From fb2407ce2363d4bbf70917aab24d3d9e988f581d Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 29 May 2021 16:05:38 +0200
Subject: knot@surtr: yggdrasil.li
---
hosts/surtr/dns/default.nix | 23 ++++++++++++++
hosts/surtr/dns/zones/li.yggdrasil.soa | 56 +++++++++++++++++++++++++++++++++
hosts/surtr/dns/zones/org.praseodym.soa | 43 +++++++++++++++++++++++++
3 files changed, 122 insertions(+)
create mode 100644 hosts/surtr/dns/default.nix
create mode 100644 hosts/surtr/dns/zones/li.yggdrasil.soa
create mode 100644 hosts/surtr/dns/zones/org.praseodym.soa
(limited to 'hosts/surtr/dns')
diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix
new file mode 100644
index 00000000..59214339
--- /dev/null
+++ b/hosts/surtr/dns/default.nix
@@ -0,0 +1,23 @@
+{...}:
+{
+ config = {
+ fileSystems."/var/lib/knot" =
+ { device = "surtr/safe/var-lib-knot";
+ fsType = "zfs";
+ };
+
+ services.knot = {
+ enable = true;
+ extraConfig = ''
+ server:
+ listen: 0.0.0.0@53
+ listen: ::@53
+
+ zone:
+ - domain: yggdrasil.li
+ file: ${./zones/li.yggdrasil.soa}
+ semantic-checks: on
+ '';
+ };
+ };
+}
diff --git a/hosts/surtr/dns/zones/li.yggdrasil.soa b/hosts/surtr/dns/zones/li.yggdrasil.soa
new file mode 100644
index 00000000..81e7ccfd
--- /dev/null
+++ b/hosts/surtr/dns/zones/li.yggdrasil.soa
@@ -0,0 +1,56 @@
+$ORIGIN yggdrasil.li.
+$TTL 3600
+@ IN SOA ns.yggdrasil.li. root.yggdrasil.li. (
+ 2021052900 ; serial
+ 10800 ; refresh
+ 3600 ; retry
+ 604800 ; expire
+ 3600 ; min TTL
+)
+ IN NS ns.yggdrasil.li.
+ IN NS ns.inwx.de.
+ IN NS ns2.inwx.de.
+ IN NS ns3.inwx.eu.
+
+ns IN A 202.61.241.61
+ns IN AAAA 2a03:4000:52:ada::
+
+@ IN A 188.68.51.254
+@ IN AAAA 2a03:4000:6:d004::
+@ IN MX 0 ymir.yggdrasil.li.
+@ IN TXT "v=spf1 a:mailout.yggdrasil.li -all"
+
+* IN A 188.68.51.254
+* IN AAAA 2a03:4000:6:d004::
+* IN MX 0 ymir.yggdrasil.li.
+* IN TXT "v=spf1 redirect=yggdrasil.li"
+
+ymir IN A 188.68.51.254
+ymir IN AAAA 2a03:4000:6:d004::
+ymir IN MX 0 ymir.yggdrasil.li.
+ymir IN TXT "v=spf1 redirect=yggdrasil.li"
+
+surtr IN A 202.61.241.61
+surtr IN AAAA 2a03:4000:52:ada::
+surtr IN MX 0 ymir.yggdrasil.li
+surtr IN TXT "v=spf1 redirect=ullr.yggdrasil.li"
+
+mailout IN A 188.68.51.254
+mailout IN AAAA 2a03:4000:6:d004::
+mailout IN MX 0 ymir.yggdrasil.li
+mailout IN TXT "v=spf1 redirect=yggdrasil.li"
+
+ymir._domainkey IN TXT (
+ "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2"
+ "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24"
+ "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ=="
+)
+
+_xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li.
+_xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li.
+
+_infinoted._tcp IN SRV 5 0 6523 ymir.yggdrasil.li.
+
+_submission._tcp IN SRV 5 0 25 ymir.yggdrasil.li.
+_imap._tcp IN SRV 5 0 143 ymir.yggdrasil.li.
+_imaps._tcp IN SRV 5 0 993 ymir.yggdrasil.li.
diff --git a/hosts/surtr/dns/zones/org.praseodym.soa b/hosts/surtr/dns/zones/org.praseodym.soa
new file mode 100644
index 00000000..3b946641
--- /dev/null
+++ b/hosts/surtr/dns/zones/org.praseodym.soa
@@ -0,0 +1,43 @@
+$ORIGIN praseodym.org.
+$TTL 3600
+@ IN SOA ns.yggdrasil.li. root.yggdrasil.li. (
+ 2021051520 ; serial
+ 10800 ; refresh
+ 3600 ; retry
+ 604800 ; expire
+ 3600 ; min TTL
+)
+ IN NS ns.yggdrasil.li.
+ IN NS ns.inwx.de.
+ IN NS ns2.inwx.de.
+ IN NS ns3.inwx.eu.
+
+@ IN A 188.68.51.254
+@ IN AAAA 2a03:4000:6:d004::
+@ IN MX 0 ymir.yggdrasil.li.
+@ IN TXT "v=spf1 redirect=yggdrasil.li"
+
+* IN A 188.68.51.254
+* IN AAAA 2a03:4000:6:d004::
+* IN MX 0 ymir.yggdrasil.li.
+* IN TXT "v=spf1 redirect=yggdrasil.li"
+
+surtr IN A 202.61.241.61
+surtr IN AAAA 2a03:4000:52:ada::
+surtr IN MX 0 ymir.yggdrasil.li
+surtr IN TXT "v=spf1 redirect=ullr.yggdrasil.li"
+
+ymir._domainkey IN TXT (
+ "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq3cCKlk+VPhyAanLZTM0BCzUT/+fmxHioZcFk0uJk1akBYj7BRofR7eVNcLKpm3rwYMQgE+9vJH9p8SV6tws9EcWc8SMCqqGZlREYM7PmLDiTSK/vjCzkygfgFCb0EBNsY2A/fpP4rTeoxrbcBSvMkq97iY5rwyw4wXZVZXLiDaCj23s8POoxTk1ClqUJZJQ5x2"
+ "qzrC0RfN5kLZ9A7Gq2jB09vNxpXHYqABA0bJv88JiZM7hfkp9IafJZ+yCVMaBcJs4DAxnTjNAuFD9gm+qSFVY8+yeXqL6Qjo5PbruhyZRBW8RgRYT8t5n07XRglMGKKGMwOGLanrltcyXqB+GsDZBD36RAAwjFadnxdpDyRv4SgRP7ff2tKRrORYpmpN+mKdqw5j3J/nP6bXV1oAkyh9XQkPEIDi81WT87EZziTElDzVp6A2qFOxqucAovoRk24"
+ "7vlsns1FApFRsp9mja0UZNObyKD1M6tP9Ep7lS76tFGMk+WDvXRJH5LEsyCpu7sSyl1r/O0M4K+KldRCqLlZd7rf8F5P8T0dn1azk05g7F4p0N/y9GNdzXbPZ9u0eZdI7SEdh8ZoOZp7NVZiBFfbWLSS5ZtyA2kbBa4i7GJ/cuAbEKOmqAkeQPiu96TGIcyjkXjS6mTPI+9UmKZYZC+OM8XdJ02y5KRoonCc19ZS8CAwEAAQ=="
+)
+
+_xmpp-client._tcp IN SRV 5 0 5222 ymir.yggdrasil.li.
+_xmpp-server._tcp IN SRV 5 0 5269 ymir.yggdrasil.li.
+
+_infinoted._tcp IN SRV 5 0 6523 ymir.yggdrasil.li.
+
+_submission._tcp IN SRV 5 0 25 ymir.yggdrasil.li.
+_imap._tcp IN SRV 5 0 143 ymir.yggdrasil.li.
+_imaps._tcp IN SRV 5 0 993 ymir.yggdrasil.li.
--
cgit v1.2.3