]> Git — Sourcephile - sourcephile-nix.git/blob - install/logical/friot/nsd/commonsoft.nix
gpg: improve backup
[sourcephile-nix.git] / install / logical / friot / nsd / commonsoft.nix
1 {pkgs, lib, config, ...}:
2 let inherit (builtins) toString toPath readFile;
3 inherit (config) networking;
4 inherit (config.services) nsd;
5 serial = zone: toString (builtins.extraBuiltins.git ./. [ "log" "-1" "--format=%ct" "--" (zone + ".nix") ]);
6 /*
7 serial = file: lib.removeSuffix "\n" (readFile
8 (pkgs.runCommand "zone-serial"
9 { buildInputs = [ pkgs.git ];
10 buildDepends = [ (toPath ./. + file) ];
11 preferLocalBuild = true;
12 allowSubstitutes = false;
13 } ''
14 cd ${toPath ./.}
15 ${pkgs.git}/bin/git log -1 --format="%ct" -- ${file} >$out
16 ''));
17 */
18 ipv4 = networking.zones.net.ipv4;
19 commonZone = ''
20 ; A (DNS -> IPv4)
21 @ A ${ipv4}
22 autoconfig A ${ipv4}
23 git A ${ipv4}
24 imap A ${ipv4}
25 mail A ${ipv4}
26 ns A ${ipv4}
27 pop A ${ipv4}
28 redmine A ${ipv4}
29 smtp A ${ipv4}
30 submission A ${ipv4}
31 www A ${ipv4}
32
33 ; SPF (Sender Policy Framework)
34 @ 3600 IN SPF "v=spf1 mx ip4:${ipv4} -all"
35 @ 3600 IN TXT "v=spf1 mx ip4:${ipv4} -all"
36
37 ; MX (Mail eXchange)
38 @ 180 MX 5 ${ipv4}
39
40 ; SRV (SeRVice)
41 _git._tcp.git 18000 IN SRV 0 0 9418 git
42 '';
43 in
44 {
45 config = {
46 services.nsd = {
47 zones = {
48 # NOTE: cannot use networking.domain as attr key: infinite recursion
49 "commonsoft.org" = {
50 data = ''
51 $ORIGIN ${networking.domainBase}.org.
52 $TTL 86400
53
54 ; SOA (Start Of Authority)
55 @ SOA ns admin (
56 ${serial networking.domain} ; Serial number
57 1d ; Refresh
58 15m ; Retry
59 2592000 ; Expire
60 1d ; TTL (Time To Live) minimum
61 )
62
63 ; NS (Name Server)
64 @ NS ns
65 ;@ NS ns6.gandi.net.
66 '' + commonZone;
67 };
68 "commonsoft.coop" = {
69 data = ''
70 $ORIGIN ${networking.domainBase}.coop.
71 $TTL 86400
72
73 ; SOA (Start Of Authority)
74 @ SOA ns admin (
75 ${serial networking.domain} ; Serial number
76 1d ; Refresh
77 15m ; Retry
78 2592000 ; Expire
79 1d ; TTL (Time To Live) minimum
80 )
81
82 ; NS (Name Server)
83 @ NS ns
84 ;@ NS ns6.gandi.net.
85 '' + commonZone;
86 };
87 "commonsoft.net" = {
88 data = ''
89 $ORIGIN ${networking.domainBase}.net.
90 $TTL 86400
91
92 ; SOA (Start Of Authority)
93 @ SOA ns admin (
94 ${serial networking.domain} ; Serial number
95 1d ; Refresh
96 15m ; Retry
97 2592000 ; Expire
98 1d ; TTL (Time To Live) minimum
99 )
100
101 ; NS (Name Server)
102 @ NS ns
103 ;@ NS ns6.gandi.net.
104 '' + commonZone;
105 };
106 };
107 };
108 };
109 }