summaryrefslogtreecommitdiff
path: root/hosts/surtr
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-05-29 16:05:38 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-05-29 16:05:38 +0200
commitfb2407ce2363d4bbf70917aab24d3d9e988f581d (patch)
tree64357573abfe4ef5e47e210f7f0d582ce6e5b1b3 /hosts/surtr
parent48aae1ea5ae04de880d608e3b64a3f68859d6f11 (diff)
downloadnixos-fb2407ce2363d4bbf70917aab24d3d9e988f581d.tar
nixos-fb2407ce2363d4bbf70917aab24d3d9e988f581d.tar.gz
nixos-fb2407ce2363d4bbf70917aab24d3d9e988f581d.tar.bz2
nixos-fb2407ce2363d4bbf70917aab24d3d9e988f581d.tar.xz
nixos-fb2407ce2363d4bbf70917aab24d3d9e988f581d.zip
knot@surtr: yggdrasil.li
Diffstat (limited to 'hosts/surtr')
-rw-r--r--hosts/surtr/default.nix2
-rw-r--r--hosts/surtr/dns/default.nix23
-rw-r--r--hosts/surtr/dns/zones/li.yggdrasil.soa56
-rw-r--r--hosts/surtr/dns/zones/org.praseodym.soa43
4 files changed, 123 insertions, 1 deletions
diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix
index 8cbb51ef..828f3361 100644
--- a/hosts/surtr/default.nix
+++ b/hosts/surtr/default.nix
@@ -1,7 +1,7 @@
1{ flake, pkgs, ... }: 1{ flake, pkgs, ... }:
2{ 2{
3 imports = with flake.nixosModules.systemProfiles; [ 3 imports = with flake.nixosModules.systemProfiles; [
4 qemu-guest openssh rebuild-machines ./zfs.nix 4 qemu-guest openssh rebuild-machines ./zfs.nix ./dns
5 ]; 5 ];
6 6
7 config = { 7 config = {
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix
new file mode 100644
index 00000000..59214339
--- /dev/null
+++ b/hosts/surtr/dns/default.nix
@@ -0,0 +1,23 @@
1{...}:
2{
3 config = {
4 fileSystems."/var/lib/knot" =
5 { device = "surtr/safe/var-lib-knot";
6 fsType = "zfs";
7 };
8
9 services.knot = {
10 enable = true;
11 extraConfig = ''
12 server:
13 listen: 0.0.0.0@53
14 listen: ::@53
15
16 zone:
17 - domain: yggdrasil.li
18 file: ${./zones/li.yggdrasil.soa}
19 semantic-checks: on
20 '';
21 };
22 };
23}
diff --git a/hosts/surtr/dns/zones/li.yggdrasil.soa b/hosts/surtr/dns/zones/li.yggdrasil.soa
new file mode 100644
index 00000000..81e7ccfd
--- /dev/null
+++ b/hosts/surtr/dns/zones/li.yggdrasil.soa
@@ -0,0 +1,56 @@
1$ORIGIN yggdrasil.li.
2$TTL 3600
3@ IN SOA ns.yggdrasil.li. root.yggdrasil.li. (
4 2021052900 ; serial
5 10800 ; refresh
6 3600 ; retry
7 604800 ; expire
8 3600 ; min TTL
9)
10 IN NS ns.yggdrasil.li.
11 IN NS ns.inwx.de.
12 IN NS ns2.inwx.de.
13 IN NS ns3.inwx.eu.
14
15ns IN A 202.61.241.61
16ns IN AAAA 2a03:4000:52:ada::
17
18@ IN A 188.68.51.254
19@ IN AAAA 2a03:4000:6:d004::
20@ IN MX 0 ymir.yggdrasil.li.
21@ IN TXT "v=spf1 a:mailout.yggdrasil.li -all"
22
23* IN A 188.68.51.254
24* IN AAAA 2a03:4000:6:d004::
25* IN MX 0 ymir.yggdrasil.li.
26* IN TXT "v=spf1 redirect=yggdrasil.li"
27
28ymir IN A 188.68.51.254
29ymir IN AAAA 2a03:4000:6:d004::
30ymir IN MX 0 ymir.yggdrasil.li.
31ymir IN TXT "v=spf1 redirect=yggdrasil.li"
32
33surtr IN A 202.61.241.61
34surtr IN AAAA 2a03:4000:52:ada::
35surtr IN MX 0 ymir.yggdrasil.li
36surtr IN TXT "v=spf1 redirect=ullr.yggdrasil.li"
37
38mailout IN A 188.68.51.254
39mailout IN AAAA 2a03:4000:6:d004::
40mailout IN MX 0 ymir.yggdrasil.li
41mailout IN TXT "v=spf1 redirect=yggdrasil.li"
42
43ymir._domainkey IN TXT (
44 "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2"
45 "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24"
46 "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ=="
47)
48
49_xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li.
50_xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li.
51
52_infinoted._tcp IN SRV 5 0 6523 ymir.yggdrasil.li.
53
54_submission._tcp IN SRV 5 0 25 ymir.yggdrasil.li.
55_imap._tcp IN SRV 5 0 143 ymir.yggdrasil.li.
56_imaps._tcp IN SRV 5 0 993 ymir.yggdrasil.li.
diff --git a/hosts/surtr/dns/zones/org.praseodym.soa b/hosts/surtr/dns/zones/org.praseodym.soa
new file mode 100644
index 00000000..3b946641
--- /dev/null
+++ b/hosts/surtr/dns/zones/org.praseodym.soa
@@ -0,0 +1,43 @@
1$ORIGIN praseodym.org.
2$TTL 3600
3@ IN SOA ns.yggdrasil.li. root.yggdrasil.li. (
4 2021051520 ; serial
5 10800 ; refresh
6 3600 ; retry
7 604800 ; expire
8 3600 ; min TTL
9)
10 IN NS ns.yggdrasil.li.
11 IN NS ns.inwx.de.
12 IN NS ns2.inwx.de.
13 IN NS ns3.inwx.eu.
14
15@ IN A 188.68.51.254
16@ IN AAAA 2a03:4000:6:d004::
17@ IN MX 0 ymir.yggdrasil.li.
18@ IN TXT "v=spf1 redirect=yggdrasil.li"
19
20* IN A 188.68.51.254
21* IN AAAA 2a03:4000:6:d004::
22* IN MX 0 ymir.yggdrasil.li.
23* IN TXT "v=spf1 redirect=yggdrasil.li"
24
25surtr IN A 202.61.241.61
26surtr IN AAAA 2a03:4000:52:ada::
27surtr IN MX 0 ymir.yggdrasil.li
28surtr IN TXT "v=spf1 redirect=ullr.yggdrasil.li"
29
30ymir._domainkey IN TXT (
31 "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2"
32 "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24"
33 "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ=="
34)
35
36_xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li.
37_xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li.
38
39_infinoted._tcp IN SRV 5 0 6523 ymir.yggdrasil.li.
40
41_submission._tcp IN SRV 5 0 25 ymir.yggdrasil.li.
42_imap._tcp IN SRV 5 0 143 ymir.yggdrasil.li.
43_imaps._tcp IN SRV 5 0 993 ymir.yggdrasil.li.