diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-05-30 16:53:54 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-05-30 16:53:54 +0200 |
commit | 00cfeb8a7b483bda6a9cddbaf9b5c84b996b2e21 (patch) | |
tree | e0d0cbc56a3e05de0ff25ecc674beb403aed7f4d /hosts | |
parent | 42346a2cfe1e051948d4a54b97813fae046ea7f2 (diff) | |
download | nixos-00cfeb8a7b483bda6a9cddbaf9b5c84b996b2e21.tar nixos-00cfeb8a7b483bda6a9cddbaf9b5c84b996b2e21.tar.gz nixos-00cfeb8a7b483bda6a9cddbaf9b5c84b996b2e21.tar.bz2 nixos-00cfeb8a7b483bda6a9cddbaf9b5c84b996b2e21.tar.xz nixos-00cfeb8a7b483bda6a9cddbaf9b5c84b996b2e21.zip |
acme@surtr: ...
Diffstat (limited to 'hosts')
-rw-r--r-- | hosts/surtr/dns/zones/org.rheperire.soa | 7 | ||||
-rw-r--r-- | hosts/surtr/tls.nix | 2 |
2 files changed, 2 insertions, 7 deletions
diff --git a/hosts/surtr/dns/zones/org.rheperire.soa b/hosts/surtr/dns/zones/org.rheperire.soa index f6903d4f..8d6528ca 100644 --- a/hosts/surtr/dns/zones/org.rheperire.soa +++ b/hosts/surtr/dns/zones/org.rheperire.soa | |||
@@ -1,7 +1,7 @@ | |||
1 | $ORIGIN rheperire.org. | 1 | $ORIGIN rheperire.org. |
2 | $TTL 3600 | 2 | $TTL 3600 |
3 | @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( | 3 | @ IN SOA ns.yggdrasil.li. root.yggdrasil.li. ( |
4 | 2021053004 ; serial | 4 | 2021053006 ; serial |
5 | 10800 ; refresh | 5 | 10800 ; refresh |
6 | 3600 ; retry | 6 | 3600 ; retry |
7 | 604800 ; expire | 7 | 604800 ; expire |
@@ -21,8 +21,3 @@ $TTL 3600 | |||
21 | * IN AAAA 2a03:4000:6:d004:: | 21 | * IN AAAA 2a03:4000:6:d004:: |
22 | * IN MX 0 ymir.yggdrasil.li. | 22 | * IN MX 0 ymir.yggdrasil.li. |
23 | * IN TXT "v=spf1 redirect=yggdrasil.li" | 23 | * IN TXT "v=spf1 redirect=yggdrasil.li" |
24 | |||
25 | _acme-challenge IN A 188.68.51.254 | ||
26 | _acme-challenge IN AAAA 2a03:4000:6:d004:: | ||
27 | _acme-challenge IN MX 0 ymir.yggdrasil.li. | ||
28 | _acme-challenge 60 IN TXT "v=spf1 redirect=yggdrasil.li" | ||
diff --git a/hosts/surtr/tls.nix b/hosts/surtr/tls.nix index 73aaba07..cc868f45 100644 --- a/hosts/surtr/tls.nix +++ b/hosts/surtr/tls.nix | |||
@@ -4,7 +4,6 @@ let | |||
4 | 4 | ||
5 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' | 5 | knotDNSCredentials = zone: pkgs.writeText "lego-credentials" '' |
6 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh | 6 | EXEC_PATH=${knotDNSExec zone}/bin/update-dns.sh |
7 | EXEC_PROPAGATION_TIMEOUT=600 | ||
8 | ''; | 7 | ''; |
9 | knotDNSExec = zone: pkgs.writeScriptBin "update-dns.sh" '' | 8 | knotDNSExec = zone: pkgs.writeScriptBin "update-dns.sh" '' |
10 | #!${pkgs.zsh}/bin/zsh -xe | 9 | #!${pkgs.zsh}/bin/zsh -xe |
@@ -50,6 +49,7 @@ in { | |||
50 | extraDomainNames = [ "*.rheperire.org" ]; | 49 | extraDomainNames = [ "*.rheperire.org" ]; |
51 | dnsProvider = "exec"; | 50 | dnsProvider = "exec"; |
52 | credentialsFile = knotDNSCredentials "rheperire.org"; | 51 | credentialsFile = knotDNSCredentials "rheperire.org"; |
52 | dnsPropagationCheck = false; | ||
53 | }; | 53 | }; |
54 | }; | 54 | }; |
55 | }; | 55 | }; |