Merge branch 'main-patch-b4a2' into 'main'

SRV record for email See merge request compsoc/skynet/nixos!2
2023-07-24 18:31:26 +00:00 · 2023-07-24 18:31:26 +00:00 · dbbbd7a882
commit dbbbd7a882
parent 1d3e610ce9 8159883f83
2 changed files with 20 additions and 1 deletions
--- a/applications/dns.nix
+++ b/applications/dns.nix
@ -18,6 +18,7 @@ let
  sort_records_a      = builtins.sort (a: b: (ip_ptr_to_int a.value) < (ip_ptr_to_int b.value)) filter_records_a;
  sort_records_cname  = builtins.sort (a: b: a.value < b.value) (filter_records_type "CNAME");
  sort_records_ptr    = builtins.sort (a: b: (lib.strings.toInt a.record) < (lib.strings.toInt b.record)) (process_ptr (filter_records_type "PTR"));
+  sort_records_srv    = builtins.sort (a: b: a.record < b.record) (filter_records_type "SRV");

  format_records = records: offset: lib.strings.concatMapStrings (x: "${padString x.record offset} IN ${padString x.r_type 5} ${x.value}\n") records;

@ -80,6 +81,12 @@ ${format_records sort_records_cname 31}
 ; ------------------------------------------
 ${format_records (filter_records_type "TXT") 29}

+; ------------------------------------------
+; SRV
+; ------------------------------------------
+${format_records sort_records_srv 29}
+
+
 ''
  );

@ -283,7 +290,7 @@ in {
              type = str;
            };
            r_type = lib.mkOption {
-              type = enum ["A" "CNAME" "TXT" "PTR"];
+              type = enum ["A" "CNAME" "TXT" "PTR" "SRV"];
            };
            value = lib.mkOption {
              type = str;
--- a/applications/email.nix
+++ b/applications/email.nix
@ -105,13 +105,25 @@
      # TXT records, all tehse are inside escaped strings to allow using ""
      # SPF record
      {record="${cfg.domain}."; r_type="TXT"; value=''"v=spf1 a:${cfg.sub}.${cfg.domain} -all"'';}
+ 
      # DKIM keys
      {record="mail._domainkey.skynet.ie.";    r_type="TXT"; value=''"v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxju1Ie60BdHwyFVPNQKovL/cX9IFPzBKgjnHZf+WBzDCFKSBpf7NvnfXajtFDQN0poaN/Qfifid+V55ZCNDBn8Y3qZa4Y69iNiLw2DdvYf0HdnxX6+pLpbmj7tikGGLJ62xnhkJhoELnz5gCOhpyoiv0tSQVaJpaGZmoll861/QIDAQAB"'';}
      {record="mail._domainkey.ulcompsoc.ie."; r_type="TXT"; value=''"v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl8ptSASx37t5sfmU2d2Y6yi9AVrsNFBZDmJ2uaLa4NuvAjxGQCw4wx+1Jui/HOuKYLpntLsjN851wgPR+3i51g4OblqBDvcHn9NYgWRZfHj9AASANQjdsaAbkXuyKuO46hZqeWlpESAcD6a4Evam4fkm+kiZC0+rccb4cWgsuLwIDAQAB"'';}
+
      # DMARC
      {record="_dmarc.${cfg.domain}."; r_type="TXT"; value=''"v=DMARC1; p=none"'';}

+      # reverse pointer
      {record=cfg.host.ip; r_type="PTR"; value="${cfg.sub}.${cfg.domain}.";}
+
+      # SRV records to help gmail on android etc find the correct mail.skynet.ie domain for config rather than just defaulting to skynet.ie 
+      # https://serverfault.com/questions/935192/how-to-setup-auto-configure-email-for-android-mail-app-on-your-server/1018406#1018406
+      # response should be:
+      # _imap._tcp       SRV  0 1 143 imap.example.com.
+      {record="_imaps._tcp";        r_type="SRV"; value="0 1 993 ${cfg.sub}.${cfg.domain}";}
+      {record="_imap._tcp";         r_type="SRV"; value="0 1 143 ${cfg.sub}.${cfg.domain}";}
+      {record="_submissions._tcp";  r_type="SRV"; value="0 1 465 ${cfg.sub}.${cfg.domain}";}
+      {record="_submission._tcp";   r_type="SRV"; value="0 1 587 ${cfg.sub}.${cfg.domain}";}
    ];

    # to provide the certs