Add new machine to nixops

[perso/Immae/Config/Nix.git] / modules / private / dns.nix

diff --git a/modules/private/dns.nix b/modules/private/dns.nix
index 01a3cbbff14997aa6204df234b5a22a185c1213c..b4772fcde9f20d5a5d00669abf80e0c11bef4bc2 100644 (file)
--- a/modules/private/dns.nix
+++ b/modules/private/dns.nix
@@ -1,5 +1,6 @@
 { lib, pkgs, config, myconfig,  ... }:
 {
+  options.myServices.dns.enable = lib.mkEnableOption "enable DNS resolver";
   config = let
     cfg = config.services.bind;
     configFile = pkgs.writeText "named.conf" ''
@@ -49,8 +50,7 @@
             '')
           cfg.zones }
     '';
-  in
-    {
+  in lib.mkIf config.myServices.dns.enable {
     networking.firewall.allowedUDPPorts = [ 53 ];
     networking.firewall.allowedTCPPorts = [ 53 ];
     services.bind = {
@@ -109,12 +109,13 @@
               ${n} IN MX 20 mx-2.${conf.name}.
 
               ; https://tools.ietf.org/html/rfc6186
-              _submission._tcp${suffix} SRV  0 1  587 smtp.immae.eu.
-              _imap._tcp${suffix}       SRV  0 1  143 imap.immae.eu.
-              _imaps._tcp${suffix}      SRV  0 1  993 imap.immae.eu.
-              _pop3._tcp${suffix}       SRV 10 1  110 pop3.immae.eu.
-              _pop3s._tcp${suffix}      SRV 10 1  995 pop3.immae.eu.
-              _sieve._tcp${suffix}      SRV  0 1 4190 imap.immae.eu.
+              _submission._tcp${suffix}  SRV  0 1  587 smtp.immae.eu.
+              _submissions._tcp${suffix} SRV  0 1  465 smtp.immae.eu.
+              _imap._tcp${suffix}        SRV  0 1  143 imap.immae.eu.
+              _imaps._tcp${suffix}       SRV  0 1  993 imap.immae.eu.
+              _pop3._tcp${suffix}        SRV 10 1  110 pop3.immae.eu.
+              _pop3s._tcp${suffix}       SRV 10 1  995 pop3.immae.eu.
+              _sieve._tcp${suffix}       SRV  0 1 4190 imap.immae.eu.
 
               ; MTA-STS
               ; https://blog.delouw.ch/2018/12/16/using-mta-sts-to-enhance-email-transport-security-and-privacy/