From 634aa9f9595ce0d5d2cc529121a9b62eb9341de1 Mon Sep 17 00:00:00 2001 From: Sophie Taylor Date: Wed, 2 Apr 2025 10:30:15 +1000 Subject: [PATCH 1/4] SVCB: Add more parameters, optional name fixup SVCB and SRV should probably have freeform-type attrs --- dns/types/records/SVCB.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/dns/types/records/SVCB.nix b/dns/types/records/SVCB.nix index 1a4d8ac..303d7e8 100644 --- a/dns/types/records/SVCB.nix +++ b/dns/types/records/SVCB.nix @@ -10,6 +10,7 @@ let isInt isList mapAttrsToList + mkEnableOption mkOption types ; @@ -75,6 +76,29 @@ in type = types.nullOr types.str; default = null; }; + dohpath = mkOption { + example = "/dns-query{?dns}"; + type = types.nullOr types.str; + default = null; + }; + tls-supported-groups = mkOption { + example = [ 23 29 ]; + default = null; + type = types.nullOr (types.nonEmptyListOf types.int.u16); + }; + ohttp = mkOption { + example = true; + default = false; + type = types.bool; + }; + + # For when the AttrLeaf convention is required + nodeServiceName = mkOption { + example = "_8443._https" + description = "If the protocol requires the underscored node name prefix specified in RFC 8552, the node name to use"; + type = types.nullOr types.strMatching "^_(.+)"; + default = null; + }; }; dataToString = { svcPriority, targetName, mandatory ? null, alpn ? null, no-default-alpn ? null, port ? null, ipv4hint ? null, ipv6hint ? null, ech ? null, ... }: "${toString svcPriority} ${targetName} ${ @@ -87,7 +111,13 @@ in mandatory no-default-alpn port + dohpath + tls-supported-groups + ohttp ; } }"; + nameFixup = lib.mkIf (self.nodeServiceName != null) + (name: self: + "${self.nodeServiceName}.${name}"); } From 9db26917badef586a071a836afadce35673f2135 Mon Sep 17 00:00:00 2001 From: Sophie Taylor Date: Wed, 2 Apr 2025 10:34:27 +1000 Subject: [PATCH 2/4] Correct SVCB.nix --- dns/types/records/SVCB.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/dns/types/records/SVCB.nix b/dns/types/records/SVCB.nix index 303d7e8..5c8651c 100644 --- a/dns/types/records/SVCB.nix +++ b/dns/types/records/SVCB.nix @@ -117,7 +117,5 @@ in ; } }"; - nameFixup = lib.mkIf (self.nodeServiceName != null) - (name: self: - "${self.nodeServiceName}.${name}"); + nameFixup = name: self: if (self.nodeServiceName != null) then "${self.nodeServiceName}.${name}" else name; } From f55ce6946a8b1ffed6f08312c8452dbcf52e93a8 Mon Sep 17 00:00:00 2001 From: Sophie Taylor Date: Wed, 2 Apr 2025 10:36:03 +1000 Subject: [PATCH 3/4] HTTPS: Correct nameFixup as per spec --- dns/types/records/HTTPS.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dns/types/records/HTTPS.nix b/dns/types/records/HTTPS.nix index a1e2b28..b83dd7d 100644 --- a/dns/types/records/HTTPS.nix +++ b/dns/types/records/HTTPS.nix @@ -1,3 +1,4 @@ -args: import ./SVCB.nix args // { +args@{lib, ...}: import ./SVCB.nix args // { rtype = "HTTPS"; + nameFixup = name: self: if self.port == 443 then name else "_${self.port}._https.${name}"; } From 46d8f8698a9d22775cbdcf38893d087046f8d36f Mon Sep 17 00:00:00 2001 From: Sophie Taylor Date: Wed, 2 Apr 2025 10:37:25 +1000 Subject: [PATCH 4/4] HTTPS: Fix case nameFixup for when port is null --- dns/types/records/HTTPS.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dns/types/records/HTTPS.nix b/dns/types/records/HTTPS.nix index b83dd7d..205d1db 100644 --- a/dns/types/records/HTTPS.nix +++ b/dns/types/records/HTTPS.nix @@ -1,4 +1,4 @@ args@{lib, ...}: import ./SVCB.nix args // { rtype = "HTTPS"; - nameFixup = name: self: if self.port == 443 then name else "_${self.port}._https.${name}"; + nameFixup = name: self: if self.port == null || self.port == 443 then name else "_${self.port}._https.${name}"; }