{ config, pkgs, ... }: let mastus = '' IN A 37.252.120.145 IN AAAA 2a02:2770:5:0:21a:4aff:fe99:a937 ''; misuji = '' IN A 91.213.195.194 IN AAAA 2a02:2770:3:0:21a:4aff:feac:bc0e ''; timestamp = "1466327298"; heNsServers = '' @ IN NS ns1.he.net. @ IN NS ns2.he.net. @ IN NS ns3.he.net. @ IN NS ns4.he.net. @ IN NS ns5.he.net. ''; mailSetup = '' @ IN MX 10 mail.gebner.org. @ IN TXT v=spf1 mx -all ''; commonStuff = domain: '' $ORIGIN ${domain}. @ 10800 IN SOA mastus.gebner.org. gebner.gebner.org. ${timestamp} 10800 3600 604800 10800 ${heNsServers} ${mailSetup} ''; in { services.nsd = { enable = true; interfaces = [ "0.0.0.0" "::" ]; zones = { "gebner.org." = { provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ]; notify = [ "216.218.130.2 NOKEY" ]; data = '' ${commonStuff "gebner.org"} misuji ${misuji} mastus ${mastus} home-gw IN A 80.109.2.154 htdf-gw IN A 80.109.2.154 mtlaa-gw IN A 84.112.114.160 @ ${mastus} www IN CNAME mastus reader IN CNAME mastus owncloud IN CNAME misuji webmail IN CNAME misuji git IN CNAME mastus kochbuch IN CNAME misuji howfatami IN CNAME misuji mail ${mastus} imap ${mastus} xmpp ${misuji} wllbg in CNAME misuji cookbook in CNAME misuji radicale in CNAME mastus ''; }; "gabrielebner.at." = { provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ]; notify = [ "216.218.130.2 NOKEY" ]; data = '' ${commonStuff "gabrielebner.at"} @ ${mastus} www IN CNAME mastus.gebner.org. openid IN CNAME mastus.gebner.org. ''; }; "2b7e.org." = { provideXFR = [ "0.0.0.0/0 NOKEY" "::0/0 NOKEY" ]; notify = [ "216.218.130.2 NOKEY" ]; data = '' ${commonStuff "2b7e.org"} @ ${mastus} www IN CNAME mastus.gebner.org. ''; }; }; }; environment.systemPackages = [ pkgs.nsd ]; networking.firewall = { allowedUDPPorts = [ 53 ]; allowedTCPPorts = [ 53 ]; }; }