install/logical/friot/nsd/commonade.coop.nix

   1 {pkgs, lib, config, ...}:
   2 let inherit (builtins) toString toPath readFile;
   3     inherit (config.services) nsd;
   4     serial = zone: toString (builtins.extraBuiltins.git ./. [ "log" "-1" "--format=%ct" "--" (zone + ".nix") ]);
   5     /*
   6     serial = file: lib.removeSuffix "\n" (readFile
   7       (pkgs.runCommand "zone-serial"
   8         { buildInputs      = [ pkgs.git ];
   9           buildDepends     = [ (toPath ./. + file) ];
  10           preferLocalBuild = true;
  11           allowSubstitutes = false;
  12         } ''
  13         cd ${toPath ./.}
  14         ${pkgs.git}/bin/git log -1 --format="%ct" -- ${file} >$out
  15       ''));
  16     */
  17     ipv4 = config.networking.zones.net.ipv4;
  18 in
  19 {
  20 "${config.networking.domain}" = {
  21   data = ''
  22     $ORIGIN ${config.networking.domain}.
  23     $TTL    86400
  24
  25     ; SOA (Start Of Authority)
  26     @ SOA ns admin (
  27       ${serial config.networking.domain} ; Serial number
  28       1d      ; Refresh
  29       15m     ; Retry
  30       2592000 ; Expire
  31       1d      ; TTL (Time To Live) minimum
  32     )
  33
  34     ; A (DNS -> IPv4)
  35     @                   A ${ipv4}
  36     autoconfig          A ${ipv4}
  37     git                 A ${ipv4}
  38     imap                A ${ipv4}
  39     mail                A ${ipv4}
  40     ns                  A ${ipv4}
  41     pop                 A ${ipv4}
  42     smtp                A ${ipv4}
  43     submission          A ${ipv4}
  44     www                 A ${ipv4}
  45
  46     ; SPF (Sender Policy Framework)
  47     @ 3600 IN SPF "v=spf1 mx ip4:${ipv4} -all"
  48     @ 3600 IN TXT "v=spf1 mx ip4:${ipv4} -all"
  49
  50     ; NS (Name Server)
  51     @ NS ns
  52     ;@ NS ns6.gandi.net.
  53
  54     ; MX (Mail eXchange)
  55     @ 180 MX 5 ${ipv4}
  56
  57     ; SRV (SeRVice)
  58     _git._tcp.git 18000 IN SRV 0 0 9418 git
  59   '';
  60   };
  61 }