dns: cleaned up teh implmentation of the dns, partly to make it easier toa dd records and partly to make it really neat config files.
This commit is contained in:
parent
d683598060
commit
bc2e781586
18 changed files with 163 additions and 202 deletions
|
|
@ -95,22 +95,19 @@
|
|||
age.secrets.ldap_pw.file = ../secrets/ldap/pw.age;
|
||||
|
||||
# set up dns record for it
|
||||
skynet_dns.records.external = [
|
||||
skynet_dns.records = [
|
||||
# basic one
|
||||
"mail A ${cfg.host.ip}"
|
||||
|
||||
# SPF record
|
||||
''${cfg.domain}. IN TXT "v=spf1 a:${cfg.sub}.${cfg.domain} -all"''
|
||||
{record="mail"; r_type="A"; value=cfg.host.ip;}
|
||||
|
||||
# TXT records, all tehse are inside escaped strings to allow using ""
|
||||
# SPF record
|
||||
{record="${cfg.domain}."; r_type="TXT"; value=''"v=spf1 a:${cfg.sub}.${cfg.domain} -all"'';}
|
||||
# DKIM
|
||||
''mail._domainkey.${cfg.domain}. IN TXT "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl8ptSASx37t5sfmU2d2Y6yi9AVrsNFBZDmJ2uaLa4NuvAjxGQCw4wx+1Jui/HOuKYLpntLsjN851wgPR+3i51g4OblqBDvcHn9NYgWRZfHj9AASANQjdsaAbkXuyKuO46hZqeWlpESAcD6a4Evam4fkm+kiZC0+rccb4cWgsuLwIDAQAB"''
|
||||
|
||||
{record="mail._domainkey.${cfg.domain}."; r_type="TXT"; value=''"v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl8ptSASx37t5sfmU2d2Y6yi9AVrsNFBZDmJ2uaLa4NuvAjxGQCw4wx+1Jui/HOuKYLpntLsjN851wgPR+3i51g4OblqBDvcHn9NYgWRZfHj9AASANQjdsaAbkXuyKuO46hZqeWlpESAcD6a4Evam4fkm+kiZC0+rccb4cWgsuLwIDAQAB"'';}
|
||||
# DMARC
|
||||
''_dmarc.${cfg.domain}. IN TXT "v=DMARC1; p=none"''
|
||||
];
|
||||
{record="_dmarc.${cfg.domain}."; r_type="TXT"; value=''"v=DMARC1; p=none"'';}
|
||||
|
||||
skynet_dns.records.reverse = [
|
||||
"${builtins.substring 9 3 cfg.host.ip} IN PTR ${cfg.sub}.${cfg.domain}."
|
||||
{record=cfg.host.ip; r_type="PTR"; value="${cfg.sub}.${cfg.domain}.";}
|
||||
];
|
||||
|
||||
mailserver = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue