2283ee602a
This enables the tracking of core-services-01 over the infrastructure repository. Co-authored-by: Gabriel DORIATH DOHLER <gabriel.doriath.dohler@ens.psl.eu> Reviewed-on: https://git.rz.ens.wtf/Klub-RZ/infrastructure/pulls/1 Co-authored-by: raito <raito@noreply.git.rz.ens.wtf> Co-committed-by: raito <raito@noreply.git.rz.ens.wtf>
56 lines
1.2 KiB
Nix
56 lines
1.2 KiB
Nix
{ config, dns, ... }:
|
|
|
|
with dns.lib.combinators;
|
|
|
|
let
|
|
my = config.my;
|
|
delegateACMEDNSChallenge = acme: { _acme-challenge.CNAME = [ acme ]; };
|
|
in
|
|
with my.ipv6; # contains { standard, acme }
|
|
{
|
|
SOA = {
|
|
nameServer = "ns1.${my.subZone}.";
|
|
adminEmail = my.email;
|
|
serial = 2021072400; # Y M D Version
|
|
};
|
|
|
|
NS = [
|
|
"ns1.${my.subZone}."
|
|
];
|
|
|
|
AAAA = standard;
|
|
|
|
CAA = letsEncrypt my.email;
|
|
|
|
subdomains = {
|
|
git.AAAA = standard;
|
|
wiki.AAAA = standard;
|
|
monitoring.AAAA = standard;
|
|
auth.AAAA = standard;
|
|
push.AAAA = standard;
|
|
ns1.AAAA = standard;
|
|
|
|
# Délégation de sous zone à he.gdd pour la certification HE.
|
|
gdd.subdomains.he = {
|
|
NS = [ "ns1.he.gdd.${my.subZone}." ];
|
|
subdomains.ns1.AAAA = [ "2001:470:1f13:187:b80d:21ff:fe43:f1a5" ];
|
|
};
|
|
|
|
acme = {
|
|
NS = [ "acme.${my.subZone}." ];
|
|
AAAA = [ acme ];
|
|
};
|
|
|
|
internal.subdomains = {
|
|
core01 = {
|
|
A = [ "10.1.1.20" ];
|
|
};
|
|
pve01 = {
|
|
A = [ "10.1.1.10" ];
|
|
subdomains = {
|
|
idrac.A = [ "10.1.2.20" ];
|
|
} // delegateACMEDNSChallenge "7c663a49-151c-4eea-a34f-725ff9f19d41.acme.rz.ens.wtf.";
|
|
};
|
|
};
|
|
};
|
|
}
|