c2616ce4f5
Also deploy a DNS server on compute01
96 lines
2 KiB
Nix
96 lines
2 KiB
Nix
{ dgn-lib, meta, dns, ... }:
|
|
|
|
let
|
|
inherit (dgn-lib)
|
|
fuseAttrs
|
|
mapSingleFuse;
|
|
|
|
inherit (dns.lib.combinators)
|
|
mx
|
|
spf
|
|
ttl;
|
|
|
|
mkCNAME = host: { CNAME = [ host ]; };
|
|
|
|
mkRecord = host:
|
|
let net = meta.network.${host}; in
|
|
{
|
|
A = net.addresses.publicV4;
|
|
AAAA = net.addresses.publicV6;
|
|
};
|
|
|
|
mkNS = { A, AAAA, ... }: { inherit A AAAA; };
|
|
|
|
mkHosted = server: mapSingleFuse (_: mkCNAME "${server}.${meta.nodes.${server}.zone}.infra");
|
|
|
|
hosted = fuseAttrs (builtins.attrValues
|
|
(builtins.mapAttrs mkHosted {
|
|
compute01 = [
|
|
"social"
|
|
];
|
|
|
|
storage01 = [
|
|
"cloud"
|
|
"git"
|
|
"s3"
|
|
"video"
|
|
];
|
|
|
|
web01 = [
|
|
"analytics"
|
|
];
|
|
})
|
|
);
|
|
|
|
infra.subdomains = builtins.mapAttrs
|
|
(_: nodes: { subdomains = mapSingleFuse mkRecord nodes; })
|
|
meta.infra;
|
|
|
|
kurisuDKIM = [{
|
|
selector = "kurisu";
|
|
k = "rsa";
|
|
s = [ "email" ];
|
|
p = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDa5KuK6ry+Ss2VsKL0FsDpoBlc7dcXZyp62fGqFJFJv4/GEivPWiwbr2o5oLKjQVI4kIYjIZsyQJFtI/Xcu4BrtDdBknb5WvCN8V9EvIMh3pfXOBLVx4oqw4BR7wF8Rw1J9xyfgsfK+m2n0M39XlMHH0Nuy6kU48jH9vYpZs17ZQIDAQAB";
|
|
}];
|
|
in
|
|
|
|
{
|
|
# Primary DNS servers
|
|
NS = [
|
|
"ns01.dgnum.eu."
|
|
];
|
|
|
|
# dgnum.codeberg.pages
|
|
# ALIAS = [ "codeberg.page" ];
|
|
A = [ "217.197.91.145" ];
|
|
AAAA = [ "2001:67c:1401:20f0::1" ];
|
|
|
|
MX = map (ttl 3600) [
|
|
(mx.mx 10 "kurisu.lahfa.xyz.")
|
|
];
|
|
|
|
TXT = [
|
|
"dgnum.codeberg.page"
|
|
(spf.strict [ "a:kurisu.lahfa.xyz" ])
|
|
];
|
|
DMARC = [{ p = "none"; }];
|
|
DKIM = kurisuDKIM;
|
|
|
|
subdomains = hosted // {
|
|
ns01 = mkNS infra.subdomains.par01.subdomains.compute01;
|
|
} // {
|
|
infra = infra // {
|
|
MX = map (ttl 3600) [
|
|
(mx.mx 10 "kurisu.lahfa.xyz.")
|
|
];
|
|
|
|
TXT = [ (spf.strict [ "a:kurisu.lahfa.xyz" ]) ];
|
|
DMARC = [{ p = "none"; }];
|
|
DKIM = kurisuDKIM;
|
|
};
|
|
|
|
dev.CNAME = [ "dev.pages.codeberg.page." ];
|
|
irc.CNAME = [ "public.p.lahfa.xyz." ];
|
|
webmail.CNAME = [ "kurisu.dual.lahfa.xyz." ];
|
|
};
|
|
}
|