summaryrefslogtreecommitdiff
path: root/hosts/surtr/dns
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-05-29 16:22:38 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-05-29 16:22:38 +0200
commitc92b33218b4d2912a5aea6e4456df64e4d292336 (patch)
tree64bbd18b7e44c4a99db419107d78dfdbc9554154 /hosts/surtr/dns
parent413560c0013755b47fffb94a2b05af8bb1deb230 (diff)
downloadnixos-c92b33218b4d2912a5aea6e4456df64e4d292336.tar
nixos-c92b33218b4d2912a5aea6e4456df64e4d292336.tar.gz
nixos-c92b33218b4d2912a5aea6e4456df64e4d292336.tar.bz2
nixos-c92b33218b4d2912a5aea6e4456df64e4d292336.tar.xz
nixos-c92b33218b4d2912a5aea6e4456df64e4d292336.zip
knot@surtr: yggdrasil.li dnssec
Diffstat (limited to 'hosts/surtr/dns')
-rw-r--r--hosts/surtr/dns/default.nix8
1 files changed, 8 insertions, 0 deletions
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix
index 23edfab5..5afdfedf 100644
--- a/hosts/surtr/dns/default.nix
+++ b/hosts/surtr/dns/default.nix
@@ -15,10 +15,18 @@
15 listen: 202.61.241.61@53 15 listen: 202.61.241.61@53
16 listen: 2a03:4000:52:ada::@53 16 listen: 2a03:4000:52:ada::@53
17 17
18 policy:
19 - id: rsa
20 algorithm: RSASHA256
21 ksk-size: 4096
22 zsk-size: 2048
23 zsk-lifetime: 30d
24
18 zone: 25 zone:
19 - domain: yggdrasil.li 26 - domain: yggdrasil.li
20 file: ${./zones/li.yggdrasil.soa} 27 file: ${./zones/li.yggdrasil.soa}
21 semantic-checks: on 28 semantic-checks: on
29 dnssec-signing: on
22 ''; 30 '';
23 }; 31 };
24 }; 32 };