1 files changed, 29 insertions, 28 deletions
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix
index 31c02196..ca6a2aed 100644
--- a/hosts/surtr/dns/default.nix
+++ b/hosts/surtr/dns/default.nix
@@ -27,23 +27,24 @@
          listen: 2a03:4000:52:ada::@53
        remote:
-          - id: "inwx_notify"
+          - id: inwx_notify
            address: 185.181.104.96@53
        acl:
-          - id: "inwx_acl"
+          - id: inwx_acl
            address: 185.181.104.96
            action: transfer
        template:
-          - id: "inwx_zone"
+          - id: inwx_zone
            storage: /var/lib/knot
            zonefile-sync: -1
            zonefile-load: difference-no-serial
+            journal-content: all
            semantic-checks: on
            dnssec-signing: on
-            notify: ["inwx_notify"]
+            notify: [inwx_notify]
-            acl: ["inwx_acl"]
+            acl: [inwx_acl]
        policy:
          - id: rsa
@@ -53,36 +54,36 @@
            zsk-lifetime: 30d
        zone:
-          - template: "inwx_zone"
+          - domain: yggdrasil.li
-            domain: yggdrasil.li
+            template: inwx_zone
            file: ${./zones/li.yggdrasil.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: nights.email
-            domain: nights.email
+            template: inwx_zone
            file: ${./zones/email.nights.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: 141.li
-            domain: 141.li
+            template: inwx_zone
            file: ${./zones/li.141.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: kleen.li
-            domain: kleen.li
+            template: inwx_zone
            file: ${./zones/li.kleen.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: xmpp.li
-            domain: xmpp.li
+            template: inwx_zone
            file: ${./zones/li.xmpp.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: dirty-haskell.org
-            domain: dirty-haskell.org
+            template: inwx_zone
            file: ${./zones/org.dirty-haskell.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: praseodym.org
-            domain: praseodym.org
+            template: inwx_zone
            file: ${./zones/org.praseodym.soa}
-        zone:
-          - template: "inwx_zone"
+          - domain: rheperire.org
-            domain: rheperire.org
+            template: inwx_zone
            file: ${./zones/org.rheperire.soa}
      '';
    };

diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix index 31c02196..ca6a2aed 100644 --- a/hosts/surtr/dns/default.nix +++ b/hosts/surtr/dns/default.nix
@@ -27,23 +27,24 @@
27	listen: 2a03:4000:52:ada::@53	27	listen: 2a03:4000:52:ada::@53
28		28
29	remote:	29	remote:
30	- id: "inwx_notify"	30	- id: inwx_notify
31	address: 185.181.104.96@53	31	address: 185.181.104.96@53
32		32
33	acl:	33	acl:
34	- id: "inwx_acl"	34	- id: inwx_acl
35	address: 185.181.104.96	35	address: 185.181.104.96
36	action: transfer	36	action: transfer
37		37
38	template:	38	template:
39	- id: "inwx_zone"	39	- id: inwx_zone
40	storage: /var/lib/knot	40	storage: /var/lib/knot
41	zonefile-sync: -1	41	zonefile-sync: -1
42	zonefile-load: difference-no-serial	42	zonefile-load: difference-no-serial
		43	journal-content: all
43	semantic-checks: on	44	semantic-checks: on
44	dnssec-signing: on	45	dnssec-signing: on
45	notify: ["inwx_notify"]	46	notify: [inwx_notify]
46	acl: ["inwx_acl"]	47	acl: [inwx_acl]
47		48
48	policy:	49	policy:
49	- id: rsa	50	- id: rsa
@@ -53,36 +54,36 @@
53	zsk-lifetime: 30d	54	zsk-lifetime: 30d
54		55
55	zone:	56	zone:
56	- template: "inwx_zone"	57	- domain: yggdrasil.li
57	domain: yggdrasil.li	58	template: inwx_zone
58	file: ${./zones/li.yggdrasil.soa}	59	file: ${./zones/li.yggdrasil.soa}
59	zone:	60
60	- template: "inwx_zone"	61	- domain: nights.email
61	domain: nights.email	62	template: inwx_zone
62	file: ${./zones/email.nights.soa}	63	file: ${./zones/email.nights.soa}
63	zone:	64
64	- template: "inwx_zone"	65	- domain: 141.li
65	domain: 141.li	66	template: inwx_zone
66	file: ${./zones/li.141.soa}	67	file: ${./zones/li.141.soa}
67	zone:	68
68	- template: "inwx_zone"	69	- domain: kleen.li
69	domain: kleen.li	70	template: inwx_zone
70	file: ${./zones/li.kleen.soa}	71	file: ${./zones/li.kleen.soa}
71	zone:	72
72	- template: "inwx_zone"	73	- domain: xmpp.li
73	domain: xmpp.li	74	template: inwx_zone
74	file: ${./zones/li.xmpp.soa}	75	file: ${./zones/li.xmpp.soa}
75	zone:	76
76	- template: "inwx_zone"	77	- domain: dirty-haskell.org
77	domain: dirty-haskell.org	78	template: inwx_zone
78	file: ${./zones/org.dirty-haskell.soa}	79	file: ${./zones/org.dirty-haskell.soa}
79	zone:	80
80	- template: "inwx_zone"	81	- domain: praseodym.org
81	domain: praseodym.org	82	template: inwx_zone
82	file: ${./zones/org.praseodym.soa}	83	file: ${./zones/org.praseodym.soa}
83	zone:	84
84	- template: "inwx_zone"	85	- domain: rheperire.org
85	domain: rheperire.org	86	template: inwx_zone
86	file: ${./zones/org.rheperire.soa}	87	file: ${./zones/org.rheperire.soa}
87	'';	88	'';
88	};	89	};