diff options
Diffstat (limited to 'modules/private/dns.nix')
-rw-r--r-- | modules/private/dns.nix | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/modules/private/dns.nix b/modules/private/dns.nix index b4772fc..fb90824 100644 --- a/modules/private/dns.nix +++ b/modules/private/dns.nix | |||
@@ -1,4 +1,4 @@ | |||
1 | { lib, pkgs, config, myconfig, ... }: | 1 | { lib, pkgs, config, ... }: |
2 | { | 2 | { |
3 | options.myServices.dns.enable = lib.mkEnableOption "enable DNS resolver"; | 3 | options.myServices.dns.enable = lib.mkEnableOption "enable DNS resolver"; |
4 | config = let | 4 | config = let |
@@ -61,13 +61,13 @@ | |||
61 | allow-recursion { 127.0.0.1; }; | 61 | allow-recursion { 127.0.0.1; }; |
62 | allow-transfer { none; }; | 62 | allow-transfer { none; }; |
63 | 63 | ||
64 | notify-source ${myconfig.env.servers.eldiron.ips.main.ip4}; | 64 | notify-source ${config.myEnv.servers.eldiron.ips.main.ip4}; |
65 | notify-source-v6 ${lib.head myconfig.env.servers.eldiron.ips.main.ip6}; | 65 | notify-source-v6 ${lib.head config.myEnv.servers.eldiron.ips.main.ip6}; |
66 | version none; | 66 | version none; |
67 | hostname none; | 67 | hostname none; |
68 | server-id none; | 68 | server-id none; |
69 | ''; | 69 | ''; |
70 | zones = with myconfig.env.dns; | 70 | zones = with config.myEnv.dns; |
71 | assert (builtins.substring ((builtins.stringLength soa.email)-1) 1 soa.email) != "."; | 71 | assert (builtins.substring ((builtins.stringLength soa.email)-1) 1 soa.email) != "."; |
72 | assert (builtins.substring ((builtins.stringLength soa.primary)-1) 1 soa.primary) != "."; | 72 | assert (builtins.substring ((builtins.stringLength soa.primary)-1) 1 soa.primary) != "."; |
73 | (map (conf: { | 73 | (map (conf: { |
@@ -94,10 +94,10 @@ | |||
94 | ${conf.entries} | 94 | ${conf.entries} |
95 | 95 | ||
96 | ${if lib.attrsets.hasAttr "withEmail" conf && lib.lists.length conf.withEmail > 0 then '' | 96 | ${if lib.attrsets.hasAttr "withEmail" conf && lib.lists.length conf.withEmail > 0 then '' |
97 | mx-1 IN A ${myconfig.env.servers.eldiron.ips.main.ip4} | 97 | mx-1 IN A ${config.myEnv.servers.eldiron.ips.main.ip4} |
98 | mx-2 IN A ${myconfig.env.servers.immaeEu.ips.main.ip4} | 98 | mx-2 IN A ${config.myEnv.servers.immaeEu.ips.main.ip4} |
99 | ${builtins.concatStringsSep "\n" (map (i: "mx-1 IN AAAA ${i}") myconfig.env.servers.eldiron.ips.main.ip6)} | 99 | ${builtins.concatStringsSep "\n" (map (i: "mx-1 IN AAAA ${i}") config.myEnv.servers.eldiron.ips.main.ip6)} |
100 | ${builtins.concatStringsSep "\n" (map (i: "mx-2 IN AAAA ${i}") myconfig.env.servers.immaeEu.ips.main.ip6)} | 100 | ${builtins.concatStringsSep "\n" (map (i: "mx-2 IN AAAA ${i}") config.myEnv.servers.immaeEu.ips.main.ip6)} |
101 | ${lib.concatStringsSep "\n\n" (map (e: | 101 | ${lib.concatStringsSep "\n\n" (map (e: |
102 | let | 102 | let |
103 | n = if e.domain == "" then "@" else "${e.domain} "; | 103 | n = if e.domain == "" then "@" else "${e.domain} "; |
@@ -122,8 +122,8 @@ | |||
122 | ; https://support.google.com/a/answer/9261504 | 122 | ; https://support.google.com/a/answer/9261504 |
123 | _mta-sts${suffix} IN TXT "v=STSv1;id=20190630054629Z" | 123 | _mta-sts${suffix} IN TXT "v=STSv1;id=20190630054629Z" |
124 | _smtp._tls${suffix} IN TXT "v=TLSRPTv1;rua=mailto:postmaster+mta-sts@immae.eu" | 124 | _smtp._tls${suffix} IN TXT "v=TLSRPTv1;rua=mailto:postmaster+mta-sts@immae.eu" |
125 | mta-sts${suffix} IN A ${myconfig.env.servers.eldiron.ips.main.ip4} | 125 | mta-sts${suffix} IN A ${config.myEnv.servers.eldiron.ips.main.ip4} |
126 | ${builtins.concatStringsSep "\n" (map (i: "mta-sts${suffix} IN AAAA ${i}") myconfig.env.servers.eldiron.ips.main.ip6)} | 126 | ${builtins.concatStringsSep "\n" (map (i: "mta-sts${suffix} IN AAAA ${i}") config.myEnv.servers.eldiron.ips.main.ip6)} |
127 | 127 | ||
128 | ; Mail sender authentications | 128 | ; Mail sender authentications |
129 | ${n} IN TXT "v=spf1 mx ~all" | 129 | ${n} IN TXT "v=spf1 mx ~all" |
@@ -132,7 +132,7 @@ | |||
132 | immae_eu._domainkey${suffix} IN TXT ( "v=DKIM1; k=rsa; s=email; " | 132 | immae_eu._domainkey${suffix} IN TXT ( "v=DKIM1; k=rsa; s=email; " |
133 | "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl3vLd8W5YAuumC5+ZT9OV7/14Pmh5JYtwyqKI3cfe9NnAqInt3xO4bZ7oqIxRKWN4SD39vm7O/QOvFdBt00ENOOzdP90s5gKw6eIP/4+vPTh0IWltAsmu9B2agzdtWUE7t2xFKIzEn8l9niRE2QYbVaqZv4sub98vY55fIgFoHtjkmNC7325S8fjDJGp6OPbyhAs6Xl5/adjF" | 133 | "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzl3vLd8W5YAuumC5+ZT9OV7/14Pmh5JYtwyqKI3cfe9NnAqInt3xO4bZ7oqIxRKWN4SD39vm7O/QOvFdBt00ENOOzdP90s5gKw6eIP/4+vPTh0IWltAsmu9B2agzdtWUE7t2xFKIzEn8l9niRE2QYbVaqZv4sub98vY55fIgFoHtjkmNC7325S8fjDJGp6OPbyhAs6Xl5/adjF" |
134 | "0ko4Y2p6RaxLQfjlS0bxmK4Qg6C14pIXHtzVeqOuWrwApqt5+AULSn97iUtqV/IJlEEjC6DUR44t3C/G0G/k46iFclCqRRi0hdPrOHCtZDbtMubnTN9eaUiNpkXh1WnCflHwtjQwIDAQAB" ) | 134 | "0ko4Y2p6RaxLQfjlS0bxmK4Qg6C14pIXHtzVeqOuWrwApqt5+AULSn97iUtqV/IJlEEjC6DUR44t3C/G0G/k46iFclCqRRi0hdPrOHCtZDbtMubnTN9eaUiNpkXh1WnCflHwtjQwIDAQAB" ) |
135 | eldiron._domainkey${suffix} IN TXT ${myconfig.env.mail.dkim.eldiron.public} | 135 | eldiron._domainkey${suffix} IN TXT ${config.myEnv.mail.dkim.eldiron.public} |
136 | '' else ""} | 136 | '' else ""} |
137 | '') conf.withEmail)} | 137 | '') conf.withEmail)} |
138 | '' + (if conf.name == "immae.eu" then '' | 138 | '' + (if conf.name == "immae.eu" then '' |