nixos-config/mastus/dns.nix

{ config, pkgs, ... }:
let
  mastus = ''
    IN A 37.252.120.145
      IN AAAA 2a02:2770:5:0:21a:4aff:fe99:a937
  '';
  misuji = ''
    IN A 91.213.195.194
      IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e
  '';

  timestamp = "1497294847";

  heNsServers = ''
    @ IN NS ns1.he.net.
    @ IN NS ns2.he.net.
    @ IN NS ns3.he.net.
    @ IN NS ns4.he.net.
    @ IN NS ns5.he.net.
  '';

  mailSetup = ''
    @ IN MX 10 mail.gebner.org.
    @ IN TXT v=spf1 mx -all
  '';

  commonStuff = domain: ''
    $ORIGIN ${domain}.
    @ 10800 IN SOA mastus.gebner.org. gebner.gebner.org. ${timestamp} 10800 3600 604800 10800
    ${heNsServers}
    ${mailSetup}
  '';
in
{
  services.nsd = {
    enable = true;
    interfaces = [ "0.0.0.0" "::" ];

    zones = {
      "gebner.org." = {
        provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];
        notify = [ "216.218.130.2 NOKEY" ];
        data = ''
          ${commonStuff "gebner.org"}

          @ IN TXT google-site-verification=Wk9aC8gfd5dH-4VA5rsgFSiKJtgkGJzYirds4oZFgSo

          misuji ${misuji}
          mastus ${mastus}

          home-gw IN A 80.109.2.154
          htdf-gw IN A 80.109.2.154
          mtlaa-gw IN A 84.112.114.160

          @ ${mastus}
          www IN CNAME mastus

          reader IN CNAME mastus
          git IN CNAME mastus
          kochbuch IN CNAME misuji
          howfatami IN CNAME misuji
          mail ${mastus}
          imap ${mastus}
          xmpp ${misuji}
          cookbook in CNAME misuji
          radicale in CNAME mastus
        '';
      };
      "gabrielebner.at." = {
        provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];
        notify = [ "216.218.130.2 NOKEY" ];
        data = ''
          ${commonStuff "gabrielebner.at"}

          @ ${mastus}
          www IN CNAME mastus.gebner.org.

          openid IN CNAME mastus.gebner.org.
        '';
      };
      "2b7e.org." = {
        provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];
        notify = [ "216.218.130.2 NOKEY" ];
        data = ''
          ${commonStuff "2b7e.org"}

          @ ${mastus}
          www IN CNAME mastus.gebner.org.
        '';
      };
    };
  };

  environment.systemPackages = [ pkgs.nsd ];
  networking.firewall = {
    allowedUDPPorts = [ 53 ];
    allowedTCPPorts = [ 53 ];
  };
}
mastus: dns server 2016-06-19 09:29:25 +00:00			`{ config, pkgs, ... }:`
			`let`
			`mastus = ''`
			`IN A 37.252.120.145`
			`IN AAAA 2a02:2770:5:0:21a:4aff:fe99:a937`
			`'';`
			`misuji = ''`
			`IN A 91.213.195.194`
			`IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e`
			`'';`

mastus: update dns timestamp 2017-06-12 19:14:17 +00:00			`timestamp = "1497294847";`
mastus: dns server 2016-06-19 09:29:25 +00:00
			`heNsServers = ''`
			`@ IN NS ns1.he.net.`
			`@ IN NS ns2.he.net.`
			`@ IN NS ns3.he.net.`
			`@ IN NS ns4.he.net.`
			`@ IN NS ns5.he.net.`
			`'';`

			`mailSetup = ''`
mastus: dns: switch to mail.gebner.org 2016-06-19 09:33:25 +00:00			`@ IN MX 10 mail.gebner.org.`
mastus: dns server 2016-06-19 09:29:25 +00:00			`@ IN TXT v=spf1 mx -all`
			`'';`

			`commonStuff = domain: ''`
			`$ORIGIN ${domain}.`
			`@ 10800 IN SOA mastus.gebner.org. gebner.gebner.org. ${timestamp} 10800 3600 604800 10800`
			`${heNsServers}`
			`${mailSetup}`
			`'';`
			`in`
			`{`
			`services.nsd = {`
			`enable = true;`
			`interfaces = [ "0.0.0.0" "::" ];`

			`zones = {`
			`"gebner.org." = {`
			`provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];`
mastus: dns: enable notification notify = [ "216.218.130.2 NOKEY" ]; 2016-06-19 09:47:35 +00:00			`notify = [ "216.218.130.2 NOKEY" ];`
mastus: dns server 2016-06-19 09:29:25 +00:00			`data = ''`
			`${commonStuff "gebner.org"}`

Add google postmaster auth 2017-06-12 19:01:35 +00:00			`@ IN TXT google-site-verification=Wk9aC8gfd5dH-4VA5rsgFSiKJtgkGJzYirds4oZFgSo`

mastus: dns server 2016-06-19 09:29:25 +00:00			`misuji ${misuji}`
			`mastus ${mastus}`

			`home-gw IN A 80.109.2.154`
			`htdf-gw IN A 80.109.2.154`
			`mtlaa-gw IN A 84.112.114.160`

			`@ ${mastus}`
			`www IN CNAME mastus`

			`reader IN CNAME mastus`
			`git IN CNAME mastus`
			`kochbuch IN CNAME misuji`
			`howfatami IN CNAME misuji`
			`mail ${mastus}`
			`imap ${mastus}`
			`xmpp ${misuji}`
			`cookbook in CNAME misuji`
			`radicale in CNAME mastus`
			`'';`
			`};`
			`"gabrielebner.at." = {`
			`provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];`
mastus: dns: enable notification notify = [ "216.218.130.2 NOKEY" ]; 2016-06-19 09:47:35 +00:00			`notify = [ "216.218.130.2 NOKEY" ];`
mastus: dns server 2016-06-19 09:29:25 +00:00			`data = ''`
			`${commonStuff "gabrielebner.at"}`

			`@ ${mastus}`
			`www IN CNAME mastus.gebner.org.`

			`openid IN CNAME mastus.gebner.org.`
			`'';`
			`};`
			`"2b7e.org." = {`
			`provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ];`
mastus: dns: enable notification notify = [ "216.218.130.2 NOKEY" ]; 2016-06-19 09:47:35 +00:00			`notify = [ "216.218.130.2 NOKEY" ];`
mastus: dns server 2016-06-19 09:29:25 +00:00			`data = ''`
			`${commonStuff "2b7e.org"}`

			`@ ${mastus}`
			`www IN CNAME mastus.gebner.org.`
			`'';`
			`};`
			`};`
			`};`

			`environment.systemPackages = [ pkgs.nsd ];`
			`networking.firewall = {`
			`allowedUDPPorts = [ 53 ];`
			`allowedTCPPorts = [ 53 ];`
			`};`
			`}`