Klub-RZ/infrastructure
4
0
Fork 0
Code Issues 7 Pull requests Projects Releases Packages Wiki Activity

core-01: redirect most of our services to web01.dmi01.infra.dgnum.eu

Browse source
This commit is contained in:
Raito Bezarius 2023-12-21 12:27:35 +01:00
parent 41fc60e1eb
commit 49ed2855a5
1 changed files with 19 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
machines/core-services-01/subZone.nix
View file

@ -3,15 +3,15 @@
with dns.lib.combinators; with dns.lib.combinators;
let let
my = config.my; my = config.my;
web01 = {
CNAME = "web01.dmi01.infra.dgnum.eu";
};
public-cof-ips = { public-cof-ips = {
A = [ "45.13.104.27" ]; A = [ "45.13.104.27" ];
AAAA = [ "2001:470:1f13:187:c08e:feff:fe4d:f5f5" ]; AAAA = [ "2001:470:1f13:187:c08e:feff:fe4d:f5f5" ];
}; };
delegateACMEDNSChallenge = acme: { _acme-challenge.CNAME = [ acme ]; }; delegateACMEDNSChallenge = acme: { _acme-challenge.CNAME = [ acme ]; };
remoteBuilders = {
nix01 = [ "2001:470:1f13:187:611:4514:d93a:f80a" ];
};
mkProxyRecord = AAAA: { inherit AAAA; A = [ "45.13.104.29" ]; }; mkProxyRecord = AAAA: { inherit AAAA; A = [ "45.13.104.29" ]; };
dualstack = { dualstack = {
A = my.ipv4; A = my.ipv4;
@ -32,41 +32,21 @@ dualstack // {
CAA = letsEncrypt my.email; CAA = letsEncrypt my.email;
subdomains = { subdomains = {
git = dualstack; git = web01;
drone = dualstack; drone = dualstack;
wiki = dualstack;
monitoring = dualstack; monitoring = dualstack;
auth = dualstack; auth = dualstack;
push = dualstack; push = dualstack;
tailscale = dualstack;
inventory = dualstack;
core01 = dualstack; core01 = dualstack;
ns1 = dualstack; ns1 = dualstack;
# Non-beta service # Non-beta service
# Outline # Outline
notion = public-cof-ips; notion = web01;
# S3 API # S3 API
s3 = public-cof-ips; s3 = web01;
# CDN API # CDN API
cdn = public-cof-ips // { cdn = web01;
CAA = [
{ issuerCritical = false;
tag = "issue";
value = "letsencrypt.org";
}
{
issuerCritical = false;
tag = "iodef";
value = "mailto:${my.email}";
}
];
subdomains = {
"*" = public-cof-ips;
} // delegateACMEDNSChallenge "7a9dffd8-f57b-4635-ba79-07f8b0db4fad.acme.rz.ens.wtf.";
};
builders.subdomains = lib.mapAttrs (n: AAAA: { inherit AAAA; }) remoteBuilders;
gdd = { gdd = {
NS = [ "ns1.gdd.${my.subZone}." ]; NS = [ "ns1.gdd.${my.subZone}." ];
@ -83,21 +63,21 @@ dualstack // {
beta = public-cof-ips // { beta = public-cof-ips // {
subdomains = { subdomains = {
traque = mkProxyRecord [ "2001:470:1f13:187:f053:94ff:fe46:9664" ]; traque = mkProxyRecord [ "2001:470:1f13:187:f053:94ff:fe46:9664" ];
nuage = public-cof-ips; nuage = web01;
todo = public-cof-ips; todo = web01;
minecraft = public-cof-ips; minecraft = web01;
factorio = public-cof-ips; factorio = web01;
home = public-cof-ips; home = web01;
pads = public-cof-ips // { pads = web01 // {
subdomains = { subdomains = {
api = public-cof-ips; api = web01;
files = public-cof-ips; files = web01;
sandbox = public-cof-ips; sandbox = web01;
}; };
}; };
docs = public-cof-ips; docs = web01;
jurisprudens = public-cof-ips; jurisprudens = web01;
rstudio = public-cof-ips; rstudio = web01;
}; };
}; };