Patch bind

[perso/Immae/Config/Nix.git] / systems / eldiron / dns.nix

diff --git a/systems/eldiron/dns.nix b/systems/eldiron/dns.nix
index 857b233cefd6d868db4cfee287a658974229dea9..4ebb4010fae648c2a25c8704dc24482100de6413 100644 (file)
--- a/systems/eldiron/dns.nix
+++ b/systems/eldiron/dns.nix
@@ -50,7 +50,11 @@ in
           };
         };
         mailSend = {
-          # DKIM
+          # DKIM 2048b
+          subdomains._domainkey.subdomains.eldiron2.TXT = [
+            (toKV config.myEnv.mail.dkim.eldiron2.public)
+          ];
+          # DKIM 1024b
           subdomains._domainkey.subdomains.eldiron.TXT = [
             (toKV config.myEnv.mail.dkim.eldiron.public)
           ];
@@ -89,6 +93,11 @@ in
             # DMARC
             # p needs to be the first tag
             _dmarc.TXT = [ (toKV { _00__v = "DMARC1"; _01__p = if quarantine then "quarantine" else "none"; adkim = "s"; aspf = "s"; fo = "1"; rua = "mailto:postmaster+rua@immae.eu"; ruf = "mailto:postmaster+ruf@immae.eu"; }) ];
+
+            # Autoconfiguration for Outlook
+            autodiscover = ips servers.eldiron.ips.main;
+            # Autoconfiguration for Mozilla
+            autoconfig = ips servers.eldiron.ips.main;
           };
 
           # SPF
@@ -269,6 +278,13 @@ in
     networking.firewall.allowedTCPPorts = [ 53 ];
     users.users.named.extraGroups = [ "keys" ];
     services.bind = {
+      package = pkgs.bind.overrideAttrs(old: {
+        # Partially revert https://gitlab.isc.org/isc-projects/bind9/-/commit/fd96a418689593882485bb715b3cd76b9af6f968
+        # Some DNS server don’t sent the question section
+        postPatch = (old.postPatch or "") + ''
+          sed -i -e "/missing question section/{n;N;d;}" lib/dns/xfrin.c
+        '';
+      });
       enable = true;
       cacheNetworks = ["any"];
       extraOptions = ''