{ myLib, dns, ... }: let kunisZone = dns.lib.toString "kun.is" (import ./kun.is.zone.nix myLib dns); in { kubernetes.resources = { configMaps = { bind9-env.data.TZ = "Europe/Amsterdam"; bind9-config.data = { # TODO: this was copied from nix's generated bind config # Is there a way to generate this without actually running the nixos module? config = '' acl cachenetworks { 127.0.0.0/24; }; acl badnetworks { }; options { listen-on { any; }; listen-on-v6 { any; }; allow-query { cachenetworks; }; blackhole { badnetworks; }; forward first; forwarders { }; directory "/run/named"; pid-file "/run/named/named.pid"; allow-transfer { none; }; allow-recursion { none; }; version none; notify no; }; zone "kun.is" { type master; file "/etc/bind/kun.is.zone"; allow-transfer { }; allow-query { any; }; }; ''; kunis-zone = kunisZone; }; }; deployments.bind9 = { metadata.labels.app = "bind9"; spec = { selector.matchLabels.app = "bind9"; template = { metadata.labels.app = "bind9"; spec = { containers.bind9 = { image = "ubuntu/bind9:9.18-22.04_beta"; envFrom = [{ configMapRef.name = "bind9-env"; }]; ports.dns = { containerPort = 53; protocol = "UDP"; }; volumeMounts = [ { name = "config"; mountPath = "/etc/bind/named.conf"; subPath = "config"; } { name = "config"; mountPath = "/etc/bind/kun.is.zone"; subPath = "kunis-zone"; } ]; }; volumes = [{ name = "config"; configMap.name = "bind9-config"; }]; }; }; }; }; services.bind9.spec = { type = "LoadBalancer"; loadBalancerIP = myLib.globals.bind9IPv4; selector.app = "bind9"; ports.dns = { port = 53; targetPort = "dns"; protocol = "UDP"; }; }; }; }