From ecee0dcdc0886ec2ad0558d1211b00f2ec2194a2 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Mon, 14 Feb 2022 20:04:46 +0100
Subject: ...

---
 hosts/surtr/dns/default.nix | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'hosts')

diff --git a/hosts/surtr/dns/default.nix b/hosts/surtr/dns/default.nix
index 4a1b2482..eb4dbe13 100644
--- a/hosts/surtr/dns/default.nix
+++ b/hosts/surtr/dns/default.nix
@@ -36,6 +36,18 @@
             secret-lifetime: 4h
             badcookie-slip: 1
 
+        policy:
+          - id: rsa2048
+            algorithm: rsasha256
+            ksk-size: 4096
+            zsk-size: 2048
+            zsk-lifetime: 30d
+          - id: ed25519
+            algorithm: ed25519
+            nsec3: on
+            ksk-lifetime: 360d
+            signing-threads: 2
+
         template:
           - id: default
             global-module: [mod-cookies/default, mod-rrl/default]
@@ -51,18 +63,6 @@
             notify: [inwx_notify]
             acl: [inwx_acl]
 
-        policy:
-          - id: rsa2048
-            algorithm: rsasha256
-            ksk-size: 4096
-            zsk-size: 2048
-            zsk-lifetime: 30d
-          - id: ed25519
-            algorithm: ed25519
-            nsec3: on
-            ksk-lifetime: 360d
-            signing-threads: 2
-
         zone:
           - domain: yggdrasil.li
             template: inwx_zone
-- 
cgit v1.2.3