add auto gc

closed #7
2026-02-11 15:39:12 +01:00 · 2026-02-11 15:39:12 +01:00 · ad31323a01
parent f2aeee6fd5
commit ad31323a01
3 changed files with 114 additions and 0 deletions
--- a/modules/crans/default.nix
+++ b/modules/crans/default.nix
@ -17,6 +17,7 @@ in
    ./nullmailer.nix
    ./packages.nix
    ./ssh.nix
+    ./store.nix
    ./users.nix
    ./virtualisation.nix
  ];
--- a/modules/crans/dns_authoritaire.nix
+++ b/modules/crans/dns_authoritaire.nix
@ -0,0 +1,103 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+
+let
+  cfg = config.crans;
+
+  inherit (lib) mkEnableOption mkIf;
+in
+let
+  masters = [
+    "172.16.10.147"
+    "fd00::10:0:ff:fe01:4710"
+  ];
+in
+{
+  options.crans = {
+    dns_authoritaire = {
+      enable = mkEnableOption "Activer le DNS authoritaire";
+    };
+  };
+
+  services.bind = {
+    enable = cfg.dns_authoritaire.enable;
+
+    zones = {
+      # default zone
+      "." = {
+        master = true;
+        file = "todo";
+      };
+
+      "localhost" = {
+        master = true;
+        file = pkgs.writeText "db.local" ''
+          ;
+          ; BIND data file for local loopback interface
+          ;
+          $TTL	604800
+          @	IN	SOA	localhost. root.localhost. (
+          			      2		; Serial
+          			 604800		; Refresh
+          			  86400		; Retry
+          			2419200		; Expire
+          			 604800 )	; Negative Cache TTL
+          ;
+          @	IN	NS	localhost.
+          @	IN	A	127.0.0.1
+          @	IN	AAAA	::1
+        '';
+      };
+
+      "127.in-addr.arpa" = {
+        master = true;
+        file = pkgs.writeText "db.127" ''
+          ;
+          ; BIND data file for local loopback interface
+          ;
+          $TTL	604800
+          @	IN	SOA	localhost. root.localhost. (
+          			      1		; Serial
+          			 604800		; Refresh
+          			  86400		; Retry
+          			2419200		; Expire
+          			 604800 )	; Negative Cache TTL
+          ;
+          @	IN	NS	localhost.
+          1.0.0	IN	localhost.
+        '';
+      };
+
+      "0.in-addr.arpa" = {
+        master = true;
+      };
+
+      "255.in-addr.arpa" = {
+        master = true;
+      };
+
+      # Zone salve
+      "_acme-challenge.crans.org" = {
+        master = false; # salve
+        masters = masters;
+      };
+
+      "_acme-challenge.adm.crans.org" = {
+        master = false; # salve
+        masters = masters;
+      };
+
+      "adh.crans.org" = {
+        master = false; # salve
+        masters = masters;
+      };
+
+    };
+
+  };
+
+}
--- a/modules/crans/store.nix
+++ b/modules/crans/store.nix
@ -0,0 +1,10 @@
+{...}:
+{
+  nix.gc = {
+    automatic = true;
+    dates = "04:15";
+    # avoid to run nix gc on all machine at the same time
+    randomizedDelaySec = "1h";
+    options = "--delete-older-than 14d";
+  };
+}