swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat[client,server]: add remote builds, confLib
Some checks failed
Flake check / Check flake (push) Has been cancelled
Details

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-12-02 00:57:35 +01:00 committed by Leon Schwarzäugl
parent c20f1b0b59
commit 9acfc5f934
133 changed files with 4297 additions and 3249 deletions
Download patch file Download diff file Expand all files Collapse all files

59
modules/nixos/server/nsd/site1.nix
View file

@ -1,40 +1,35 @@
{ config, globals, dns, ... }:
{ config, globals, dns, proxyAddress4, proxyAddress6, ... }:
with dns.lib.combinators; {
SOA = {
nameServer = "soa";
adminEmail = "admin@${globals.domains.main}";
serial = 2025112101;
adminEmail = "admin@${globals.domains.main}"; # this option is not parsed as domain (we cannot just write "admin")
serial = 2025120201; # update this on changes for secondary dns
};
useOrigin = false;
NS = [
"soa.${globals.domains.name}."
"ns1.he.net"
"ns2.he.net"
"ns3.he.net"
"ns4.he.net"
"ns5.he.net"
"oxygen.ns.hetzner.com"
"pola.ns.cloudflare.com"
];
"soa"
"srv"
] ++ globals.domains.externalDns;
A = [ "75.2.60.5" ];
A = [ config.repo.secrets.local.dns.homepage-ip ];
SRV = [
{
service = "_matrix";
proto = "_tcp";
port = 443;
target = "${globals.services.matrix.baseDomain}.${globals.domains.main}";
target = "${globals.services.matrix.subDomain}";
priority = 10;
wweight = 5;
weight = 5;
}
{
service = "_submissions";
proto = "_tcp";
port = 465;
target = "${globals.services.mailserver.baseDomain}.${globals.domains.main}";
target = "${globals.services.mailserver.subDomain}";
priority = 5;
weight = 0;
ttl = 3600;
@ -43,7 +38,7 @@ with dns.lib.combinators; {
service = "_submission";
proto = "_tcp";
port = 587;
target = "${globals.services.mailserver.baseDomain}.${globals.domains.main}";
target = "${globals.services.mailserver.subDomain}";
priority = 5;
weight = 0;
ttl = 3600;
@ -52,7 +47,7 @@ with dns.lib.combinators; {
service = "_imap";
proto = "_tcp";
port = 143;
target = "${globals.services.mailserver.baseDomain}.${globals.domains.main}";
target = "${globals.services.mailserver.subDomain}";
priority = 5;
weight = 0;
ttl = 3600;
@ -61,7 +56,7 @@ with dns.lib.combinators; {
service = "_imaps";
proto = "_tcp";
port = 993;
target = "${globals.services.mailserver.baseDomain}.${globals.domains.main}";
target = "${globals.services.mailserver.subDomain}";
priority = 5;
weight = 0;
ttl = 3600;
@ -71,13 +66,7 @@ with dns.lib.combinators; {
MX = [
{
preference = 10;
exchange = "${globals.services.mailserver.baseDomain}.${globals.domains.main}";
}
];
CNAME = [
{
cname = "www.${glovals.domains.main}";
exchange = "${globals.services.mailserver.subDomain}";
}
];
@ -90,28 +79,22 @@ with dns.lib.combinators; {
}
];
DMARC = [
{
p = "none";
ttl = 10800;
}
];
TXT = [
(with spf; strict [ "a:${globals.services.mailserver.baseDomain}.${globals.domains.main}" ])
(with spf; strict [ "a:${globals.services.mailserver.subDomain}.${globals.domains.main}" ])
"google-site-verification=${config.repo.secrets.local.dns.google-site-verification}"
];
DMARC = [
{
selector = "mail";
k = "rsa";
p = "none";
ttl = 10800;
}
];
subdomains = config.swarselsystems.server.dns.${globals.domain.main}.subdomainRecords // {
"minecraft" = host "130.61.119.12" null;
subdomains = config.swarselsystems.server.dns.${globals.domains.main}.subdomainRecords // {
"www".CNAME = [ "${globals.domains.main}." ];
"_acme-challenge".CNAME = [ "${config.repo.secrets.local.dns.acme-challenge-domain}." ];
"soa" = host proxyAddress4 proxyAddress6;
"srv" = host proxyAddress4 proxyAddress6;
};
}