smtp A ${hosts.mermet._module.args.ipv4}
submission A ${hosts.mermet._module.args.ipv4}
www A ${hosts.mermet._module.args.ipv4}
- lemoutona5pattes A ${hosts.mermet._module.args.ipv4}
croc A ${hosts.mermet._module.args.ipv4}
stun A ${hosts.mermet._module.args.ipv4}
turn A ${hosts.mermet._module.args.ipv4}
code A ${hosts.mermet._module.args.ipv4}
miniflux A ${hosts.mermet._module.args.ipv4}
+ ; MX (Mail eXchange)
+ @ 500 MX 5 mail
+
; CNAME (Canonical Name)
openconcerto CNAME losurdo
xmpp CNAME mermet
nix-extracache CNAME losurdo
nix-localcache CNAME lan.losurdo
sftp CNAME losurdo
+ radicle-mermet CNAME mermet
+ radicle CNAME mermet
+ radicle-explorer CNAME radicle
; DMARC (Domain-based Message Authentication, Reporting and Conformance)
_dmarc 3600 IN TXT "v=DMARC1; p=none; pct=100; rua=mailto:root+dmarc+aggregate@sourcephile.fr; ruf=mailto:root+dmarc+forensic@sourcephile.fr"
; CAA (Certificate Authority Authorization)
; DOC: https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum
- @ CAA 128 issue "letsencrypt.org"
+ @ CAA 128 issue "letsencrypt.org; validationmethods=dns-01"
'';
+ # Incorrect:
+ # accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/78014180
in
{
services.knot.settingsFreeform = {
action = "update";
update-owner = "name";
update-owner-match = "equal";
- update-owner-name = "[losurdo, lan.losurdo]";
+ update-owner-name = [ "losurdo" "lan.losurdo" ];
update-type = [ "A" "AAAA" ];
};
mod-dnsproxy.proxy_iodine = {