forked from DGNum/lab-infra
143 lines
3.1 KiB
Nix
143 lines
3.1 KiB
Nix
|
{ lib, dns, ... }:
|
||
|
|
||
|
let
|
||
|
inherit (lib) mapAttrs' nameValuePair;
|
||
|
inherit (lib.extra) fuseAttrs mapSingleFuse;
|
||
|
|
||
|
inherit (dns.lib.combinators) mx spf ttl;
|
||
|
|
||
|
meta = (import ./.) lib;
|
||
|
|
||
|
mkCNAME = host: { CNAME = [ host ]; };
|
||
|
|
||
|
mkHosted =
|
||
|
server:
|
||
|
{
|
||
|
dual ? [ ],
|
||
|
v4 ? [ ],
|
||
|
v6 ? [ ],
|
||
|
}:
|
||
|
let
|
||
|
base = "${server}.${meta.nodes.${server}.site}.infra";
|
||
|
mkHost = host: mapSingleFuse (_: mkCNAME host);
|
||
|
in
|
||
|
fuseAttrs [
|
||
|
(mkHost base dual)
|
||
|
(mkHost "v4.${base}" v4)
|
||
|
(mkHost "v6.${base}" v6)
|
||
|
];
|
||
|
|
||
|
cnames = builtins.mapAttrs (_: to: { CNAME = [ to ]; }) {
|
||
|
"dev" = "dev.pages.codeberg.page.";
|
||
|
"irc" = "public.p.lahfa.xyz.";
|
||
|
"webmail" = "kurisu.dual.lahfa.xyz.";
|
||
|
|
||
|
# Transition to new site names
|
||
|
"web01.dmi01.infra" = "web01.rat01.infra";
|
||
|
"web02.dmi01.infra" = "web02.rat01.infra";
|
||
|
"compute01.par01.infra" = "compute01.pav01.infra";
|
||
|
"storage01.par01.infra" = "storage01.pav01.infra";
|
||
|
|
||
|
# Miscelleanous redirections
|
||
|
"traque" = "traque.katvayor.net.";
|
||
|
|
||
|
# Temporary redirection for the BDS
|
||
|
# FIXME: finish the django apps module
|
||
|
"gestiobds.dj" = "cof.ens.fr.";
|
||
|
};
|
||
|
|
||
|
hosted = fuseAttrs (
|
||
|
builtins.attrValues (
|
||
|
builtins.mapAttrs mkHosted
|
||
|
{
|
||
|
}
|
||
|
)
|
||
|
);
|
||
|
|
||
|
kurisuDKIM = [
|
||
|
{
|
||
|
selector = "kurisu";
|
||
|
k = "rsa";
|
||
|
s = [ "email" ];
|
||
|
p = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDa5KuK6ry+Ss2VsKL0FsDpoBlc7dcXZyp62fGqFJFJv4/GEivPWiwbr2o5oLKjQVI4kIYjIZsyQJFtI/Xcu4BrtDdBknb5WvCN8V9EvIMh3pfXOBLVx4oqw4BR7wF8Rw1J9xyfgsfK+m2n0M39XlMHH0Nuy6kU48jH9vYpZs17ZQIDAQAB";
|
||
|
}
|
||
|
];
|
||
|
in
|
||
|
|
||
|
{
|
||
|
SOA = {
|
||
|
nameServer = "ns01.dgnum.eu.";
|
||
|
adminEmail = "dns.dgnum.eu";
|
||
|
retry = 3600;
|
||
|
minimum = 300;
|
||
|
};
|
||
|
|
||
|
# Primary DNS servers
|
||
|
NS = [
|
||
|
"ns01.dgnum.eu." # ns-03.hubrecht.ovh
|
||
|
"ns02.dgnum.eu." # kurisu.lahfa.xyz
|
||
|
];
|
||
|
|
||
|
# dgnum.codeberg.pages
|
||
|
# ALIAS = [ "codeberg.page" ];
|
||
|
A = [ "217.197.91.145" ];
|
||
|
AAAA = [ "2001:67c:1401:20f0::1" ];
|
||
|
|
||
|
MX = map (ttl 3600) [ (mx.mx 10 "kurisu.lahfa.xyz.") ];
|
||
|
|
||
|
SRV = [
|
||
|
{
|
||
|
service = "autodiscover";
|
||
|
proto = "tcp";
|
||
|
port = 443;
|
||
|
target = "autoconfig.mail.lahfa.xyz.";
|
||
|
}
|
||
|
];
|
||
|
|
||
|
TXT = [
|
||
|
"dgnum.codeberg.page"
|
||
|
(spf.strict [ "a:kurisu.lahfa.xyz" ])
|
||
|
];
|
||
|
DMARC = [ { p = "none"; } ];
|
||
|
DKIM = kurisuDKIM;
|
||
|
|
||
|
subdomains =
|
||
|
hosted
|
||
|
// cnames
|
||
|
// {
|
||
|
ns01 = {
|
||
|
A = [ "51.178.27.125" ];
|
||
|
AAAA = [ "2001:41d0:305:2100::542c" ];
|
||
|
};
|
||
|
ns02 = {
|
||
|
A = [ "163.172.69.160" ];
|
||
|
AAAA = [ "2001:bc8:38ee::1" ];
|
||
|
};
|
||
|
}
|
||
|
// {
|
||
|
infra = {
|
||
|
MX = map (ttl 3600) [ (mx.mx 10 "kurisu.lahfa.xyz.") ];
|
||
|
|
||
|
TXT = [ (spf.strict [ "a:kurisu.lahfa.xyz" ]) ];
|
||
|
DMARC = [ { p = "none"; } ];
|
||
|
DKIM = kurisuDKIM;
|
||
|
|
||
|
subdomains = mapAttrs' (
|
||
|
host:
|
||
|
{ site, ... }:
|
||
|
nameValuePair "${host}.${site}" (
|
||
|
with meta.network.${host}.addresses;
|
||
|
{
|
||
|
A = ipv4;
|
||
|
AAAA = ipv6;
|
||
|
subdomains = {
|
||
|
v4.A = ipv4;
|
||
|
v6.AAAA = ipv6;
|
||
|
};
|
||
|
}
|
||
|
)
|
||
|
) meta.nodes;
|
||
|
};
|
||
|
};
|
||
|
}
|