-{ pkgs, lib, config, inputs, hosts, info, ... }:
+{
+ pkgs,
+ lib,
+ config,
+ inputs,
+ hosts,
+ info,
+ ...
+}:
let
domain = "sourcephile.fr";
domainID = lib.replaceStrings [ "." ] [ "_" ] domain;
; NS (Name Server)
@ NS ns
- ${lib.concatMapStringsSep "\n" ({name, ...}: "@ NS ${name}.") info.lebureau.dns.secondary.ns}
+ ${lib.concatMapStringsSep "\n" ({ name, ... }: "@ NS ${name}.") info.lebureau.dns.secondary.ns}
i NS ns
whoami4 NS ns.whoami4
ns.whoami4 A ${hosts.mermet._module.args.ipv4}
nix-serve CNAME losurdo
nix-extracache CNAME losurdo
nix-localcache CNAME lan.losurdo
+ ; See https://keys.openpgp.org/about/usage#wkd-as-a-service
+ openpgpkey CNAME wkd.keys.openpgp.org.
sftp CNAME losurdo
radicle-mermet CNAME mermet
radicle CNAME mermet
; DOC: https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum
@ CAA 128 issue "letsencrypt.org; validationmethods=dns-01"
'';
- # Incorrect:
- # accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/78014180
in
+# Incorrect:
+# accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/78014180
{
services.knot.settingsFreeform = {
remote.ns_iodine.address = "127.0.0.1@1053";
action = "update";
update-owner = "name";
update-owner-match = "equal";
- update-owner-name = [ "losurdo" "lan.losurdo" ];
- update-type = [ "A" "AAAA" ];
+ update-owner-name = [
+ "losurdo"
+ "lan.losurdo"
+ ];
+ update-type = [
+ "A"
+ "AAAA"
+ ];
};
acl."acl_lebureau_${domainID}" = {
action = "transfer";
}; }
}
'';
- /* Useless since the zone is public
+ /*
+ Useless since the zone is public
services.unbound.settings = {
stub-zone = {
name = domain;
sourcephile / git / sourcephile-nix.git / blobdiff