From e9cd32166123558d7aa92bceefc6bc931fbcbc1a Mon Sep 17 00:00:00 2001 From: Gabriel Ebner Date: Sun, 19 Jun 2016 11:29:25 +0200 Subject: [PATCH] mastus: dns server --- mastus/configuration.nix | 1 + mastus/dns.nix | 97 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 98 insertions(+) create mode 100644 mastus/dns.nix diff --git a/mastus/configuration.nix b/mastus/configuration.nix index f313dce..e6c0d69 100644 --- a/mastus/configuration.nix +++ b/mastus/configuration.nix @@ -14,6 +14,7 @@ ./blog.nix ./radicale.nix ./ttrss.nix + ./dns.nix ]; boot.loader.grub.enable = true; diff --git a/mastus/dns.nix b/mastus/dns.nix new file mode 100644 index 0000000..98ed8da --- /dev/null +++ b/mastus/dns.nix @@ -0,0 +1,97 @@ +{ config, pkgs, ... }: +let + mastus = '' + IN A 37.252.120.145 + IN AAAA 2a02:2770:5:0:21a:4aff:fe99:a937 + ''; + misuji = '' + IN A 91.213.195.194 + IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e + ''; + + timestamp = "1466327298"; + + heNsServers = '' + @ IN NS ns1.he.net. + @ IN NS ns2.he.net. + @ IN NS ns3.he.net. + @ IN NS ns4.he.net. + @ IN NS ns5.he.net. + ''; + + mailSetup = '' + @ IN MX 10 imap.gebner.org. + @ IN TXT v=spf1 mx -all + ''; + + commonStuff = domain: '' + $ORIGIN ${domain}. + @ 10800 IN SOA mastus.gebner.org. gebner.gebner.org. ${timestamp} 10800 3600 604800 10800 + ${heNsServers} + ${mailSetup} + ''; +in +{ + services.nsd = { + enable = true; + interfaces = [ "0.0.0.0" "::" ]; + + zones = { + "gebner.org." = { + provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ]; + data = '' + ${commonStuff "gebner.org"} + + misuji ${misuji} + mastus ${mastus} + + home-gw IN A 80.109.2.154 + htdf-gw IN A 80.109.2.154 + mtlaa-gw IN A 84.112.114.160 + + @ ${mastus} + www IN CNAME mastus + + reader IN CNAME mastus + owncloud IN CNAME misuji + webmail IN CNAME misuji + git IN CNAME mastus + kochbuch IN CNAME misuji + howfatami IN CNAME misuji + mail ${mastus} + imap ${mastus} + xmpp ${misuji} + wllbg in CNAME misuji + cookbook in CNAME misuji + radicale in CNAME mastus + ''; + }; + "gabrielebner.at." = { + provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ]; + data = '' + ${commonStuff "gabrielebner.at"} + + @ ${mastus} + www IN CNAME mastus.gebner.org. + + openid IN CNAME mastus.gebner.org. + ''; + }; + "2b7e.org." = { + provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ]; + data = '' + ${commonStuff "2b7e.org"} + + @ ${mastus} + www IN CNAME mastus.gebner.org. + ''; + }; + }; + }; + + environment.systemPackages = [ pkgs.nsd ]; + networking.firewall = { + allowedUDPPorts = [ 53 ]; + allowedTCPPorts = [ 53 ]; + }; +}