{ config, lib, dns, ... }: with dns.lib.combinators; let my = config.my; public-cof-ips = { A = [ "45.13.104.27" ]; AAAA = [ "2001:470:1f13:187:c08e:feff:fe4d:f5f5" ]; }; delegateACMEDNSChallenge = acme: { _acme-challenge.CNAME = [ acme ]; }; remoteBuilders = { nix01 = [ "2001:470:1f13:187:611:4514:d93a:f80a" ]; }; mkProxyRecord = AAAA: { inherit AAAA; A = [ "45.13.104.29" ]; }; dualstack = { A = my.ipv4; AAAA = my.ipv6.standard; }; in dualstack // { SOA = { nameServer = "ns1.${my.subZone}."; adminEmail = my.email; serial = 2021111400; # Y M D Version }; NS = [ "ns1.${my.subZone}." ]; CAA = letsEncrypt my.email; subdomains = { git = dualstack; drone = dualstack; wiki = dualstack; monitoring = dualstack; auth = dualstack; push = dualstack; tailscale = dualstack; inventory = dualstack; core01 = dualstack; ns1 = dualstack; # Non-beta service # Outline notion = public-cof-ips; # S3 API s3 = public-cof-ips; # CDN API cdn = public-cof-ips // { CAA = [ { issuerCritical = false; tag = "issue"; value = "letsencrypt.org"; } { issuerCritical = false; tag = "iodef"; value = "mailto:${my.email}"; } ]; subdomains = { "*" = public-cof-ips; } // delegateACMEDNSChallenge "7a9dffd8-f57b-4635-ba79-07f8b0db4fad.acme.rz.ens.wtf."; }; builders.subdomains = lib.mapAttrs (n: AAAA: { inherit AAAA; }) remoteBuilders; gdd = { NS = [ "ns1.gdd.${my.subZone}." ]; subdomains.ns1.AAAA = [ "2001:470:1f13:187:350a:214a:639c:b97b" ]; AAAA = [ "2001:470:1f13:187:350a:214a:639c:b97b" ]; }; acme = { NS = [ "acme.${my.subZone}." ]; A = my.ipv4; AAAA = [ my.ipv6.acme ]; }; beta = public-cof-ips // { subdomains = { traque = mkProxyRecord [ "2001:470:1f13:187:f053:94ff:fe46:9664" ]; nuage = public-cof-ips; todo = public-cof-ips; minecraft = public-cof-ips; factorio = public-cof-ips; home = public-cof-ips; pads = public-cof-ips // { subdomains = { api = public-cof-ips; files = public-cof-ips; sandbox = public-cof-ips; }; }; docs = public-cof-ips; jurisprudens = public-cof-ips; rstudio = public-cof-ips; }; }; internal.subdomains = { # Routers router01.A = [ "10.1.1.1" ]; router02.A = [ "10.1.1.1" ]; # Hypervisors pve01 = { A = [ "10.1.1.10" ]; subdomains = { idrac.A = [ "10.1.2.20" ]; } // delegateACMEDNSChallenge "7c663a49-151c-4eea-a34f-725ff9f19d41.acme.rz.ens.wtf."; }; # Core machines core01.A = [ "10.1.1.20" ]; }; }; }