nixos-servers/nix/modules/networking/dmz_services/zones/kun.is.nix
2024-03-21 23:21:25 +01:00

63 lines
1.2 KiB
Nix

{ config, dns, ... }:
with dns.lib.combinators;
let
cfg = config.lab.networking;
in
{
CAA = letsEncrypt "caa@kun.is";
SOA = {
nameServer = "ns1";
adminEmail = "webmaster@kun.is";
serial = 2024021702;
};
NS = [
"ns1.kun.is."
"ns2.kun.is."
];
MX = [
(mx.mx 10 "mail.kun.is.")
];
TXT = [
(with spf; soft [ "include:spf.glasnet.nl" ])
];
subdomains = rec {
"*" = host cfg.public.ipv4.router cfg.dmz.ipv6.dockerSwarm;
ns = host cfg.public.ipv4.router cfg.dmz.ipv6.services;
ns1 = ns;
ns2 = ns;
# Override because we don't support IPv6 for Git SSH.
git = {
A = [ cfg.public.ipv4.router ];
AAAA = [ ];
};
# Override because we don't support IPv6 for KMS.
kms = {
A = [ cfg.public.ipv4.router ];
AAAA = [ ];
};
# Override because wg is on opnsense so ipv6 differs from "cfg.dmz.ipv6.services"
wg = host cfg.public.ipv4.router cfg.dmz.ipv6.router;
#for SMTP2GO to be able send emails from kun.is domain
em670271 = {
CNAME = [ "return.smtp2go.net." ];
};
"s670271._domainkey" = {
CNAME = [ "dkim.smtp2go.net." ];
};
link = {
CNAME = [ "track.smtp2go.net." ];
};
};
}