nixos-config/mastus/dns.nix

100 lines
2.2 KiB
Nix
Raw Normal View History

2016-06-19 09:29:25 +00:00
{ config, pkgs, ... }:
let
mastus = ''
IN A 37.252.120.145
IN AAAA 2a02:2770:5:0:21a:4aff:fe99:a937
'';
misuji = ''
IN A 91.213.195.194
IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e
'';
2017-06-12 19:14:17 +00:00
timestamp = "1497294847";
2016-06-19 09:29:25 +00:00
heNsServers = ''
@ IN NS ns1.he.net.
@ IN NS ns2.he.net.
@ IN NS ns3.he.net.
@ IN NS ns4.he.net.
@ IN NS ns5.he.net.
'';
mailSetup = ''
2016-06-19 09:33:25 +00:00
@ IN MX 10 mail.gebner.org.
2016-06-19 09:29:25 +00:00
@ IN TXT v=spf1 mx -all
'';
commonStuff = domain: ''
$ORIGIN ${domain}.
@ 10800 IN SOA mastus.gebner.org. gebner.gebner.org. ${timestamp} 10800 3600 604800 10800
${heNsServers}
${mailSetup}
'';
in
{
services.nsd = {
enable = true;
interfaces = [ "0.0.0.0" "::" ];
zones = {
"gebner.org." = {
provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];
notify = [ "216.218.130.2 NOKEY" ];
2016-06-19 09:29:25 +00:00
data = ''
${commonStuff "gebner.org"}
2017-06-12 19:01:35 +00:00
@ IN TXT google-site-verification=Wk9aC8gfd5dH-4VA5rsgFSiKJtgkGJzYirds4oZFgSo
2016-06-19 09:29:25 +00:00
misuji ${misuji}
mastus ${mastus}
home-gw IN A 80.109.2.154
htdf-gw IN A 80.109.2.154
2020-10-30 16:14:22 +00:00
ams-gw IN A 82.217.167.76
2016-06-19 09:29:25 +00:00
@ ${mastus}
www IN CNAME mastus
reader IN CNAME mastus
git IN CNAME mastus
kochbuch IN CNAME misuji
howfatami IN CNAME misuji
mail ${mastus}
imap ${mastus}
xmpp ${misuji}
cookbook in CNAME misuji
radicale in CNAME mastus
'';
};
"gabrielebner.at." = {
provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];
notify = [ "216.218.130.2 NOKEY" ];
2016-06-19 09:29:25 +00:00
data = ''
${commonStuff "gabrielebner.at"}
@ ${mastus}
www IN CNAME mastus.gebner.org.
openid IN CNAME mastus.gebner.org.
'';
};
"2b7e.org." = {
provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];
notify = [ "216.218.130.2 NOKEY" ];
2016-06-19 09:29:25 +00:00
data = ''
${commonStuff "2b7e.org"}
@ ${mastus}
www IN CNAME mastus.gebner.org.
'';
};
};
};
environment.systemPackages = [ pkgs.nsd ];
networking.firewall = {
allowedUDPPorts = [ 53 ];
allowedTCPPorts = [ 53 ];
};
}