diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-05-30 17:11:23 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-05-30 17:11:23 +0200 |
commit | 93b09ca9798e7514fa5937e8163916e826c5e7d5 (patch) | |
tree | 16e146640fe9c2b79b9ae5852b97185a46588246 | |
parent | 3a4f35dc5b9725b970471e2546fe81bc7885e267 (diff) | |
download | nixos-93b09ca9798e7514fa5937e8163916e826c5e7d5.tar nixos-93b09ca9798e7514fa5937e8163916e826c5e7d5.tar.gz nixos-93b09ca9798e7514fa5937e8163916e826c5e7d5.tar.bz2 nixos-93b09ca9798e7514fa5937e8163916e826c5e7d5.tar.xz nixos-93b09ca9798e7514fa5937e8163916e826c5e7d5.zip |
acme@surtr: ...
-rw-r--r-- | hosts/surtr/dns/zones/org.rheperire.soa | 4 | ||||
-rw-r--r-- | hosts/surtr/tls.nix | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/hosts/surtr/dns/zones/org.rheperire.soa b/hosts/surtr/dns/zones/org.rheperire.soa index b36b7b6d..7b6b6988 100644 --- a/hosts/surtr/dns/zones/org.rheperire.soa +++ b/hosts/surtr/dns/zones/org.rheperire.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN rheperire.org. | 1 | $ORIGIN rheperire.org. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( | 3 | @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( |
4 | 2021053007 ; serial | 4 | 2021053008 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -25,4 +25,4 @@ $TTL 3600 | |||
25 | _acme-challenge IN A 188.68.51.254 | 25 | _acme-challenge IN A 188.68.51.254 |
26 | _acme-challenge IN AAAA 2a03:4000:6:d004:: | 26 | _acme-challenge IN AAAA 2a03:4000:6:d004:: |
27 | _acme-challenge IN MX 0 ymir.yggdrasil.li. | 27 | _acme-challenge IN MX 0 ymir.yggdrasil.li. |
28 | _acme-challenge 60 IN TXT "v=spf1 redirect=yggdrasil.li" | 28 | _acme-challenge 30 IN TXT "v=spf1 redirect=yggdrasil.li" |
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix index 259202bb..d087c9f5 100644 --- a/hosts/surtr/tls.nix +++ b/hosts/surtr/tls.nix | |||
@@ -5,7 +5,7 @@ let | |||
5 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' | 5 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' |
6 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh | 6 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh |
7 | EXEC_PROPAGATION_TIMEOUT=60 | 7 | EXEC_PROPAGATION_TIMEOUT=60 |
8 | EXEC_POLLING_INTERVAL=10 | 8 | EXEC_POLLING_INTERVAL=5 |
9 | ''; | 9 | ''; |
10 | knotDNSExec = zone: pkgs.writeScriptBin "update-dns.sh" '' | 10 | knotDNSExec = zone: pkgs.writeScriptBin "update-dns.sh" '' |
11 | #!${pkgs.zsh}/bin/zsh -xe | 11 | #!${pkgs.zsh}/bin/zsh -xe |
@@ -20,7 +20,7 @@ let | |||
20 | 20 | ||
21 | case "''${mode}" in | 21 | case "''${mode}" in |
22 | present) | 22 | present) |
23 | ${knotCfg.cliWrappers}/bin/knotc zone-set ${zone} "''${owner}" 60 TXT "''${challenge}" | 23 | ${knotCfg.cliWrappers}/bin/knotc zone-set ${zone} "''${owner}" 30 TXT "''${challenge}" |
24 | ;; | 24 | ;; |
25 | cleanup) | 25 | cleanup) |
26 | ${knotCfg.cliWrappers}/bin/knotc zone-unset ${zone} "''${owner}" TXT "''${challenge}" | 26 | ${knotCfg.cliWrappers}/bin/knotc zone-unset ${zone} "''${owner}" TXT "''${challenge}" |