clan: migrate internal DNS to coredns service

Currently using a patched version of the upstream
coredns service, with hard-coded IPs until
wireguard exports are supported.

Zerotier connections were flaky and wireguard
seems more stable (although it seems to have a bit
less throughput).

clan/network.nix

@@ -32,4 +32,35 @@
       genepi = { };
     };
   };
+
+  # Temporarily patched version of clan-core/coredns for AAAA records support
+  clan.inventory.instances.coredns = {
+    module.name = "@rpqt/coredns";
+    module.input = "self";
+
+    roles.default.tags.all = { };
+    roles.server.machines.verbena = {
+      settings.ip = "fd28:387a:90:c400::1";
+    };
+    roles.server.machines.crocus = {
+      settings.ip = "fd28:387a:90:c400:6db2:dfc3:c376:9956";
+    };
+    roles.server.settings = {
+      tld = "home.rpqt.fr";
+    };
+
+    roles.default.machines.genepi.settings = {
+      ip = "fd28:387a:90:c400:ab23:3d38:a148:f539"; # FIXME: IPv4 expected (A record)
+      services = [
+        "actual"
+        "assistant"
+        "glance"
+        "grafana"
+        "images"
+        "lounge"
+        "pinchflat"
+        "rss"
+      ];
+    };
+  };
 }

machines/crocus/configuration.nix

@@ -7,8 +7,6 @@
     ./radicle.nix
     self.nixosModules.nix-defaults
     ../../modules/remote-builder.nix
-    ../../modules/unbound.nix
-    ../../modules/unbound-auth.nix
     self.inputs.srvos.nixosModules.server
     self.inputs.srvos.nixosModules.hardware-hetzner-cloud
   ];

machines/genepi/configuration.nix

@@ -20,8 +20,6 @@
 
     ../../modules/acme-home.nix
     ../../modules/lounge.nix
-    ../../modules/unbound.nix
-    ../../modules/unbound-auth.nix
     self.nixosModules.nix-defaults
 
     self.nixosModules.user-rpqt

machines/verbena/configuration.nix

@@ -2,8 +2,6 @@
 {
   imports = [
     self.nixosModules.nix-defaults
-    ../../modules/unbound.nix
-    ../../modules/unbound-auth.nix
     self.nixosModules.nextcloud
     self.nixosModules.gitea