From cb7a2cd4bcff354072de57c824b3963356d61c9c Mon Sep 17 00:00:00 2001
From: Erwin Boskma <erwin@datarift.nl>
Date: Wed, 29 May 2024 19:48:27 +0200
Subject: [PATCH] Let's roll our own coredns package

With blackjack and hoo...

Uhm, working plugins. Yes, working plugins. Definitely.
---
 flake.nix                             |  1 +
 machines/valkyrie/coredns/default.nix | 14 +---
 overlays/default.nix                  |  1 +
 pkgs/coredns/default.nix              | 95 +++++++++++++++++++++++++++
 4 files changed, 100 insertions(+), 11 deletions(-)
 create mode 100644 pkgs/coredns/default.nix

diff --git a/flake.nix b/flake.nix
index 00ddc26..2ae880b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -270,6 +270,7 @@
           };
 
           packages = {
+            coredns = pkgs.callPackage ./pkgs/coredns { };
             git-repo-go = pkgs.callPackage ./pkgs/git-repo-go { };
             gitu = pkgs.callPackage ./pkgs/gitu { };
             headscale-ui = pkgs.callPackage ./pkgs/headscale-ui { };
diff --git a/machines/valkyrie/coredns/default.nix b/machines/valkyrie/coredns/default.nix
index 77fac5a..c525854 100644
--- a/machines/valkyrie/coredns/default.nix
+++ b/machines/valkyrie/coredns/default.nix
@@ -1,24 +1,16 @@
-{ pkgs, config, ... }:
+{ config, ... }:
 {
   services.coredns = {
     enable = true;
-    package = pkgs.coredns.override {
-      externalPlugins = [
-        {
-          name = "tailscale";
-          repo = "github.com/damomurf/coredns-tailscale";
-          version = "750df081a3cc63f325ecfde6c30a974dc0e4bf56";
-        }
-      ];
-      vendorHash = "sha256-tuHr5oYmx3HNmsO6ZOO14vORArk8YHZBsodCiydf6k8=";
-    };
 
     config = ''
       datarift.nl:5454 {
         bind 127.0.0.1 ::1
         tailscale datarift.nl {
           authkey {$TS_AUTHKEY}
+          fallthrough
         }
+        forward . 127.0.0.1:5335
         log
         errors
       }
diff --git a/overlays/default.nix b/overlays/default.nix
index 33f2363..b375777 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -47,4 +47,5 @@ _final: prev: {
   gitu = prev.pkgs.callPackage ../pkgs/gitu { };
   zed = prev.pkgs.callPackage ../pkgs/zed { };
   git-repo-go = prev.pkgs.callPackage ../pkgs/git-repo-go { };
+  coredns = prev.pkgs.callPackage ../pkgs/coredns { };
 }
diff --git a/pkgs/coredns/default.nix b/pkgs/coredns/default.nix
new file mode 100644
index 0000000..916d11b
--- /dev/null
+++ b/pkgs/coredns/default.nix
@@ -0,0 +1,95 @@
+{
+  lib,
+  gnused,
+  stdenv,
+  buildGoModule,
+  fetchFromGitHub,
+  installShellFiles,
+}:
+let
+  version = "1.11.1";
+
+  externalPlugins = [
+    {
+      name = "tailscale";
+      repo = "github.com/damomurf/coredns-tailscale";
+      version = "750df081a3cc63f325ecfde6c30a974dc0e4bf56";
+    }
+  ];
+
+  attrsToPlugins = attrs: builtins.map ({ name, repo, ... }: "${name}:${repo}") attrs;
+  attrsToSources = attrs: builtins.map ({ repo, version, ... }: "${repo}@${version}") attrs;
+in
+buildGoModule {
+  pname = "coredns";
+  inherit version;
+
+  src = fetchFromGitHub {
+    owner = "coredns";
+    repo = "coredns";
+    rev = "v${version}";
+    sha256 = "sha256-Mn8hOsODTlnl6PJaevMcyIKkIx/1Lk2HGA7fSSizR20=";
+  };
+
+  # vendorHash = lib.fakeHash;
+  vendorHash = "sha256-ba8Krc8FVrylsV0n/3JNRTrL3bP8UJRdKF2fy8SYU3o=";
+
+  nativeBuildInputs = [ installShellFiles ];
+
+  outputs = [
+    "out"
+    "man"
+  ];
+
+  # Override the go-modules fetcher derivation to fetch plugins
+  modBuildPhase = ''
+    for plugin in ${builtins.toString (attrsToPlugins externalPlugins)}; do
+      echo "Adding plugin $plugin"
+      ${gnused}/bin/sed -i "/forward:forward/i$plugin" plugin.cfg
+    done
+
+    for src in ${builtins.toString (attrsToSources externalPlugins)}; do
+      echo "Retrieving $src"
+      go get $src
+    done
+
+    go generate
+    go mod tidy
+    go mod vendor
+  '';
+
+  modInstallPhase = ''
+    mv -t vendor go.mod go.sum plugin.cfg
+    cp -r --reflink=auto vendor "$out"
+  '';
+
+  preBuild = ''
+    chmod -R u+w vendor
+    mv -t . vendor/go.{mod,sum} vendor/plugin.cfg
+
+    go generate
+  '';
+
+  postPatch =
+    ''
+      substituteInPlace test/file_cname_proxy_test.go \
+        --replace "TestZoneExternalCNAMELookupWithProxy" \
+                  "SkipZoneExternalCNAMELookupWithProxy"
+
+      substituteInPlace test/readme_test.go \
+        --replace "TestReadme" "SkipReadme"
+
+      # this test fails if any external plugins were imported.
+      # it's a lint rather than a test of functionality, so it's safe to disable.
+      substituteInPlace test/presubmit_test.go \
+        --replace "TestImportOrdering" "SkipImportOrdering"
+    ''
+    + lib.optionalString stdenv.isDarwin ''
+      # loopback interface is lo0 on macos
+      sed -E -i 's/\blo\b/lo0/' plugin/bind/setup_test.go
+    '';
+
+  postInstall = ''
+    installManPage man/*
+  '';
+}