forked from hacc/haccfiles
services/dns: init
This commit is contained in:
parent
0c076f9805
commit
584460b1c7
8 changed files with 199 additions and 92 deletions
|
@ -19,6 +19,7 @@
|
||||||
./services/hasenloch.nix
|
./services/hasenloch.nix
|
||||||
./services/syncthing.nix
|
./services/syncthing.nix
|
||||||
./services/monitoring.nix
|
./services/monitoring.nix
|
||||||
|
../../services/dns
|
||||||
];
|
];
|
||||||
boot.loader.grub.enable = true;
|
boot.loader.grub.enable = true;
|
||||||
boot.loader.grub.version = 2;
|
boot.loader.grub.version = 2;
|
||||||
|
@ -54,6 +55,11 @@
|
||||||
interface = "enp6s0";
|
interface = "enp6s0";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
hexchen.dns.zones."hacc.space".subdomains.hainich = {
|
||||||
|
A = [ (lib.head config.networking.interfaces.enp6s0.ipv4.addresses).address ];
|
||||||
|
AAAA = [ (lib.head config.networking.interfaces.enp6s0.ipv6.addresses).address ];
|
||||||
|
};
|
||||||
|
|
||||||
hacc.nftables.nat.enable = true;
|
hacc.nftables.nat.enable = true;
|
||||||
networking.nat.internalInterfaces = ["ve-+"];
|
networking.nat.internalInterfaces = ["ve-+"];
|
||||||
networking.nat.internalIPs = [ "192.168.100.0/24" "172.17.0.0/16" ];
|
networking.nat.internalIPs = [ "192.168.100.0/24" "172.17.0.0/16" ];
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
hexchen.dns.zones."hacc.space".subdomains."pad".CNAME = [ "hainich.hacc.space" ];
|
||||||
containers.codimd = {
|
containers.codimd = {
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostAddress = "192.168.100.1";
|
hostAddress = "192.168.100.1";
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
hexchen.dns.zones."4future.dev".subdomains.waszumfff.CNAME = [ "hainich.hacc.space." ];
|
||||||
|
|
||||||
virtualisation.oci-containers.containers."ghost-waszumfff" = {
|
virtualisation.oci-containers.containers."ghost-waszumfff" = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
environment = {
|
environment = {
|
||||||
|
|
|
@ -1,12 +1,32 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
sources = import ../../../nix/sources.nix;
|
sources = import ../../../nix/sources.nix;
|
||||||
|
|
||||||
|
defaultDns = with pkgs.dns.combinators; {
|
||||||
|
MX = [ (mx.mx 10 "mail.hacc.space.") ];
|
||||||
|
TXT = [ (spf.strict [ "+mx" ]) ];
|
||||||
|
};
|
||||||
|
|
||||||
|
dkim = txt: { subdomains."mail._domainkey".TXT = [ txt ]; };
|
||||||
in {
|
in {
|
||||||
imports = [
|
imports = [
|
||||||
sources.nixos-mailserver.outPath
|
sources.nixos-mailserver.outPath
|
||||||
];
|
];
|
||||||
|
|
||||||
|
hexchen.dns.zones = {
|
||||||
|
"hacc.space" = {
|
||||||
|
inherit (defaultDns) MX TXT;
|
||||||
|
subdomains."mail".CNAME = [ "hainich.hacc.space" ];
|
||||||
|
} // (dkim "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1bIWqIW2WO5jLy2oZbvAqfCAkO6y64HiQ1lI50M36zn7xaJlRAaXo9FNdEYW09TY2dUC2dNVT7AG6EypfjHN9WNwAYoZVQOBLigZW2h47gy3LV8/GoaJLhAMfJEyTdgQUJf+ScnLKD30CLpezcVChYWljRBE1NSAHyymS9Ty/1wIDAQAB");
|
||||||
|
"infra4future.de" = {
|
||||||
|
inherit (defaultDns) MX TXT;
|
||||||
|
subdomains.discuss = defaultDns;
|
||||||
|
} // (dkim "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1KO8EiAcR57TbiVW/T57GVllZp1Kk7wlqXyRAPLqf4huk3S+KBlUtkv/6JW14jiaEnvZSWnh2B0HCdX11EdrCt9sprvbirYssUZdn2j7f4MN0fhQAxRqEFcN+zzVl90T6gqhH8Apu2LlYtFos2YisKNZcgUiuYT/Ba9bCwjnMbwIDAQAB");
|
||||||
|
"4future.dev" = defaultDns // dkim "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWQM4k4kvqoEZDEAo+li7URJ+k4aFI4C7XTIqwBT7UAXL2wHPWUmHftudK7VfemdmHdSwVdiFqAs3fMZFXTgbctc5+zG0hB03yOpm42pcf+kkYb4lvXlRoloEorN+XP9PmyNdW14p6ikQGCV//v/nliiraOSrqPaCciB0C6bD7bwIDAQAB";
|
||||||
|
# "4futu.re" = defaultDns // dkim "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIORy3U05TE0yU/778OaXZ4JDQ5ztK8Set6mClIs8s4Wrtx53Fsq3ahmnglE7ypucsQ1N87Vfv+YjI/X/ndMAYcs8ZjuJRwUqFJnMADAPkPa4lwg3+AgNQYLQsjVpKTZAz83NWWQAZ9QwukgML8sU0cP33eJkiQJ27C/L7kQNlXQIDAQAB";
|
||||||
|
# "hacc.earth" = defaultDns // dkim "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwFuOQLtDRJU+0Q63GWZocTHwh3bSVjCV4ebgVTBmLxR48RmFqoz1LnYyTBqOGZTq5lvzJuoFcvpBGyJ+jBYNeQKsMY32BHJ0ju2e4nqTPR7SL8x5fBIAj0z2C5DFUnr5S0g+yPbwziQyos9qeJMy7XdtnrLboh635qPSGTgEY/QIDAQAB";
|
||||||
|
};
|
||||||
mailserver = {
|
mailserver = {
|
||||||
mailDirectory = "/data/mail";
|
mailDirectory = "/data/mail";
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -14,110 +34,110 @@ in {
|
||||||
domains = [ "hacc.space" "hacc.earth" "4future.dev" "4futu.re" "infra4future.de" "discuss.infra4future.de" ];
|
domains = [ "hacc.space" "hacc.earth" "4future.dev" "4futu.re" "infra4future.de" "discuss.infra4future.de" ];
|
||||||
|
|
||||||
loginAccounts = {
|
loginAccounts = {
|
||||||
"hexchen@hacc.space" = {
|
"hexchen@hacc.space" = {
|
||||||
hashedPassword = "$6$x9skYtRp4dgxC$1y8gPC2BuVqG3kJVSMGgzZv0Bg1T9qxcnBWLIDbANy1d//SQ23Y7s3IMYcEPd1/l/MYWD9Y/Qse6HbT5w5Xwq/";
|
hashedPassword = "$6$x9skYtRp4dgxC$1y8gPC2BuVqG3kJVSMGgzZv0Bg1T9qxcnBWLIDbANy1d//SQ23Y7s3IMYcEPd1/l/MYWD9Y/Qse6HbT5w5Xwq/";
|
||||||
|
|
||||||
aliases = [
|
aliases = [
|
||||||
"postmaster@hacc.space"
|
"postmaster@hacc.space"
|
||||||
"abuse@hacc.space"
|
"abuse@hacc.space"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
"octycs@hacc.space" = {
|
"octycs@hacc.space" = {
|
||||||
hashedPassword = "$6$KceTivtJ$58jxhYF6ULfivNsb3Z0J7PnGea0Hs2wTWh3c9FrKRIAmuOD96u2IDgZRCn6P5NrXA0BL.n6HC2RS3r.4JnOmg.";
|
hashedPassword = "$6$KceTivtJ$58jxhYF6ULfivNsb3Z0J7PnGea0Hs2wTWh3c9FrKRIAmuOD96u2IDgZRCn6P5NrXA0BL.n6HC2RS3r.4JnOmg.";
|
||||||
|
|
||||||
aliases = [
|
aliases = [
|
||||||
"markus@hacc.space"
|
"markus@hacc.space"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
"raphael@hacc.space" = {
|
"raphael@hacc.space" = {
|
||||||
hashedPassword = "$6$QveHpwMcp9mkFVAU$EFuahOrJIxPg.c.WGFHtrP3.onwJYwvP7fiBHHGb9jhosewZ2tEUP.2D3uyDLhd9Cfny6Yp4jDk/Hkjk7/ME1/";
|
hashedPassword = "$6$QveHpwMcp9mkFVAU$EFuahOrJIxPg.c.WGFHtrP3.onwJYwvP7fiBHHGb9jhosewZ2tEUP.2D3uyDLhd9Cfny6Yp4jDk/Hkjk7/ME1/";
|
||||||
};
|
};
|
||||||
|
|
||||||
"engelsystem@hacc.space" = {
|
"engelsystem@hacc.space" = {
|
||||||
hashedPassword = "$6$5cIAEhJ7af7M$eJBPQc3ONd.N3HKPFpxfG7liZbUXPvWuSpWVgeG7rmsG7f7.Zdxtodvt5VaXoA3AEiv3GqcY.gKHISK/Gg0ib/";
|
hashedPassword = "$6$5cIAEhJ7af7M$eJBPQc3ONd.N3HKPFpxfG7liZbUXPvWuSpWVgeG7rmsG7f7.Zdxtodvt5VaXoA3AEiv3GqcY.gKHISK/Gg0ib/";
|
||||||
};
|
};
|
||||||
|
|
||||||
"schweby@hacc.space" = {
|
"schweby@hacc.space" = {
|
||||||
hashedPassword = "$6$BpYhwcZNrkLhVqK$6FMqA/vUkdV4GBlHLSqS5DRCb/CaLDNeIsBcZ8G30heytS/tJj2Ag7b1ovSltTA4PUfhee3pJrz1BkwkA93vN1";
|
hashedPassword = "$6$BpYhwcZNrkLhVqK$6FMqA/vUkdV4GBlHLSqS5DRCb/CaLDNeIsBcZ8G30heytS/tJj2Ag7b1ovSltTA4PUfhee3pJrz1BkwkA93vN1";
|
||||||
};
|
};
|
||||||
|
|
||||||
"zauberberg@hacc.space" = {
|
"zauberberg@hacc.space" = {
|
||||||
hashedPassword = "$6$ISAaU8X6D$oGKe9WXDWrRpGzHUTdxrxdtg9zuGOlBMuDc82IZhegpsv1bqd550FhZZrI40IjZTA5Hy2MZ8j/0efpnQ4fOQH0";
|
hashedPassword = "$6$ISAaU8X6D$oGKe9WXDWrRpGzHUTdxrxdtg9zuGOlBMuDc82IZhegpsv1bqd550FhZZrI40IjZTA5Hy2MZ8j/0efpnQ4fOQH0";
|
||||||
aliases = [
|
aliases = [
|
||||||
"lukas@hacc.space"
|
"lukas@hacc.space"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
"talx@hacc.space" = {
|
"talx@hacc.space" = {
|
||||||
hashedPassword = "$6$0hIKRoMJS./JSE$tXizRgphhNM3ZYx216VdRv1OiyZoYXsjGqSudTDu8vB8eZb03Axi31VKV87RXiEGGixdvTsHEKpx032aOzzt31";
|
hashedPassword = "$6$0hIKRoMJS./JSE$tXizRgphhNM3ZYx216VdRv1OiyZoYXsjGqSudTDu8vB8eZb03Axi31VKV87RXiEGGixdvTsHEKpx032aOzzt31";
|
||||||
};
|
};
|
||||||
|
|
||||||
"unms@hacc.space" = {
|
"unms@hacc.space" = {
|
||||||
hashedPassword = "$6$pYlNP37913$sGE3L722ceP.1Qm5lsffYUN919hPP1xRTrzco3ic3Op21iiknBkOY04eY2l3Um/Bpk/yV89aJD0eaB/5RCbWR1";
|
hashedPassword = "$6$pYlNP37913$sGE3L722ceP.1Qm5lsffYUN919hPP1xRTrzco3ic3Op21iiknBkOY04eY2l3Um/Bpk/yV89aJD0eaB/5RCbWR1";
|
||||||
};
|
};
|
||||||
|
|
||||||
"noreply@hacc.space" = {
|
"noreply@hacc.space" = {
|
||||||
hashedPassword = "$6$YsqMoItITZUzI5wo$5Lejf8XBHRx4LW4VuZ9wJCiBbT4kOV/EZaCdWQ07eVIrkRTZwXWZ5zfsh.olXEFwvpNWN.DBnU.dQc.cC0/ra/";
|
hashedPassword = "$6$YsqMoItITZUzI5wo$5Lejf8XBHRx4LW4VuZ9wJCiBbT4kOV/EZaCdWQ07eVIrkRTZwXWZ5zfsh.olXEFwvpNWN.DBnU.dQc.cC0/ra/";
|
||||||
};
|
};
|
||||||
"stuebinm@hacc.space" = {
|
"stuebinm@hacc.space" = {
|
||||||
hashedPassword = "$6$mjrMQG5smqLRlm$WzmbiZnGlEXGT7hj/n2qz0nvVzGyZfMToCyLRi0wErfVEHI7y7jtWoHqIWnpcHAM29UocsIFFsUCb3XqQCwwB.";
|
hashedPassword = "$6$mjrMQG5smqLRlm$WzmbiZnGlEXGT7hj/n2qz0nvVzGyZfMToCyLRi0wErfVEHI7y7jtWoHqIWnpcHAM29UocsIFFsUCb3XqQCwwB.";
|
||||||
};
|
};
|
||||||
"newsletter@hacc.space" = {
|
"newsletter@hacc.space" = {
|
||||||
hashedPassword = "$6$f0xKnQxBInd$zbVIi1lTKWauqW.c8sMNLHNwzn81oQrVOiIfJwPa98n9xWz/NkjuWLYuFpK.MSZwNwP7Yv/a/qaOb9v8qv/.N1";
|
hashedPassword = "$6$f0xKnQxBInd$zbVIi1lTKWauqW.c8sMNLHNwzn81oQrVOiIfJwPa98n9xWz/NkjuWLYuFpK.MSZwNwP7Yv/a/qaOb9v8qv/.N1";
|
||||||
};
|
};
|
||||||
"lenny@hacc.space" = {
|
"lenny@hacc.space" = {
|
||||||
hashedPassword = "$6$dR.lhYiJDpsR4.dw$n7bCbyTm97v/O8Ue44n58YwOmmct..Gt5TeAmen8C5FWyPTwTh65XCjwc27gNFVGnZLwsRJwMJ.E9D0oJEzUh0";
|
hashedPassword = "$6$dR.lhYiJDpsR4.dw$n7bCbyTm97v/O8Ue44n58YwOmmct..Gt5TeAmen8C5FWyPTwTh65XCjwc27gNFVGnZLwsRJwMJ.E9D0oJEzUh0";
|
||||||
};
|
};
|
||||||
|
|
||||||
# service accounts
|
# service accounts
|
||||||
"gitlab@infra4future.de".hashedPassword = "$6$8vvkYuxv$9xV5WktsqfgM3cWSxonjtaohm7oqvDC5qsgJCJBATwesjTRxd/QTLa7t7teK8Nzyl.Py26xz.NvYowCZQ4aBE1";
|
"gitlab@infra4future.de".hashedPassword = "$6$8vvkYuxv$9xV5WktsqfgM3cWSxonjtaohm7oqvDC5qsgJCJBATwesjTRxd/QTLa7t7teK8Nzyl.Py26xz.NvYowCZQ4aBE1";
|
||||||
"noreply@infra4future.de".hashedPassword = "$6$uaD8bRcT1$gFqhFyu5RUsyUUOG5b.kN.JAJ1rVHvaYhpeRHoMvrERAMgBu1FHu2oDnjTsy.5NKoLc5xpI5uv4Gpy4YbmDmV.";
|
"noreply@infra4future.de".hashedPassword = "$6$uaD8bRcT1$gFqhFyu5RUsyUUOG5b.kN.JAJ1rVHvaYhpeRHoMvrERAMgBu1FHu2oDnjTsy.5NKoLc5xpI5uv4Gpy4YbmDmV.";
|
||||||
"discuss@infra4future.de".hashedPassword = "$6$8x8/OlMFjq1$S54jdBh7WjrdC6UtbYAHHzMJak7Ai/CjwmWBBbqh7yRHuZt.mfZrsfBNiL3JKBHE7seQ7JYRU99lJKCU6Aujg/";
|
"discuss@infra4future.de".hashedPassword = "$6$8x8/OlMFjq1$S54jdBh7WjrdC6UtbYAHHzMJak7Ai/CjwmWBBbqh7yRHuZt.mfZrsfBNiL3JKBHE7seQ7JYRU99lJKCU6Aujg/";
|
||||||
};
|
};
|
||||||
|
|
||||||
extraVirtualAliases = {
|
extraVirtualAliases = {
|
||||||
# address = forward address;
|
# address = forward address;
|
||||||
"info@hacc.space" = [
|
"info@hacc.space" = [
|
||||||
"hexchen@hacc.space"
|
"hexchen@hacc.space"
|
||||||
"octycs@hacc.space"
|
"octycs@hacc.space"
|
||||||
"raphael@hacc.space"
|
"raphael@hacc.space"
|
||||||
"schweby@hacc.space"
|
"schweby@hacc.space"
|
||||||
"zauberberg@hacc.space"
|
"zauberberg@hacc.space"
|
||||||
"stuebinm@hacc.space"
|
"stuebinm@hacc.space"
|
||||||
"lenny@hacc.space"
|
"lenny@hacc.space"
|
||||||
];
|
];
|
||||||
"himmel@hacc.space" = [
|
"himmel@hacc.space" = [
|
||||||
"hexchen@hacc.space"
|
"hexchen@hacc.space"
|
||||||
"schweby@hacc.space"
|
"schweby@hacc.space"
|
||||||
"zauberberg@hacc.space"
|
"zauberberg@hacc.space"
|
||||||
];
|
];
|
||||||
"admin@hacc.space" = [
|
"admin@hacc.space" = [
|
||||||
"hexchen@hacc.space"
|
"hexchen@hacc.space"
|
||||||
"schweby@hacc.space"
|
"schweby@hacc.space"
|
||||||
"zauberberg@hacc.space"
|
"zauberberg@hacc.space"
|
||||||
];
|
];
|
||||||
"voc@hacc.space" = [
|
"voc@hacc.space" = [
|
||||||
"hexchen@hacc.space"
|
"hexchen@hacc.space"
|
||||||
"schweby@hacc.space"
|
"schweby@hacc.space"
|
||||||
"octycs@hacc.space"
|
"octycs@hacc.space"
|
||||||
"stuebinm@hacc.space"
|
"stuebinm@hacc.space"
|
||||||
"zauberberg@hacc.space"
|
"zauberberg@hacc.space"
|
||||||
"lenny@hacc.space"
|
"lenny@hacc.space"
|
||||||
];
|
];
|
||||||
"vorstand@hacc.space" = [
|
"vorstand@hacc.space" = [
|
||||||
"raphael@hacc.space"
|
"raphael@hacc.space"
|
||||||
"schweby@hacc.space"
|
"schweby@hacc.space"
|
||||||
"zauberberg@hacc.space"
|
"zauberberg@hacc.space"
|
||||||
];
|
];
|
||||||
"mitglieder@hacc.space" = [
|
"mitglieder@hacc.space" = [
|
||||||
"raphael@hacc.space"
|
"raphael@hacc.space"
|
||||||
"schweby@hacc.space"
|
"schweby@hacc.space"
|
||||||
"zauberberg@hacc.space"
|
"zauberberg@hacc.space"
|
||||||
"lenny@hacc.space"
|
"lenny@hacc.space"
|
||||||
"octycs@hacc.space"
|
"octycs@hacc.space"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
hexchen.dns.zones."hacc.space".subdomains."mumble".CNAME = [ "hainich.hacc.space" ];
|
||||||
services.murmur = {
|
services.murmur = {
|
||||||
enable = true;
|
enable = true;
|
||||||
logDays = -1;
|
logDays = -1;
|
||||||
|
|
|
@ -5,5 +5,6 @@ in {
|
||||||
imports = [
|
imports = [
|
||||||
./nftnat
|
./nftnat
|
||||||
./decklink.nix
|
./decklink.nix
|
||||||
|
"${sources.nix-hexchen}/modules/dns"
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -13,6 +13,13 @@ let
|
||||||
extraPath = super.extraPath + ":${pkgs.zfs}/bin";
|
extraPath = super.extraPath + ":${pkgs.zfs}/bin";
|
||||||
});
|
});
|
||||||
|
|
||||||
|
dns = import (pkgs.fetchFromGitHub {
|
||||||
|
owner = "kirelagin";
|
||||||
|
repo = "nix-dns";
|
||||||
|
rev = "v0.3.1";
|
||||||
|
sha256 = "1ykmx6b7al1sh397spnpqis7c9bp0yfmgxxp3v3j7qq45fa5fs09";
|
||||||
|
} + "/dns") { inherit pkgs; };
|
||||||
|
|
||||||
linuxPackagesFor = kernel: (pkgs.linuxPackagesFor kernel).extend (_: ksuper: {
|
linuxPackagesFor = kernel: (pkgs.linuxPackagesFor kernel).extend (_: ksuper: {
|
||||||
decklink = callPackage ./decklink { kernel = ksuper.kernel; };
|
decklink = callPackage ./decklink { kernel = ksuper.kernel; };
|
||||||
});
|
});
|
||||||
|
|
69
services/dns/default.nix
Normal file
69
services/dns/default.nix
Normal file
|
@ -0,0 +1,69 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
hexchen.deploy.groups = [ "dns" ];
|
||||||
|
services.kresd.enable = lib.mkForce false;
|
||||||
|
hexchen.dns = {
|
||||||
|
enable = true;
|
||||||
|
dnssec = {
|
||||||
|
enable = true;
|
||||||
|
doSplitSigning = true;
|
||||||
|
};
|
||||||
|
symlinkZones = true;
|
||||||
|
allZones = with pkgs.dns.combinators; let
|
||||||
|
common = {
|
||||||
|
SOA = {
|
||||||
|
nameServer = "ns1.infra4future.de.";
|
||||||
|
adminEmail = "admin@infra4future.de";
|
||||||
|
serial = 2020022102;
|
||||||
|
};
|
||||||
|
} // delegateTo [ "ns1.infra4future.de." "ns2.infra4future.de." ];
|
||||||
|
|
||||||
|
pages = a "95.217.84.3";
|
||||||
|
minecraftSRV = port: target: { service = "minecraft"; proto = "tcp"; inherit port target; };
|
||||||
|
|
||||||
|
allZones = config.hexchen.dns.allZones;
|
||||||
|
in {
|
||||||
|
"infra4future.de" = common // {
|
||||||
|
A = [ pages ];
|
||||||
|
subdomains = {
|
||||||
|
libocedrus.A = [ (a "95.217.84.23") ];
|
||||||
|
|
||||||
|
www.CNAME = [ (cname "hacc.4future.dev") ];
|
||||||
|
|
||||||
|
auth.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
cloud.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
discuss.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
listmonk.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
mattermost.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
onlyoffice.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
survey.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
wiki.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
|
||||||
|
gitlab.CNAME = [ (cname "libocedrus.infra4future.de.") ];
|
||||||
|
registry.CNAME = [ (cname "gitlab.infra4future.de.") ];
|
||||||
|
ssh.CNAME = [ (cname "gitlab.infra4future.de.") ];
|
||||||
|
|
||||||
|
"_gitlab-pages-verification-code".TXT = [ "gitlab-pages-verification-code=3d9e1d733851cd8f7178330b62a5b783" ];
|
||||||
|
"_gitlab-pages-verification-code.www".TXT = [ "gitlab-pages-verification-code=c0472d3d954e4586def9b20a237aa141" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"hacc.space" = common // {
|
||||||
|
inherit (allZones."infra4future.de".subdomains.libocedrus) A;
|
||||||
|
subdomains = {
|
||||||
|
wink.CNAME = [ (cname "infra4future.de.") ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"4future.dev" = common // {
|
||||||
|
A = [ pages ];
|
||||||
|
SRV = [ (minecraftSRV 25565 "minecraft.4future.dev.") ];
|
||||||
|
subdomains = {
|
||||||
|
"*".CNAME = [ (cname "libocedrus.4future.dev.") ];
|
||||||
|
libocedrus.A = [ pages ];
|
||||||
|
|
||||||
|
minecraft.A = [ (a "95.217.84.23") ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue