" trap 'rm -rf "$TMPDIR"' EXIT # normalize_zone # -# Extracts resource records (A, AAAA, CNAME, MX, TXT, SRV, CAA, NS, SOA), -# strips comments, normalizes whitespace and TTLs, and sorts. +# Extracts resource records, strips comments, normalizes whitespace and TTLs, +# ensures FQDNs have trailing dots, skips SOA (which always differs), and sorts. normalize_zone() { local input="$1" local output="$2" - # 1. Remove comment-only lines and blank lines - # 2. Strip inline comments ("; ...") - # 3. Collapse whitespace - # 4. Normalize: (drop TTL) - # 5. Ensure FQDNs on NS/CNAME/MX targets end with a dot - # 6. Sort for stable comparison + # Resolve symlinks + if [[ -L "$input" ]]; then + input="$(readlink -f "$input")" + fi + grep -E '^\S+' "$input" \ | grep -v '^\s*;' \ | grep -v '^\s*$' \ @@ -86,7 +85,7 @@ normalize_zone() { # name TTL IN TYPE rdata... # name IN TYPE rdata... # - # We want to output: name TYPE rdata... + # We output: name TYPE rdata... name = $1 idx = 2 @@ -100,13 +99,13 @@ normalize_zone() { rtype = toupper($idx) idx++ - # Skip SOA — it will always differ (serial, timers) + # Skip SOA — serial and timers will always differ if (rtype == "SOA") next rdata = "" for (i = idx; i <= NF; i++) { val = $i - # Ensure trailing dot on targets for NS, CNAME, MX (last field) + # Ensure trailing dot on targets for NS, CNAME, MX if ((rtype == "NS" || rtype == "CNAME") && i == idx) { if (val !~ /\.$/) val = val "." } @@ -123,76 +122,77 @@ normalize_zone() { | sort > "$output" } +LABEL_A="$(basename "$FILE_A")" +LABEL_B="$(basename "$FILE_B")" + echo -e "${BOLD}Comparing zones${RESET}" -echo -e " Cloudflare export: ${CYAN}$CF_EXPORT${RESET}" -echo -e " Nix result: ${CYAN}$NIX_RESULT${RESET}" +echo -e " A: ${CYAN}${RESOLVED_A}${RESET}" +echo -e " B: ${CYAN}${RESOLVED_B}${RESET}" echo "" -normalize_zone "$CF_EXPORT" "$TMPDIR/cf.norm" -normalize_zone "$NIX_RESULT" "$TMPDIR/nix.norm" +normalize_zone "$FILE_A" "$TMPDIR/a.norm" +normalize_zone "$FILE_B" "$TMPDIR/b.norm" -CF_COUNT=$(wc -l < "$TMPDIR/cf.norm") -NIX_COUNT=$(wc -l < "$TMPDIR/nix.norm") +COUNT_A=$(wc -l < "$TMPDIR/a.norm") +COUNT_B=$(wc -l < "$TMPDIR/b.norm") -echo -e " Cloudflare records: ${BOLD}$CF_COUNT${RESET} (excluding SOA)" -echo -e " Nix records: ${BOLD}$NIX_COUNT${RESET} (excluding SOA)" +echo -e " A records: ${BOLD}$COUNT_A${RESET} (excluding SOA)" +echo -e " B records: ${BOLD}$COUNT_B${RESET} (excluding SOA)" echo "" # Compute differences -# Lines only in Cloudflare = missing from nix -# Lines only in nix = extra in nix -comm -23 "$TMPDIR/cf.norm" "$TMPDIR/nix.norm" > "$TMPDIR/only-cf.txt" -comm -13 "$TMPDIR/cf.norm" "$TMPDIR/nix.norm" > "$TMPDIR/only-nix.txt" -comm -12 "$TMPDIR/cf.norm" "$TMPDIR/nix.norm" > "$TMPDIR/matching.txt" +comm -23 "$TMPDIR/a.norm" "$TMPDIR/b.norm" > "$TMPDIR/only-a.txt" +comm -13 "$TMPDIR/a.norm" "$TMPDIR/b.norm" > "$TMPDIR/only-b.txt" +comm -12 "$TMPDIR/a.norm" "$TMPDIR/b.norm" > "$TMPDIR/matching.txt" MATCH_COUNT=$(wc -l < "$TMPDIR/matching.txt") -ONLY_CF_COUNT=$(wc -l < "$TMPDIR/only-cf.txt") -ONLY_NIX_COUNT=$(wc -l < "$TMPDIR/only-nix.txt") +ONLY_A_COUNT=$(wc -l < "$TMPDIR/only-a.txt") +ONLY_B_COUNT=$(wc -l < "$TMPDIR/only-b.txt") echo -e "${BOLD}Results${RESET}" -echo -e " ${GREEN}✓ Matching:${RESET} $MATCH_COUNT" -echo -e " ${RED}✗ Only in Cloudflare:${RESET} $ONLY_CF_COUNT (missing from nix build)" -echo -e " ${YELLOW}+ Only in Nix:${RESET} $ONLY_NIX_COUNT (extra in nix build)" +echo -e " ${GREEN}✓ Matching:${RESET} $MATCH_COUNT" +echo -e " ${RED}✗ Only in A:${RESET} $ONLY_A_COUNT" +echo -e " ${YELLOW}+ Only in B:${RESET} $ONLY_B_COUNT" echo "" -if [[ "$ONLY_CF_COUNT" -gt 0 ]]; then - echo -e "${RED}${BOLD}Records only in Cloudflare (missing from nix):${RESET}" +if [[ "$ONLY_A_COUNT" -gt 0 ]]; then + echo -e "${RED}${BOLD}Records only in A (${LABEL_A}):${RESET}" while IFS= read -r line; do echo -e " ${RED}-${RESET} $line" - done < "$TMPDIR/only-cf.txt" + done < "$TMPDIR/only-a.txt" echo "" fi -if [[ "$ONLY_NIX_COUNT" -gt 0 ]]; then - echo -e "${YELLOW}${BOLD}Records only in Nix (not in Cloudflare):${RESET}" +if [[ "$ONLY_B_COUNT" -gt 0 ]]; then + echo -e "${YELLOW}${BOLD}Records only in B (${LABEL_B}):${RESET}" while IFS= read -r line; do echo -e " ${YELLOW}+${RESET} $line" - done < "$TMPDIR/only-nix.txt" + done < "$TMPDIR/only-b.txt" echo "" fi -if [[ "$ONLY_CF_COUNT" -eq 0 && "$ONLY_NIX_COUNT" -eq 0 ]]; then +if [[ "$ONLY_A_COUNT" -eq 0 && "$ONLY_B_COUNT" -eq 0 ]]; then echo -e "${GREEN}${BOLD}✓ Zones are identical!${RESET}" exit 0 else - # Show a unified-style diff for a quick overview + # Unified diff echo -e "${BOLD}Diff (unified):${RESET}" diff -u \ - --label "cloudflare" "$TMPDIR/cf.norm" \ - --label "nix" "$TMPDIR/nix.norm" \ + --label "$LABEL_A" "$TMPDIR/a.norm" \ + --label "$LABEL_B" "$TMPDIR/b.norm" \ | head -80 || true echo "" - # Summarize by record type + # Summary by record type echo -e "${BOLD}Summary by record type:${RESET}" - echo -e " ${BOLD}Type CF-only Nix-only Matching${RESET}" + echo -e " ${BOLD}Type A-only B-only Matching${RESET}" { - cat "$TMPDIR/only-cf.txt" "$TMPDIR/only-nix.txt" "$TMPDIR/matching.txt" + cat "$TMPDIR/only-a.txt" "$TMPDIR/only-b.txt" "$TMPDIR/matching.txt" } | awk '{print $2}' | sort -u | while read -r rtype; do - cf_only=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/only-cf.txt" || true) - nix_only=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/only-nix.txt" || true) + a_only=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/only-a.txt" || true) + b_only=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/only-b.txt" || true) matching=$(grep -c "^[^ ]* ${rtype} " "$TMPDIR/matching.txt" || true) - printf " %-6s %7d %8d %8d\n" "$rtype" "$cf_only" "$nix_only" "$matching" + printf " %-6s %6d %6d %8d\n" "$rtype" "$a_only" "$b_only" "$matching" done echo "" From a1720f8400d435eeadb6d9d65023d361edce22c5 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 08:08:03 +0700 Subject: [PATCH 14/32] remove description from the domains --- domains/_discord.colin.nix | 1 - domains/colin.nix | 1 - domains/ukriu.nix | 1 - 3 files changed, 3 deletions(-) diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index 5a3fcf9..3ef69b9 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -2,7 +2,6 @@ owner = { username = "ColinLeDev"; }; - description = "Discord verification"; proxy = false; records = { TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; diff --git a/domains/colin.nix b/domains/colin.nix index b53bbce..e04a8a7 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -2,7 +2,6 @@ owner = { username = "ColinLeDev"; }; - description = "My personal portfolio hosted on my server"; proxy = false; records = { CNAME = [ "proxy.col1n.fr." ]; diff --git a/domains/ukriu.nix b/domains/ukriu.nix index 608454c..edea7cd 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -3,7 +3,6 @@ username = "ukriu"; email = "partofmyid@ukriu.com"; }; - description = "my website"; proxy = false; records = { CNAME = [ "ukriu.pages.dev." ]; From 42f6c415b66643c197d5d5cde3214fb3bec1e441 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 12:43:32 +0700 Subject: [PATCH 15/32] remove apex deploy --- scripts/deploy-apex.sh | 42 ------------------------------------------ 1 file changed, 42 deletions(-) delete mode 100644 scripts/deploy-apex.sh diff --git a/scripts/deploy-apex.sh b/scripts/deploy-apex.sh deleted file mode 100644 index c2ad7a1..0000000 --- a/scripts/deploy-apex.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# script to deploy the APEX domain to Cloudflare with CNAME flattening - -set -euo pipefail - -ZONE_ID="${CF_ZONE_ID:?}" -TOKEN="${CF_API_TOKEN:?}" -TARGET="website-e7n.pages.dev" - -EXISTING=$(curl -s \ - "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records?type=CNAME&name=@" \ - -H "Authorization: Bearer ${TOKEN}" \ - | jq -r '.result[0] // empty') - -EXISTING_CONTENT=$(echo "$EXISTING" | jq -r '.content // empty') -EXISTING_ID=$(echo "$EXISTING" | jq -r '.id // empty') - -if [[ "$EXISTING_CONTENT" == "$TARGET" ]]; then - echo "Apex CNAME unchanged, skipping." - exit 0 -fi - -if [[ -z "$EXISTING_ID" ]]; then - echo "No apex CNAME found, creating..." - METHOD="POST" - URL="https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records" -else - echo "Apex CNAME changed ($EXISTING_CONTENT → $TARGET), updating..." - METHOD="PUT" - URL="https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${EXISTING_ID}" -fi - -curl -s -X "$METHOD" "$URL" \ - -H "Authorization: Bearer ${TOKEN}" \ - -H "Content-Type: application/json" \ - --data "{ - \"type\": \"CNAME\", - \"name\": \"@\", - \"content\": \"${TARGET}\", - \"proxied\": true - }" | jq -e '.success' \ No newline at end of file From 550ca5228cb706c6d6709222041bd99bef115166 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Sun, 22 Mar 2026 12:43:47 +0700 Subject: [PATCH 16/32] change schema final --- docs/example.nix | 99 ++++--- domains/_discord.colin.nix | 13 +- domains/_discord.cutedog5695.nix | 16 +- domains/_discord.justdeveloper.nix | 16 +- domains/_discord.nix | 12 +- domains/_discord.roki.nix | 12 +- domains/batman.nix | 12 +- domains/c.nix | 14 +- domains/colin.nix | 13 +- domains/cutedog5695.nix | 16 +- domains/elkaff.nix | 10 +- domains/j.nix | 16 +- domains/jacob.nix | 12 +- domains/jd.nix | 16 +- domains/job.nix | 12 +- domains/joel.nix | 16 +- domains/js.nix | 16 +- domains/just.nix | 16 +- domains/justdev.nix | 16 +- domains/justdeveloper.nix | 16 +- domains/juststudio.nix | 16 +- domains/katz.nix | 12 +- domains/no-one-is.nix | 14 +- domains/pxl.nix | 12 +- domains/rchessauth.nix | 12 +- domains/roki.nix | 14 +- domains/satr14.nix | 10 +- domains/stef.nix | 14 +- domains/ukriu.nix | 15 +- domains/you-are.nix | 14 +- scripts/migrate-nix.py | 398 ++++++++++++++--------------- 31 files changed, 487 insertions(+), 413 deletions(-) diff --git a/docs/example.nix b/docs/example.nix index 20cb392..31378e9 100644 --- a/docs/example.nix +++ b/docs/example.nix @@ -1,49 +1,76 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "satr14washere"; - email = "admin@satr14.my.id"; +{ dns, ... }: { + metadata = { + description = "Example domain configuration for dns.nix"; # optional, description of use + proxy = false; # optional, defaults to false. proxy through Cloudflare + owner = { # add extra contacts if needed + username = "satr14washere"; # required, github username + email = "admin@satr14.my.id"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { # full list of records supported: https://github.com/nix-community/dns.nix/tree/master/dns/types/records + # dns.lib.combinators is optional but provides a lot of useful shortcuts: + # https://github.com/nix-community/dns.nix/blob/master/dns/combinators.nix + A = [ - { - address = "203.0.113.1"; - ttl = 60 * 60; - } - "203.0.113.2" - (ttl (60 * 60) (a "203.0.113.3")) + "203.0.113.50" + "198.51.100.50" + + # or: + + { address = "203.0.113.50"; ttl = 60 * 60; } # TTL is optional + { address = "198.51.100.50"; ttl = 60 * 60; } + + # using dns.lib.combinators: + + (ttl (60 * 60) (a "203.0.113.50")) # standalone A record + (ttl (60 * 60) (a "2198.51.100.50")) # record with TTL ]; - AAAA = [ - "4321:0:1:2:3:4:567:89ab" + + AAAA = [ # mostly same as above + "2001:db8::1" + "2001:db8::2" + + # or: + + { address = "2001:db8::1"; ttl = 60 * 60; } + { address = "2001:db8::2"; ttl = 60 * 60; } + + # using dns.lib.combinators: + + (ttl (60 * 60) (aaaa "2001:db8::1")) + (ttl (60 * 60) (aaaa "2001:db8::2")) ]; - MX = mx.google; + TXT = [ - ( - with spf; - strict [ - "a:mail.example.com" - google - ] - ) + "v=spf1 include:mailgun.org ~all" + "dh=some-long-random-string" ]; - CNAME = [ "example.com." ]; - DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ]; - CAA = letsEncrypt "admin@example.com"; - SRV = [ + + MX = [ { - service = "sip"; - proto = "tcp"; - port = 5060; - target = "sip.example.com"; + preference = 10; + exchange = "mail.protonmail.ch."; } - ]; - TLSA = [ { - certUsage = "dane-ee"; - selector = "spki"; - matchingType = "sha256"; - certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA"; + preference = 20; + exchange = "mailsec.protonmail.ch."; } + + # using dns.lib.combinators: + + (mx.mx 10 "mail.protonmail.ch.") + (mx.mx 20 "mailsec.protonmail.ch.") ]; + + # a few notes about CNAME records: + # - value must end with a dot (.) + # - cannot coexist with other record types (e.g. A, AAAA, MX) for the same subdomain + # - can only be one despite being a list (this example defined multiple only for demonstrating valid values) + CNAME = [ + "edge.redirect.pizza." + "username.github.io." + "site.pages.dev." + ]; + }; } diff --git a/domains/_discord.colin.nix b/domains/_discord.colin.nix index 3ef69b9..f6f4a78 100644 --- a/domains/_discord.colin.nix +++ b/domains/_discord.colin.nix @@ -1,9 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "ColinLeDev"; +{ dns, ... }: { + metadata = { + description = "Discord verification"; + proxy = false; + owner = { + username = "ColinLeDev"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { TXT = [ "dh=279643a6f8677dedb1c5c63d007fc4516149679c" ]; }; } diff --git a/domains/_discord.cutedog5695.nix b/domains/_discord.cutedog5695.nix index 053e506..6b41ac4 100644 --- a/domains/_discord.cutedog5695.nix +++ b/domains/_discord.cutedog5695.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "CuteDog5695"; - email = "cutedog5695@gmail.com"; - repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "CuteDog5695"; + email = "cutedog5695@gmail.com"; + repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { TXT = [ "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" ]; }; } diff --git a/domains/_discord.justdeveloper.nix b/domains/_discord.justdeveloper.nix index 03c4efc..ceae91a 100644 --- a/domains/_discord.justdeveloper.nix +++ b/domains/_discord.justdeveloper.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { TXT = [ "dh=6024027bc233825451e290ac37a4b4a1f838ee70" ]; }; } diff --git a/domains/_discord.nix b/domains/_discord.nix index 82fea5e..efcc1e7 100644 --- a/domains/_discord.nix +++ b/domains/_discord.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "satr14washere"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "satr14washere"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { TXT = [ "dh=d509fc9014e196311ed887c2e410cdefa833436e" ]; }; } diff --git a/domains/_discord.roki.nix b/domains/_discord.roki.nix index d87f060..bb55110 100644 --- a/domains/_discord.roki.nix +++ b/domains/_discord.roki.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "Roki100"; - discord = "289479495444987904"; +{ dns, ... }: { + metadata = { + owner = { + username = "Roki100"; + discord = "289479495444987904"; + }; }; - records = { + records = with dns.lib.combinators; { TXT = [ "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" ]; }; } diff --git a/domains/batman.nix b/domains/batman.nix index 3f3c50e..b3683bb 100644 --- a/domains/batman.nix +++ b/domains/batman.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "shadowe1ite"; +{ dns, ... }: { + metadata = { + proxy = true; + owner = { + username = "shadowe1ite"; + }; }; - proxy = true; - records = { + records = with dns.lib.combinators; { CNAME = [ "shadowe1ite.github.io." ]; }; } diff --git a/domains/c.nix b/domains/c.nix index e6dd392..c56ef7a 100644 --- a/domains/c.nix +++ b/domains/c.nix @@ -1,10 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "orangci"; - email = "c@orangc.xyz"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "orangci"; + email = "c@orangc.xyz"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/colin.nix b/domains/colin.nix index e04a8a7..9bcb1c3 100644 --- a/domains/colin.nix +++ b/domains/colin.nix @@ -1,9 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "ColinLeDev"; +{ dns, ... }: { + metadata = { + description = "My personal portfolio hosted on my server"; + proxy = false; + owner = { + username = "ColinLeDev"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "proxy.col1n.fr." ]; }; } diff --git a/domains/cutedog5695.nix b/domains/cutedog5695.nix index 3691ced..be93952 100644 --- a/domains/cutedog5695.nix +++ b/domains/cutedog5695.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "CuteDog5695"; - email = "cutedog5695@gmail.com"; - repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "CuteDog5695"; + email = "cutedog5695@gmail.com"; + repo = "https://github.com/CuteDog5695/cutedog5695.github.io"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/elkaff.nix b/domains/elkaff.nix index 34db15e..682bf6e 100644 --- a/domains/elkaff.nix +++ b/domains/elkaff.nix @@ -1,8 +1,10 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "elkhaff"; +{ dns, ... }: { + metadata = { + owner = { + username = "elkhaff"; + }; }; - records = { + records = with dns.lib.combinators; { CNAME = [ "portofolio-pixel.pages.dev." ]; }; } diff --git a/domains/j.nix b/domains/j.nix index db44276..75598f9 100644 --- a/domains/j.nix +++ b/domains/j.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "support@juststudio.is-a.dev"; - repo = "https://github.com/JustStudio7/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/jacob.nix b/domains/jacob.nix index fdba947..cc7f30d 100644 --- a/domains/jacob.nix +++ b/domains/jacob.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "jacobrdale"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "jacobrdale"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "hexon404.onrender.com." ]; }; } diff --git a/domains/jd.nix b/domains/jd.nix index 6fbcf5c..ebfc556 100644 --- a/domains/jd.nix +++ b/domains/jd.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/job.nix b/domains/job.nix index 8051716..4e380cf 100644 --- a/domains/job.nix +++ b/domains/job.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "FWEEaaaa1"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "FWEEaaaa1"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { A = [ "128.204.223.115" ]; }; } diff --git a/domains/joel.nix b/domains/joel.nix index 22314e4..0513cd2 100644 --- a/domains/joel.nix +++ b/domains/joel.nix @@ -1,16 +1,18 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "joestr"; - email = "strasser999@gmail.com"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "joestr"; + email = "strasser999@gmail.com"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { A = [ "142.132.173.34" ]; AAAA = [ "2a01:4f8:1c0c:6cc0::1" ]; MX = [ { - exchange = "achlys.infra.joestr.at."; preference = 10; + exchange = "achlys.infra.joestr.at."; } ]; }; diff --git a/domains/js.nix b/domains/js.nix index db44276..75598f9 100644 --- a/domains/js.nix +++ b/domains/js.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "support@juststudio.is-a.dev"; - repo = "https://github.com/JustStudio7/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/just.nix b/domains/just.nix index 6fbcf5c..ebfc556 100644 --- a/domains/just.nix +++ b/domains/just.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/justdev.nix b/domains/justdev.nix index 6fbcf5c..ebfc556 100644 --- a/domains/justdev.nix +++ b/domains/justdev.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/justdeveloper.nix b/domains/justdeveloper.nix index 6fbcf5c..ebfc556 100644 --- a/domains/justdeveloper.nix +++ b/domains/justdeveloper.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "justdeveloper@juststudio.is-a.dev"; - repo = "https://github.com/JustDeveloper1/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "justdeveloper@juststudio.is-a.dev"; + repo = "https://github.com/JustDeveloper1/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/juststudio.nix b/domains/juststudio.nix index db44276..75598f9 100644 --- a/domains/juststudio.nix +++ b/domains/juststudio.nix @@ -1,11 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "JustDeveloper1"; - email = "support@juststudio.is-a.dev"; - repo = "https://github.com/JustStudio7/Website"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "JustDeveloper1"; + email = "support@juststudio.is-a.dev"; + repo = "https://github.com/JustStudio7/Website"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/katz.nix b/domains/katz.nix index cf78f0d..09f3469 100644 --- a/domains/katz.nix +++ b/domains/katz.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "Bananalolok"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "Bananalolok"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { A = [ "69.197.135.205" ]; }; } diff --git a/domains/no-one-is.nix b/domains/no-one-is.nix index 4d86e78..ac78aba 100644 --- a/domains/no-one-is.nix +++ b/domains/no-one-is.nix @@ -1,10 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "EducatedSuddenBucket"; - email = "me@esb.is-a.dev"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "EducatedSuddenBucket"; + email = "me@esb.is-a.dev"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "educatedsuddenbucket-github-io.onrender.com." ]; }; } diff --git a/domains/pxl.nix b/domains/pxl.nix index ce8eff6..57446eb 100644 --- a/domains/pxl.nix +++ b/domains/pxl.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "heypxl"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "heypxl"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "heypxl.github.io." ]; }; } diff --git a/domains/rchessauth.nix b/domains/rchessauth.nix index 9ce886d..20ca546 100644 --- a/domains/rchessauth.nix +++ b/domains/rchessauth.nix @@ -1,9 +1,11 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "vortexprime24"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "vortexprime24"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "fire.hackclub.app." ]; }; } diff --git a/domains/roki.nix b/domains/roki.nix index cae347c..0cbf5b4 100644 --- a/domains/roki.nix +++ b/domains/roki.nix @@ -1,10 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "Roki100"; - discord = "289479495444987904"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "Roki100"; + discord = "289479495444987904"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "edge.redirect.pizza." ]; }; } diff --git a/domains/satr14.nix b/domains/satr14.nix index f9d4cc7..17817fc 100644 --- a/domains/satr14.nix +++ b/domains/satr14.nix @@ -1,8 +1,10 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "satr14washere"; +{ dns, ... }: { + metadata = { + owner = { + username = "satr14washere"; + }; }; - records = { + records = with dns.lib.combinators; { CNAME = [ "5th-site.pages.dev." ]; }; } diff --git a/domains/stef.nix b/domains/stef.nix index 054b4c1..dfe1827 100644 --- a/domains/stef.nix +++ b/domains/stef.nix @@ -1,10 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "Stef-00012"; - email = "admin@stefdp.lol"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "Stef-00012"; + email = "admin@stefdp.lol"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "proxy.stefdp.lol." ]; }; } diff --git a/domains/ukriu.nix b/domains/ukriu.nix index edea7cd..138199b 100644 --- a/domains/ukriu.nix +++ b/domains/ukriu.nix @@ -1,10 +1,13 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "ukriu"; - email = "partofmyid@ukriu.com"; +{ dns, ... }: { + metadata = { + description = "my website"; + proxy = false; + owner = { + username = "ukriu"; + email = "partofmyid@ukriu.com"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "ukriu.pages.dev." ]; }; } diff --git a/domains/you-are.nix b/domains/you-are.nix index 196d500..94278bb 100644 --- a/domains/you-are.nix +++ b/domains/you-are.nix @@ -1,10 +1,12 @@ -{ dns, ... }: with dns.lib.combinators; { - owner = { - username = "Stef-00012"; - email = "admin@stefdp.com"; +{ dns, ... }: { + metadata = { + proxy = false; + owner = { + username = "Stef-00012"; + email = "admin@stefdp.com"; + }; }; - proxy = false; - records = { + records = with dns.lib.combinators; { CNAME = [ "proxy.stefdp.com." ]; }; } diff --git a/scripts/migrate-nix.py b/scripts/migrate-nix.py index 683b968..986595a 100755 --- a/scripts/migrate-nix.py +++ b/scripts/migrate-nix.py @@ -1,16 +1,29 @@ #!/usr/bin/env python3 """ -Migration script to convert domains/*.json to domains/*.nix +Migrate domains/*.json to domains/*.nix -Reads each JSON domain config and generates a corresponding .nix file -following the format from docs/example.nix. +Converts each JSON domain config into a .nix file matching the format +from docs/example.nix: + + { dns, ... }: { + metadata = { + description = "..."; + proxy = false; + owner = { + username = "..."; + }; + }; + records = with dns.lib.combinators; { + CNAME = [ "example.com." ]; + }; + } Usage: python3 scripts/migrate-nix.py [--dry-run] [--delete-json] Options: - --dry-run Print generated .nix content to stdout without writing files - --delete-json Delete the original .json files after successful conversion + --dry-run Print generated .nix to stdout without writing files + --delete-json Delete the .json files after successful conversion """ import json @@ -20,224 +33,198 @@ from pathlib import Path DOMAINS_DIR = Path(__file__).resolve().parent.parent / "domains" -def json_to_nix(data: dict) -> str: - """Convert a single domain JSON config to a .nix file string.""" +# --- Nix string helpers --- + +def escape(s: str) -> str: + """Escape a string for use inside Nix double quotes.""" + return s.replace("\\", "\\\\").replace('"', '\\"').replace("${", "\\${") + + +def fqdn(s: str) -> str: + """Ensure a domain string ends with a trailing dot.""" + return s if s.endswith(".") else s + "." + + +# --- Block builders --- + +def build_metadata(data: dict) -> list[str]: + """Build the metadata = { ... }; block.""" owner = data.get("owner", {}) description = data.get("description") - record = data.get("record", {}) - # Some files use "proxy", others use "proxied" proxy = data.get("proxied", data.get("proxy")) - lines = [] + lines = [" metadata = {"] - # Header — no let block, just the function head with `with` - lines.append("{ dns, ... }: with dns.lib.combinators; {") - - # Owner block as a top-level attribute - lines.append(" owner = {") - if owner.get("username"): - lines.append(f' username = "{escape_nix_string(owner["username"])}";') - if owner.get("email"): - lines.append(f' email = "{escape_nix_string(owner["email"])}";') - if owner.get("discord"): - lines.append(f' discord = "{escape_nix_string(owner["discord"])}";') - if owner.get("repo"): - lines.append(f' repo = "{escape_nix_string(owner["repo"])}";') - lines.append(" };") - - # Description as a top-level attribute if description is not None: - lines.append(f' description = "{escape_nix_string(description)}";') + lines.append(f' description = "{escape(description)}";') - # Proxy as a top-level attribute if proxy is not None: - lines.append(f" proxy = {'true' if proxy else 'false'};") + lines.append(f" proxy = {'true' if proxy else 'false'};") - # Records nested under `records` - record_lines = build_record_lines(record) - if record_lines: - lines.append(" records = {") - for rl in record_lines: - lines.append(rl) - lines.append(" };") + owner_keys = ["username", "email", "discord", "repo"] + owner_fields = [(k, owner[k]) for k in owner_keys if owner.get(k)] - lines.append("}") - lines.append("") - - return "\n".join(lines) - - -def escape_nix_string(s: str) -> str: - """Escape special characters for a Nix double-quoted string.""" - s = s.replace("\\", "\\\\") - s = s.replace('"', '\\"') - s = s.replace("${", "\\${") - return s - - -def build_record_lines(record: dict) -> list[str]: - """Build the Nix record lines from the JSON record dict. - - These are indented with 4 spaces since they sit inside `records = { ... };`. - """ - lines = [] - - if "A" in record: - values = record["A"] - if isinstance(values, list): - if len(values) == 1: - lines.append(f' A = [ "{values[0]}" ];') - else: - lines.append(" A = [") - for v in values: - lines.append(f' "{v}"') - lines.append(" ];") - else: - lines.append(f' A = [ "{values}" ];') - - if "AAAA" in record: - values = record["AAAA"] - if isinstance(values, list): - if len(values) == 1: - lines.append(f' AAAA = [ "{values[0]}" ];') - else: - lines.append(" AAAA = [") - for v in values: - lines.append(f' "{v}"') - lines.append(" ];") - else: - lines.append(f' AAAA = [ "{values}" ];') - - if "CNAME" in record: - value = record["CNAME"] - if isinstance(value, list): - value = value[0] - lines.append(f' CNAME = [ "{ensure_fqdn(value)}" ];') - - if "ALIAS" in record: - value = record["ALIAS"] - if isinstance(value, list): - value = value[0] - # ALIAS is typically handled as CNAME in dns.nix - lines.append(f' CNAME = [ "{ensure_fqdn(value)}" ];') - - if "MX" in record: - values = record["MX"] - if isinstance(values, list): - lines.append(" MX = [") - for i, v in enumerate(values): - priority = (i + 1) * 10 - lines.append(" {") - lines.append(f' exchange = "{ensure_fqdn(v)}";') - lines.append(f" preference = {priority};") - lines.append(" }") - lines.append(" ];") - else: - lines.append(" MX = [") - lines.append(" {") - lines.append(f' exchange = "{ensure_fqdn(values)}";') - lines.append(" preference = 10;") - lines.append(" }") - lines.append(" ];") - - if "TXT" in record: - values = record["TXT"] - if isinstance(values, list): - if len(values) == 1: - lines.append(f' TXT = [ "{escape_nix_string(values[0])}" ];') - else: - lines.append(" TXT = [") - for v in values: - lines.append(f' "{escape_nix_string(v)}"') - lines.append(" ];") - else: - lines.append(f' TXT = [ "{escape_nix_string(values)}" ];') - - if "NS" in record: - values = record["NS"] - if isinstance(values, list): - if len(values) == 1: - lines.append(f' NS = [ "{ensure_fqdn(values[0])}" ];') - else: - lines.append(" NS = [") - for v in values: - lines.append(f' "{ensure_fqdn(v)}"') - lines.append(" ];") - else: - lines.append(f' NS = [ "{ensure_fqdn(values)}" ];') - - if "SRV" in record: - values = record["SRV"] - if isinstance(values, list): - lines.append(" SRV = [") - for srv in values: - lines.append(" {") - if "service" in srv: - lines.append(f' service = "{srv["service"]}";') - if "proto" in srv: - lines.append(f' proto = "{srv["proto"]}";') - if "port" in srv: - lines.append(f" port = {srv['port']};") - if "priority" in srv: - lines.append(f" priority = {srv['priority']};") - if "weight" in srv: - lines.append(f" weight = {srv['weight']};") - if "target" in srv: - lines.append(f' target = "{ensure_fqdn(srv["target"])}";') - lines.append(" }") - lines.append(" ];") - - if "CAA" in record: - values = record["CAA"] - if isinstance(values, list): - lines.append(" CAA = [") - for caa in values: - lines.append(" {") - if "flags" in caa: - lines.append(f" flags = {caa['flags']};") - if "tag" in caa: - lines.append(f' tag = "{caa["tag"]}";') - if "value" in caa: - lines.append(f' value = "{escape_nix_string(caa["value"])}";') - lines.append(" }") - lines.append(" ];") + if owner_fields: + lines.append(" owner = {") + for key, val in owner_fields: + lines.append(f' {key} = "{escape(val)}";') + lines.append(" };") + lines.append(" };") return lines -def ensure_fqdn(domain: str) -> str: - """Ensure a domain name ends with a dot (FQDN).""" - if not domain.endswith("."): - return domain + "." - return domain +def build_records(record: dict) -> list[str]: + """Build the records = with dns.lib.combinators; { ... }; block.""" + entries = [] + + # A records + if "A" in record: + entries.extend(string_list_record("A", as_list(record["A"]))) + + # AAAA records + if "AAAA" in record: + entries.extend(string_list_record("AAAA", as_list(record["AAAA"]))) + + # CNAME (also handles ALIAS → CNAME) + cname = record.get("CNAME") or record.get("ALIAS") + if cname is not None: + val = cname[0] if isinstance(cname, list) else cname + entries.append(f' CNAME = [ "{fqdn(val)}" ];') + + # MX records + if "MX" in record: + entries.extend(build_mx(as_list(record["MX"]))) + + # TXT records + if "TXT" in record: + escaped = [escape(v) for v in as_list(record["TXT"])] + entries.extend(string_list_record("TXT", escaped)) + + # NS records + if "NS" in record: + fqdns = [fqdn(v) for v in as_list(record["NS"])] + entries.extend(string_list_record("NS", fqdns)) + + # SRV records + if "SRV" in record: + entries.extend(build_srv(as_list(record["SRV"]))) + + # CAA records + if "CAA" in record: + entries.extend(build_caa(as_list(record["CAA"]))) + + if not entries: + return [" records = with dns.lib.combinators; {};"] + + lines = [" records = with dns.lib.combinators; {"] + lines.extend(entries) + lines.append(" };") + return lines -def migrate_file(json_path: Path, dry_run: bool = False, delete_json: bool = False) -> bool: - """Migrate a single JSON file to .nix. Returns True on success.""" +# --- Record type formatters --- + +def as_list(value) -> list: + """Wrap a scalar in a list if it isn't one already.""" + return value if isinstance(value, list) else [value] + + +def string_list_record(rtype: str, values: list[str]) -> list[str]: + """Format a record type whose values are plain strings.""" + if len(values) == 1: + return [f' {rtype} = [ "{values[0]}" ];'] + + lines = [f" {rtype} = ["] + for v in values: + lines.append(f' "{v}"') + lines.append(" ];") + return lines + + +def build_mx(values: list) -> list[str]: + """Format MX records as attrsets with preference + exchange.""" + lines = [" MX = ["] + for i, v in enumerate(values): + pref = (i + 1) * 10 + lines.append(" {") + lines.append(f" preference = {pref};") + lines.append(f' exchange = "{fqdn(v)}";') + lines.append(" }") + lines.append(" ];") + return lines + + +def build_srv(values: list[dict]) -> list[str]: + """Format SRV records.""" + lines = [" SRV = ["] + for srv in values: + lines.append(" {") + for key in ("service", "proto"): + if key in srv: + lines.append(f' {key} = "{srv[key]}";') + for key in ("priority", "weight", "port"): + if key in srv: + lines.append(f" {key} = {srv[key]};") + if "target" in srv: + lines.append(f' target = "{fqdn(srv["target"])}";') + lines.append(" }") + lines.append(" ];") + return lines + + +def build_caa(values: list[dict]) -> list[str]: + """Format CAA records.""" + lines = [" CAA = ["] + for caa in values: + lines.append(" {") + if "flags" in caa: + lines.append(f" flags = {caa['flags']};") + if "tag" in caa: + lines.append(f' tag = "{caa["tag"]}";') + if "value" in caa: + lines.append(f' value = "{escape(caa["value"])}";') + lines.append(" }") + lines.append(" ];") + return lines + + +# --- Top-level conversion --- + +def json_to_nix(data: dict) -> str: + """Convert a parsed JSON domain config to a complete .nix file string.""" + lines = ["{ dns, ... }: {"] + lines.extend(build_metadata(data)) + lines.extend(build_records(data.get("record", {}))) + lines.append("}") + lines.append("") + return "\n".join(lines) + + +# --- File operations --- + +def migrate_file(path: Path, *, dry_run: bool, delete_json: bool) -> bool: + """Migrate a single .json file. Returns True on success.""" try: - with open(json_path, "r") as f: - data = json.load(f) + data = json.loads(path.read_text()) except json.JSONDecodeError as e: - print(f" ERROR: Failed to parse {json_path.name}: {e}", file=sys.stderr) + print(f" ERROR: {path.name}: {e}", file=sys.stderr) return False - nix_content = json_to_nix(data) - nix_filename = json_path.stem + ".nix" - nix_path = json_path.parent / nix_filename + nix = json_to_nix(data) + nix_path = path.with_suffix(".nix") if dry_run: - print(f"--- {nix_filename} ---") - print(nix_content) + print(f"--- {nix_path.name} ---") + print(nix) return True - with open(nix_path, "w") as f: - f.write(nix_content) - + nix_path.write_text(nix) print(f" Created {nix_path.name}") if delete_json: - json_path.unlink() - print(f" Deleted {json_path.name}") + path.unlink() + print(f" Deleted {path.name}") return True @@ -247,31 +234,30 @@ def main(): delete_json = "--delete-json" in sys.argv if not DOMAINS_DIR.exists(): - print(f"Error: domains directory not found at {DOMAINS_DIR}", file=sys.stderr) + print(f"Error: {DOMAINS_DIR} not found", file=sys.stderr) sys.exit(1) - json_files = sorted(DOMAINS_DIR.glob("*.json")) - - if not json_files: - print("No JSON files found in domains/") + files = sorted(DOMAINS_DIR.glob("*.json")) + if not files: + print("No .json files found in domains/") sys.exit(0) - print(f"Found {len(json_files)} JSON file(s) to migrate") + print(f"Found {len(files)} JSON file(s) to migrate") if dry_run: print("(dry run — no files will be written)\n") success = 0 failed = 0 - for json_path in json_files: - print(f"Migrating {json_path.name}...") - if migrate_file(json_path, dry_run=dry_run, delete_json=delete_json): + for f in files: + print(f"Migrating {f.name}...") + if migrate_file(f, dry_run=dry_run, delete_json=delete_json): success += 1 else: failed += 1 print(f"\nDone: {success} succeeded, {failed} failed") - if failed > 0: + if failed: sys.exit(1) From 68998df2196a0f280993eb9bcd5ce8d1732384c3 Mon Sep 17 00:00:00 2001 From: satr14washere <90962949+satr14washere@users.noreply.github.com> Date: Mon, 23 Mar 2026 07:31:59 +0700 Subject: [PATCH 17/32] move domain files --- .../{ => part-of.my.id}/_discord.colin.nix | 0 .../_discord.cutedog5695.nix | 0 .../_discord.justdeveloper.nix | 0 domains/{ => part-of.my.id}/_discord.nix | 0 domains/{ => part-of.my.id}/_discord.roki.nix | 0 domains/{ => part-of.my.id}/batman.nix | 0 domains/{ => part-of.my.id}/c.nix | 0 domains/{ => part-of.my.id}/colin.nix | 0 domains/{ => part-of.my.id}/cutedog5695.nix | 0 domains/{ => part-of.my.id}/elkaff.nix | 0 domains/{ => part-of.my.id}/j.nix | 0 domains/{ => part-of.my.id}/jacob.nix | 0 domains/{ => part-of.my.id}/jd.nix | 0 domains/{ => part-of.my.id}/job.nix | 0 domains/{ => part-of.my.id}/joel.nix | 0 domains/{ => part-of.my.id}/js.nix | 0 domains/{ => part-of.my.id}/just.nix | 0 domains/{ => part-of.my.id}/justdev.nix | 0 domains/{ => part-of.my.id}/justdeveloper.nix | 0 domains/{ => part-of.my.id}/juststudio.nix | 0 domains/{ => part-of.my.id}/katz.nix | 0 domains/{ => part-of.my.id}/no-one-is.nix | 0 domains/{ => part-of.my.id}/pxl.nix | 0 domains/{ => part-of.my.id}/rchessauth.nix | 0 domains/{ => part-of.my.id}/roki.nix | 0 domains/{ => part-of.my.id}/satr14.nix | 0 domains/{ => part-of.my.id}/stef.nix | 0 domains/{ => part-of.my.id}/ukriu.nix | 0 domains/{ => part-of.my.id}/you-are.nix | 0 flake.nix | 23 ++++-- is-my.id.txt | 72 +++++++++++++++++++ scripts/upload-zone.sh | 3 + 32 files changed, 91 insertions(+), 7 deletions(-) rename domains/{ => part-of.my.id}/_discord.colin.nix (100%) rename domains/{ => part-of.my.id}/_discord.cutedog5695.nix (100%) rename domains/{ => part-of.my.id}/_discord.justdeveloper.nix (100%) rename domains/{ => part-of.my.id}/_discord.nix (100%) rename domains/{ => part-of.my.id}/_discord.roki.nix (100%) rename domains/{ => part-of.my.id}/batman.nix (100%) rename domains/{ => part-of.my.id}/c.nix (100%) rename domains/{ => part-of.my.id}/colin.nix (100%) rename domains/{ => part-of.my.id}/cutedog5695.nix (100%) rename domains/{ => part-of.my.id}/elkaff.nix (100%) rename domains/{ => part-of.my.id}/j.nix (100%) rename domains/{ => part-of.my.id}/jacob.nix (100%) rename domains/{ => part-of.my.id}/jd.nix (100%) rename domains/{ => part-of.my.id}/job.nix (100%) rename domains/{ => part-of.my.id}/joel.nix (100%) rename domains/{ => part-of.my.id}/js.nix (100%) rename domains/{ => part-of.my.id}/just.nix (100%) rename domains/{ => part-of.my.id}/justdev.nix (100%) rename domains/{ => part-of.my.id}/justdeveloper.nix (100%) rename domains/{ => part-of.my.id}/juststudio.nix (100%) rename domains/{ => part-of.my.id}/katz.nix (100%) rename domains/{ => part-of.my.id}/no-one-is.nix (100%) rename domains/{ => part-of.my.id}/pxl.nix (100%) rename domains/{ => part-of.my.id}/rchessauth.nix (100%) rename domains/{ => part-of.my.id}/roki.nix (100%) rename domains/{ => part-of.my.id}/satr14.nix (100%) rename domains/{ => part-of.my.id}/stef.nix (100%) rename domains/{ => part-of.my.id}/ukriu.nix (100%) rename domains/{ => part-of.my.id}/you-are.nix (100%) create mode 100644 is-my.id.txt create mode 100644 scripts/upload-zone.sh diff --git a/domains/_discord.colin.nix b/domains/part-of.my.id/_discord.colin.nix similarity index 100% rename from domains/_discord.colin.nix rename to domains/part-of.my.id/_discord.colin.nix diff --git a/domains/_discord.cutedog5695.nix b/domains/part-of.my.id/_discord.cutedog5695.nix similarity index 100% rename from domains/_discord.cutedog5695.nix rename to domains/part-of.my.id/_discord.cutedog5695.nix diff --git a/domains/_discord.justdeveloper.nix b/domains/part-of.my.id/_discord.justdeveloper.nix similarity index 100% rename from domains/_discord.justdeveloper.nix rename to domains/part-of.my.id/_discord.justdeveloper.nix diff --git a/domains/_discord.nix b/domains/part-of.my.id/_discord.nix similarity index 100% rename from domains/_discord.nix rename to domains/part-of.my.id/_discord.nix diff --git a/domains/_discord.roki.nix b/domains/part-of.my.id/_discord.roki.nix similarity index 100% rename from domains/_discord.roki.nix rename to domains/part-of.my.id/_discord.roki.nix diff --git a/domains/batman.nix b/domains/part-of.my.id/batman.nix similarity index 100% rename from domains/batman.nix rename to domains/part-of.my.id/batman.nix diff --git a/domains/c.nix b/domains/part-of.my.id/c.nix similarity index 100% rename from domains/c.nix rename to domains/part-of.my.id/c.nix diff --git a/domains/colin.nix b/domains/part-of.my.id/colin.nix similarity index 100% rename from domains/colin.nix rename to domains/part-of.my.id/colin.nix diff --git a/domains/cutedog5695.nix b/domains/part-of.my.id/cutedog5695.nix similarity index 100% rename from domains/cutedog5695.nix rename to domains/part-of.my.id/cutedog5695.nix diff --git a/domains/elkaff.nix b/domains/part-of.my.id/elkaff.nix similarity index 100% rename from domains/elkaff.nix rename to domains/part-of.my.id/elkaff.nix diff --git a/domains/j.nix b/domains/part-of.my.id/j.nix similarity index 100% rename from domains/j.nix rename to domains/part-of.my.id/j.nix diff --git a/domains/jacob.nix b/domains/part-of.my.id/jacob.nix similarity index 100% rename from domains/jacob.nix rename to domains/part-of.my.id/jacob.nix diff --git a/domains/jd.nix b/domains/part-of.my.id/jd.nix similarity index 100% rename from domains/jd.nix rename to domains/part-of.my.id/jd.nix diff --git a/domains/job.nix b/domains/part-of.my.id/job.nix similarity index 100% rename from domains/job.nix rename to domains/part-of.my.id/job.nix diff --git a/domains/joel.nix b/domains/part-of.my.id/joel.nix similarity index 100% rename from domains/joel.nix rename to domains/part-of.my.id/joel.nix diff --git a/domains/js.nix b/domains/part-of.my.id/js.nix similarity index 100% rename from domains/js.nix rename to domains/part-of.my.id/js.nix diff --git a/domains/just.nix b/domains/part-of.my.id/just.nix similarity index 100% rename from domains/just.nix rename to domains/part-of.my.id/just.nix diff --git a/domains/justdev.nix b/domains/part-of.my.id/justdev.nix similarity index 100% rename from domains/justdev.nix rename to domains/part-of.my.id/justdev.nix diff --git a/domains/justdeveloper.nix b/domains/part-of.my.id/justdeveloper.nix similarity index 100% rename from domains/justdeveloper.nix rename to domains/part-of.my.id/justdeveloper.nix diff --git a/domains/juststudio.nix b/domains/part-of.my.id/juststudio.nix similarity index 100% rename from domains/juststudio.nix rename to domains/part-of.my.id/juststudio.nix diff --git a/domains/katz.nix b/domains/part-of.my.id/katz.nix similarity index 100% rename from domains/katz.nix rename to domains/part-of.my.id/katz.nix diff --git a/domains/no-one-is.nix b/domains/part-of.my.id/no-one-is.nix similarity index 100% rename from domains/no-one-is.nix rename to domains/part-of.my.id/no-one-is.nix diff --git a/domains/pxl.nix b/domains/part-of.my.id/pxl.nix similarity index 100% rename from domains/pxl.nix rename to domains/part-of.my.id/pxl.nix diff --git a/domains/rchessauth.nix b/domains/part-of.my.id/rchessauth.nix similarity index 100% rename from domains/rchessauth.nix rename to domains/part-of.my.id/rchessauth.nix diff --git a/domains/roki.nix b/domains/part-of.my.id/roki.nix similarity index 100% rename from domains/roki.nix rename to domains/part-of.my.id/roki.nix diff --git a/domains/satr14.nix b/domains/part-of.my.id/satr14.nix similarity index 100% rename from domains/satr14.nix rename to domains/part-of.my.id/satr14.nix diff --git a/domains/stef.nix b/domains/part-of.my.id/stef.nix similarity index 100% rename from domains/stef.nix rename to domains/part-of.my.id/stef.nix diff --git a/domains/ukriu.nix b/domains/part-of.my.id/ukriu.nix similarity index 100% rename from domains/ukriu.nix rename to domains/part-of.my.id/ukriu.nix diff --git a/domains/you-are.nix b/domains/part-of.my.id/you-are.nix similarity index 100% rename from domains/you-are.nix rename to domains/part-of.my.id/you-are.nix diff --git a/flake.nix b/flake.nix index a847a5d..3dd9f31 100644 --- a/flake.nix +++ b/flake.nix @@ -5,13 +5,22 @@ { dns, ... }: let email = "admin@satr14.my.id"; - domains."0" = { - domain = "part-of.my.id"; - nameservers = [ - "adele.ns.cloudflare.com" - "fattouche.ns.cloudflare.com" - ]; - }; + domains = [ + "0" = { + domain = "part-of.my.id"; + nameservers = [ + "adele.ns.cloudflare.com" + "fattouche.ns.cloudflare.com" + ]; + }; + "1" = { + domain = "is-my.id"; + nameservers = [ + "adele.ns.cloudflare.com" + "fattouche.ns.cloudflare.com" + ]; + }; + ]; inherit (import { }) lib; domainsFolder = builtins.readDir ./domains; domainFiles = lib.filterAttrs ( diff --git a/is-my.id.txt b/is-my.id.txt new file mode 100644 index 0000000..690dc91 --- /dev/null +++ b/is-my.id.txt @@ -0,0 +1,72 @@ +;; +;; Domain: is-my.id. +;; Exported: 2026-03-21 23:44:57 +;; +;; This file is intended for use for informational and archival +;; purposes ONLY and MUST be edited before use on a production +;; DNS server. In particular, you must: +;; -- update the SOA record with the correct authoritative name server +;; -- update the SOA record with the contact e-mail address information +;; -- update the NS record(s) with the authoritative name servers for this domain. +;; +;; For further information, please consult the BIND documentation +;; located on the following website: +;; +;; http://www.isc.org/ +;; +;; And RFC 1035: +;; +;; http://www.ietf.org/rfc/rfc1035.txt +;; +;; Please note that we do NOT offer technical support for any use +;; of this zone data, the BIND name server, or any other third-party +;; DNS software. +;; +;; Use at your own risk. +;; SOA Record +is-my.id 3600 IN SOA adele.ns.cloudflare.com. dns.cloudflare.com. 2052580329 10000 2400 604800 3600 + +;; NS Records +is-my.id. 86400 IN NS adele.ns.cloudflare.com. +is-my.id. 86400 IN NS fattouche.ns.cloudflare.com. + +;; A Records +job.is-my.id. 1 IN A 128.204.223.115 ; cf_tags=cf-proxied:false +joel.is-my.id. 1 IN A 142.132.173.34 ; cf_tags=cf-proxied:false +katz.is-my.id. 1 IN A 69.197.135.205 ; cf_tags=cf-proxied:false + +;; AAAA Records +joel.is-my.id. 1 IN AAAA 2a01:4f8:1c0c:6cc0::1 ; cf_tags=cf-proxied:false + +;; CNAME Records +batman.is-my.id. 1 IN CNAME shadowe1ite.github.io. ; cf_tags=cf-proxied:true +colin.is-my.id. 1 IN CNAME proxy.col1n.fr. ; cf_tags=cf-proxied:false +c.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +cutedog5695.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +elkaff.is-my.id. 1 IN CNAME portofolio-pixel.pages.dev. ; cf_tags=cf-proxied:false +jacob.is-my.id. 1 IN CNAME hexon404.onrender.com. ; cf_tags=cf-proxied:false +jd.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +j.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +js.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +justdeveloper.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +justdev.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +just.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +juststudio.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +no-one-is.is-my.id. 1 IN CNAME educatedsuddenbucket-github-io.onrender.com. ; cf_tags=cf-proxied:false +is-my.id. 1 IN CNAME website-e7n.pages.dev. ; cf_tags=cf-proxied:false +pxl.is-my.id. 1 IN CNAME heypxl.github.io. ; cf_tags=cf-proxied:false +rchessauth.is-my.id. 1 IN CNAME fire.hackclub.app. ; cf_tags=cf-proxied:false +roki.is-my.id. 1 IN CNAME edge.redirect.pizza. ; cf_tags=cf-proxied:false +stef.is-my.id. 1 IN CNAME proxy.stefdp.lol. ; cf_tags=cf-proxied:false +ukriu.is-my.id. 1 IN CNAME ukriu.pages.dev. ; cf_tags=cf-proxied:false +you-are.is-my.id. 1 IN CNAME proxy.stefdp.com. ; cf_tags=cf-proxied:false + +;; MX Records +joel.is-my.id. 1 IN MX 10 achlys.infra.joestr.at. + +;; TXT Records +_discord.colin.is-my.id. 1 IN TXT "dh=279643a6f8677dedb1c5c63d007fc4516149679c" +_discord.cutedog5695.is-my.id. 1 IN TXT "dh=a7c19efb0f6bc38b97a33760f6c1ee84df4151b1" +_discord.justdeveloper.is-my.id. 1 IN TXT "dh=6024027bc233825451e290ac37a4b4a1f838ee70" +_discord.is-my.id. 1 IN TXT "dh=d509fc9014e196311ed887c2e410cdefa833436e" +_discord.roki.is-my.id. 1 IN TXT "dh=5633078cd5bfd347a896ddb0f0de017c5423aa06" diff --git a/scripts/upload-zone.sh b/scripts/upload-zone.sh new file mode 100644 index 0000000..5372311 --- /dev/null +++ b/scripts/upload-zone.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +curl \ No newline at end of file From 21c96dcc5571c675ed9f4eaf52f6c24842438cfa Mon Sep 17 00:00:00 2001 From: satr14 Date: Mon, 23 Mar 2026 15:40:13 +0700 Subject: [PATCH 18/32] rewrite is taking too long --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 78bb9c6..d209214 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ > [!IMPORTANT] -> We are currently rewriting our registration process, CI/CD pipeline, documentation, and website. Pull requests are temporarily paused until the new system is ready. We will document the new registration process in this repository once it's ready. In the meantime, you can join our [discord server](https://discord.gg/rFyRF3MMhc) to get updates and support. +> We are currently rewriting our registration process, CI/CD pipeline, documentation, and website. **Pull requests are still welcome** and will be migrated to the new syntax after the rewrite. We will document the new registration process in this repository once it's ready. In the meantime, you can join our [discord server](https://discord.gg/rFyRF3MMhc) to get updates and support. > [!CAUTION] > We currently **DO NOT** support Vercel, Netlify, and other services that requires us to be on the [PSL](https://github.com/publicsuffix/list). _We will apply to be on the list [only if theres high demand](https://publicsuffix.org/submit/#:~:text=We%20will%20generally%20decline%20small%20projects)_, so be patient and invite some of your friends! From fb98c8021a5b2e018326f80291a27eb2a2873d18 Mon Sep 17 00:00:00 2001 From: satr14 Date: Mon, 23 Mar 2026 15:51:55 +0700 Subject: [PATCH 19/32] time notice --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d209214..34139ae 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ > [!IMPORTANT] -> We are currently rewriting our registration process, CI/CD pipeline, documentation, and website. **Pull requests are still welcome** and will be migrated to the new syntax after the rewrite. We will document the new registration process in this repository once it's ready. In the meantime, you can join our [discord server](https://discord.gg/rFyRF3MMhc) to get updates and support. +> We are currently rewriting our registration process, CI/CD pipeline, documentation, and website. Due to time constraints, **pull requests are still welcome** and will be migrated to the new syntax after the rewrite. We will document the new registration process in this repository once it's ready. In the meantime, you can join our [discord server](https://discord.gg/rFyRF3MMhc) to get updates and support. > [!CAUTION] > We currently **DO NOT** support Vercel, Netlify, and other services that requires us to be on the [PSL](https://github.com/publicsuffix/list). _We will apply to be on the list [only if theres high demand](https://publicsuffix.org/submit/#:~:text=We%20will%20generally%20decline%20small%20projects)_, so be patient and invite some of your friends! From be2d6b450cccd9745c07ca3d90edb2b8fe222755 Mon Sep 17 00:00:00 2001 From: LunarisX Date: Sun, 3 May 2026 22:27:07 +0700 Subject: [PATCH 20/32] Create reallunarisx.json --- domains/reallunarisx.json | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 domains/reallunarisx.json diff --git a/domains/reallunarisx.json b/domains/reallunarisx.json new file mode 100644 index 0000000..2d72a35 --- /dev/null +++ b/domains/reallunarisx.json @@ -0,0 +1,9 @@ +{ + "owner": { + "username": "LunarisXOffical" + }, + "record": { + "CNAME": "lunarisxoffical.github.io" + }, + "proxy": false +} From 23d995e04c8f542f9211c1581b45a4aca7b49c0c Mon Sep 17 00:00:00 2001 From: satr14 Date: Sun, 3 May 2026 16:15:12 +0000 Subject: [PATCH 21/32] link previews are now required --- .github/PULL_REQUEST_TEMPLATE.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 377d553..b8b3bc3 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -8,7 +8,7 @@ - Github Pull Requests - How DNS Works 4. When in doubt, read the docs before asking in PR - 5. **PREVIEWS ARE REQUIRED FOR WEBSITES.** Can be a screenshot/link. If it's not a website then please state the use of the subdomain. + 5. **PREVIEWS ARE REQUIRED FOR WEBSITES.** Must be a link. If it's not a website then please state the use of the subdomain. --> ## Requirements @@ -38,5 +38,5 @@ _None provided..._ From 82a1cdd8927c67cbf8e6f4a739543d1adb76dd7e Mon Sep 17 00:00:00 2001 From: LunarisX Date: Mon, 4 May 2026 09:23:25 +0700 Subject: [PATCH 22/32] Update DNS records in reallunarisx.json Added TXT records for GitHub Pages challenge. --- domains/reallunarisx.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/domains/reallunarisx.json b/domains/reallunarisx.json index 2d72a35..eaae38f 100644 --- a/domains/reallunarisx.json +++ b/domains/reallunarisx.json @@ -3,7 +3,8 @@ "username": "LunarisXOffical" }, "record": { - "CNAME": "lunarisxoffical.github.io" + "TXT": "_github-pages-challenge-LunarisXOffical.reallunarisx", + "TXT": "e61f92ffaf0fb52928acd51ea7cf4e" }, "proxy": false } From ea1ffd63e5998f411134f45911183838836941df Mon Sep 17 00:00:00 2001 From: LunarisX Date: Mon, 4 May 2026 09:25:58 +0700 Subject: [PATCH 23/32] Update TXT record in reallunarisx.json --- domains/reallunarisx.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/domains/reallunarisx.json b/domains/reallunarisx.json index eaae38f..9f4e462 100644 --- a/domains/reallunarisx.json +++ b/domains/reallunarisx.json @@ -3,8 +3,7 @@ "username": "LunarisXOffical" }, "record": { - "TXT": "_github-pages-challenge-LunarisXOffical.reallunarisx", - "TXT": "e61f92ffaf0fb52928acd51ea7cf4e" + "TXT": "3bdbf404a94a1470.vercel-dns-017.com.", }, "proxy": false } From 3947beaf68727962627dd7c968bdac8dcba1bed8 Mon Sep 17 00:00:00 2001 From: LunarisX Date: Mon, 4 May 2026 09:26:42 +0700 Subject: [PATCH 24/32] Add Vercel configuration for reallunarisx domain --- domains/_vercel.reallunarisx.json | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 domains/_vercel.reallunarisx.json diff --git a/domains/_vercel.reallunarisx.json b/domains/_vercel.reallunarisx.json new file mode 100644 index 0000000..d378d5f --- /dev/null +++ b/domains/_vercel.reallunarisx.json @@ -0,0 +1,9 @@ +{ + "owner": { + "username": "LunarisXOffical" + }, + "record": { + "TXT": "vc-domain-verify=reallunarisx.part-of.my.id,eb89acab3adcd3ee3acd", + }, + "proxy": false +} From db9a6e23c0665b8d0a49fcf9d444fc81f54396b9 Mon Sep 17 00:00:00 2001 From: LunarisX Date: Mon, 4 May 2026 09:31:02 +0700 Subject: [PATCH 25/32] Update reallunarisx.json --- domains/reallunarisx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domains/reallunarisx.json b/domains/reallunarisx.json index 9f4e462..f5b6401 100644 --- a/domains/reallunarisx.json +++ b/domains/reallunarisx.json @@ -3,7 +3,7 @@ "username": "LunarisXOffical" }, "record": { - "TXT": "3bdbf404a94a1470.vercel-dns-017.com.", + "CNAME": "3bdbf404a94a1470.vercel-dns-017.com.", }, "proxy": false } From 47a0e18cdbe6ccf60209c9a81f39dc63bbe6f526 Mon Sep 17 00:00:00 2001 From: satr14 Date: Mon, 4 May 2026 11:22:33 +0700 Subject: [PATCH 26/32] remove dot (added by ci) --- domains/reallunarisx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domains/reallunarisx.json b/domains/reallunarisx.json index f5b6401..bad7e4b 100644 --- a/domains/reallunarisx.json +++ b/domains/reallunarisx.json @@ -3,7 +3,7 @@ "username": "LunarisXOffical" }, "record": { - "CNAME": "3bdbf404a94a1470.vercel-dns-017.com.", + "CNAME": "3bdbf404a94a1470.vercel-dns-017.com", }, "proxy": false } From 96f2285d483fcba2e0f3677e7d2e7a8a540b3c90 Mon Sep 17 00:00:00 2001 From: satr14 Date: Mon, 4 May 2026 11:25:10 +0700 Subject: [PATCH 27/32] Fix formatting in reallunarisx.json --- domains/reallunarisx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domains/reallunarisx.json b/domains/reallunarisx.json index bad7e4b..ed58b6a 100644 --- a/domains/reallunarisx.json +++ b/domains/reallunarisx.json @@ -3,7 +3,7 @@ "username": "LunarisXOffical" }, "record": { - "CNAME": "3bdbf404a94a1470.vercel-dns-017.com", + "CNAME": "3bdbf404a94a1470.vercel-dns-017.com" }, "proxy": false } From 011fd671862919c857b165c10ae0bb736ed57a52 Mon Sep 17 00:00:00 2001 From: satr14 Date: Mon, 4 May 2026 11:25:41 +0700 Subject: [PATCH 28/32] Fix formatting in _vercel.reallunarisx.json --- domains/_vercel.reallunarisx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domains/_vercel.reallunarisx.json b/domains/_vercel.reallunarisx.json index d378d5f..6d97196 100644 --- a/domains/_vercel.reallunarisx.json +++ b/domains/_vercel.reallunarisx.json @@ -3,7 +3,7 @@ "username": "LunarisXOffical" }, "record": { - "TXT": "vc-domain-verify=reallunarisx.part-of.my.id,eb89acab3adcd3ee3acd", + "TXT": "vc-domain-verify=reallunarisx.part-of.my.id,eb89acab3adcd3ee3acd" }, "proxy": false } From f1638606f61c2203801cd7b23aff3416f1bff4be Mon Sep 17 00:00:00 2001 From: satr14 Date: Mon, 4 May 2026 11:31:27 +0700 Subject: [PATCH 29/32] Change TXT record format to array --- domains/_vercel.reallunarisx.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domains/_vercel.reallunarisx.json b/domains/_vercel.reallunarisx.json index 6d97196..132bee7 100644 --- a/domains/_vercel.reallunarisx.json +++ b/domains/_vercel.reallunarisx.json @@ -3,7 +3,7 @@ "username": "LunarisXOffical" }, "record": { - "TXT": "vc-domain-verify=reallunarisx.part-of.my.id,eb89acab3adcd3ee3acd" + "TXT": [ "vc-domain-verify=reallunarisx.part-of.my.id,eb89acab3adcd3ee3acd" ] }, "proxy": false } From f0af7456cbbb1faa0320b10c6afd5a5b64661820 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 4 May 2026 04:35:45 +0000 Subject: [PATCH 30/32] [automated] update stats --- stats/count.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stats/count.txt b/stats/count.txt index 64bb6b7..f5c8955 100644 --- a/stats/count.txt +++ b/stats/count.txt @@ -1 +1 @@ -30 +32 From c601b07fa4124b25b03064784a72740b13c68061 Mon Sep 17 00:00:00 2001 From: Stefano Del Prete Date: Mon, 11 May 2026 05:32:56 +0200 Subject: [PATCH 31/32] forgot to update --- domains/you-are.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domains/you-are.json b/domains/you-are.json index 151b83d..7598880 100644 --- a/domains/you-are.json +++ b/domains/you-are.json @@ -1,6 +1,6 @@ { "owner": { - "email": "admin@stefdp.com", + "email": "me@stefdp.com", "username": "Stef-00012" }, "record": { From d1c61e475c01a45f4a77da79b6eaf189bf5f635d Mon Sep 17 00:00:00 2001 From: Stefano Del Prete Date: Mon, 11 May 2026 05:33:28 +0200 Subject: [PATCH 32/32] forgot to update that too --- domains/stef.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/domains/stef.json b/domains/stef.json index 7046320..7598880 100644 --- a/domains/stef.json +++ b/domains/stef.json @@ -1,10 +1,10 @@ { "owner": { - "email": "admin@stefdp.lol", + "email": "me@stefdp.com", "username": "Stef-00012" }, "record": { - "CNAME": "proxy.stefdp.lol" + "CNAME": "proxy.stefdp.com" }, "proxied": false }