apu local dhcp lease dns and invidious

modules/services/dhcp-dns-sync/default.nix

@@ -6,6 +6,11 @@
 }:
 let
   cfg = config.modules.services.dhcp-dns-sync;
+  ownAddress = (
+    lib.elemAt (lib.splitString "/"
+      config.systemd.network.networks."30-${cfg.interface}".networkConfig.Address
+    ) 0
+  );
 
   dhcp-leases-to-unbound =
     pkgs.runCommand "dhcp-leases-to-unbound"
@@ -59,9 +64,10 @@ in
     users.groups.dhcp-dns-sync = { };
 
     # Ensure directories and files exist with proper permissions
+    # Directory needs to be group-writable for unbound group
     systemd.tmpfiles.rules = [
-      "d /var/lib/unbound 0755 unbound unbound -"
-      "f ${cfg.unboundConfigPath} 0644 dhcp-dns-sync dhcp-dns-sync -"
+      "d /var/lib/unbound 0775 unbound unbound -"
+      "f ${cfg.unboundConfigPath} 0644 dhcp-dns-sync unbound -"
     ];
 
     # Extend Unbound configuration to include generated file
@@ -69,6 +75,8 @@ in
       server = {
         local-zone = [ "${cfg.domain}. static" ];
         include = cfg.unboundConfigPath;
+        local-data = [ ''"apu.home.arpa. IN A ${ownAddress}"'' ];
+        local-data-ptr = [ ''"${ownAddress} apu.home.arpa."'' ];
       };
     };
 
@@ -88,7 +96,7 @@ in
       serviceConfig = {
         Type = "oneshot";
         User = "dhcp-dns-sync";
-        Group = "dhcp-dns-sync";
+        Group = "unbound";
         # Allow access to networkctl via D-Bus
         SupplementaryGroups = [ "systemd-network" ];
         # Read/write paths