MADD/modules/madd-server.nix

{
  lib,
  pkgs,
  config,
  ...
}:

with lib;
let
  cfg = config.services.madd-server;
in
{
  options.services.madd-server = {
    enable = mkEnableOption "MADD server";
    settings = {
      bind = mkOption {
        type = types.str;
        default = "0.0.0.0:5301";
        description = "Address and port for MADD server to bind to.";
      };
      zone = mkOption {
        type = types.str;
        example = "lan.example.com";
        description = "DNS zone under which the hosts are registered.";
      };
      networks = mkOption {
        type = types.listOf types.str;
        default = [ ];
        example = [ "10.0.0.0/8" ];
        description = "List of subnets to which hostnames can be registered.";
      };
      registration_limit = mkOption {
        type = types.int;
        default = 1;
        description = "Maximum number of hostnames a single host can register.";
      };
      dns_server = mkOption {
        type = types.str;
        example = "localhost:53";
        description = "DNS server to use. Must support dynamic updates.";
      };
      tsig_key_name = mkOption {
        type = types.str;
        default = "madd";
        description = "TSIG key name for DNS updates.";
      };
      tsig_key_file = mkOption {
        type = types.str;
        default = "/etc/madd/tsig.key";
        description = "Path to the TSIG key file for DNS updates. Must be encoded in base64.";
      };
      tsig_algorithm = mkOption {
        type = types.str;
        default = "hmac-sha256";
        description = "TSIG algorithm to use for DNS updates.";
      };
      data_dir = mkOption {
        type = types.str;
        default = "/var/lib/madd";
        description = "Directory where MADD server stores its data.";
      };
    };
  };

  config = mkIf cfg.enable {
    environment.etc."madd/madd.toml".source = (pkgs.formats.toml { }).generate "madd.toml" cfg.settings;

    systemd.services.madd-server = {
      description = "MADD Server Service";
      wantedBy = [ "multi-user.target" ];
      after = [ "network-online.target" ];
      requires = [ "network-online.target" ];
      serviceConfig = {
        ExecStart = "${pkgs.madd-server}/bin/madd-server";
        Restart = "on-failure";
      };
    };
  };
}