{ config, lib, pkgs, ... }: { hexchen.deploy.groups = [ "dns" ]; services.kresd.enable = lib.mkForce false; hexchen.dns = { enable = true; dnssec = { enable = true; doSplitSigning = true; }; symlinkZones = true; allZones = with pkgs.dns.combinators; let common = { SOA = { nameServer = "ns1.infra4future.de."; adminEmail = "admin@infra4future.de"; serial = 2020022102; }; } // delegateTo [ "ns1.infra4future.de." "ns2.infra4future.de." ]; pages = a "95.217.84.3"; minecraftSRV = port: target: { service = "minecraft"; proto = "tcp"; inherit port target; }; allZones = config.hexchen.dns.allZones; in { "infra4future.de" = common // { A = [ pages ]; subdomains = { libocedrus.A = [ (a "95.217.84.23") ]; www.CNAME = [ (cname "hacc.4future.dev") ]; auth.CNAME = [ (cname "libocedrus.infra4future.de.") ]; cloud.CNAME = [ (cname "libocedrus.infra4future.de.") ]; discuss.CNAME = [ (cname "libocedrus.infra4future.de.") ]; listmonk.CNAME = [ (cname "libocedrus.infra4future.de.") ]; mattermost.CNAME = [ (cname "libocedrus.infra4future.de.") ]; onlyoffice.CNAME = [ (cname "libocedrus.infra4future.de.") ]; survey.CNAME = [ (cname "libocedrus.infra4future.de.") ]; wiki.CNAME = [ (cname "libocedrus.infra4future.de.") ]; gitlab.CNAME = [ (cname "libocedrus.infra4future.de.") ]; registry.CNAME = [ (cname "gitlab.infra4future.de.") ]; ssh.CNAME = [ (cname "gitlab.infra4future.de.") ]; "_gitlab-pages-verification-code".TXT = [ "gitlab-pages-verification-code=3d9e1d733851cd8f7178330b62a5b783" ]; "_gitlab-pages-verification-code.www".TXT = [ "gitlab-pages-verification-code=c0472d3d954e4586def9b20a237aa141" ]; }; }; "hacc.space" = common // { inherit (allZones."infra4future.de".subdomains.libocedrus) A; subdomains = { wink.CNAME = [ (cname "infra4future.de.") ]; }; }; "4future.dev" = common // { A = [ pages ]; SRV = [ (minecraftSRV 25565 "minecraft.4future.dev.") ]; subdomains = { "*".CNAME = [ (cname "libocedrus.4future.dev.") ]; libocedrus.A = [ pages ]; minecraft.A = [ (a "95.217.84.23") ]; }; }; }; }; }