nixos-config/includes/local-dns/local-dns

#!/usr/bin/env bash

set -euo pipefail

ipv4_regex='^[.0-9]\+$'
ipv6_regex='^[:0-9a-f]\+$'

function _unbound {
  sudo unbound-control -c /var/lib/unbound/unbound.conf "$@"
}

function _helper_list_local_zones {
  _unbound list_local_zones | grep 'transparent$' | cut -f1 -d' '
}

function _alias {
  domain="$1"
  shift 1

  records=$(while [ $# -gt 0 ]; do
    target="$1"
    if echo "$target" | grep -q "$ipv4_regex"; then
      echo "$domain A $target"
    elif echo "$target" | grep -q "$ipv6_regex"; then
      echo "$domain AAAA $target"
    else
      if ! dig +noall +answer +nottlid "$target" \
        | grep '\<\(A\|AAAA\)\>' \
        | sed "s/^.*IN/$domain/" \
      ; then
        echo "Could not resolve $target" >&2
        exit 1
      fi
    fi

    shift 1
  done)

  _unbound -q local_zone_remove "$domain"
  if [ ! -z "$records" ]; then
    echo "$records" | _unbound -q local_datas
  fi

  if output=$(_unbound list_local_data | grep "$domain"); then
    echo "Put the following records:"
    echo "$output"
  else
    echo "Removed aliases for $domain"
  fi
}

function _delegate {
  domain="$1"
  server="$2"
  _unbound forward_add "$domain" "$server"
}

function _reset {
  _unbound reload
}

function _list {
  zones=$(_helper_list_local_zones)
  for domain in $zones; do
    _unbound list_local_data | grep "$domain"
  done
}

function _help {
  cat <<EOF
Usage: $(basename $0) <command> <options>

Commands:
  list - show custom records
  alias <domain> <target> ... - aliases a domain to another domain
  delegate <domain> <server> - forwards all DNS requests under domain to the target server
  reset - resets all configuration
EOF
  exit 1
}

if [ $# -lt 1 ]; then
  _help
fi

command="$1"
shift 1
case "$command" in
  list)
    _list "$@"
    ;;
  alias)
    _alias "$@"
    ;;
  delegate)
    _delegate "$@"
    ;;
  reset)
    _reset "$@"
    ;;
  *)
    _help
    ;;
esac