From bea98fc9fcdf2987d027687282f22d5166c5efe0 Mon Sep 17 00:00:00 2001
From: Brendan Golden <git@brendan.ie>
Date: Fri, 13 Oct 2023 11:21:26 +0100
Subject: [PATCH] fix: better email config, now with dns records

Deals with #32
---
 applications/dns.nix    |  7 ++++++-
 applications/email.nix  |  2 +-
 applications/gitlab.nix | 21 +++++++++++++++++++--
 3 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/applications/dns.nix b/applications/dns.nix
index f337055..438ca0b 100644
--- a/applications/dns.nix
+++ b/applications/dns.nix
@@ -88,6 +88,11 @@
       ; ------------------------------------------
       ${format_records (filter_records_type "TXT") 29}
 
+      ; ------------------------------------------
+      ; MX
+      ; ------------------------------------------
+      ${format_records (filter_records_type "MX") 29}
+
       ; ------------------------------------------
       ; SRV
       ; ------------------------------------------
@@ -317,7 +322,7 @@ in {
                 type = str;
               };
               r_type = lib.mkOption {
-                type = enum ["A" "CNAME" "TXT" "PTR" "SRV"];
+                type = enum ["A" "CNAME" "TXT" "PTR" "SRV" "MX"];
               };
               value = lib.mkOption {
                 type = str;
diff --git a/applications/email.nix b/applications/email.nix
index 27e7308..752c7eb 100644
--- a/applications/email.nix
+++ b/applications/email.nix
@@ -126,7 +126,7 @@ in {
       {
         record = "${cfg.domain}.";
         r_type = "TXT";
-        value = ''"v=spf1 a:${cfg.sub}.${cfg.domain} a:gitlab.skynet.ie -all"'';
+        value = ''"v=spf1 a:${cfg.sub}.${cfg.domain} -all"'';
       }
 
       # DKIM keys
diff --git a/applications/gitlab.nix b/applications/gitlab.nix
index 00461e1..d97b48e 100644
--- a/applications/gitlab.nix
+++ b/applications/gitlab.nix
@@ -109,8 +109,8 @@ in {
     skynet_dns.records = [
       {
         record = cfg.domain.sub;
-        r_type = "CNAME";
-        value = cfg.host.name;
+        r_type = "A";
+        value = cfg.host.ip;
       }
       # for gitlab pages
       {
@@ -118,11 +118,28 @@ in {
         r_type = "A";
         value = cfg.host.ip;
       }
+
+      # for email
+      {
+        record = "${cfg.domain.sub}";
+        r_type = "MX";
+        value = ''10 ${domain_full}.'';
+      }
       {
         record = cfg.host.ip;
         r_type = "PTR";
         value = "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}.";
       }
+      {
+        record = "${domain_full}.";
+        r_type = "TXT";
+        value = ''"v=spf1 a:gitlab.skynet.ie -all"'';
+      }
+      {
+        record = "_dmarc.${domain_full}.";
+        r_type = "TXT";
+        value = ''"v=DMARC1; p=none"'';
+      }
     ];
 
     networking.firewall.allowedTCPPorts = [