nixos-config/zones/common.nix

let
  data = builtins.fromJSON (builtins.readFile ./data.json);
in
rec {
  TTL = 60;
  SOA = {
    nameServer = "${primary}.rebmit.link.";
    adminEmail = "noc@rebmit.moe";
    serial = 0;
    refresh = 14400;
    retry = 3600;
    expire = 604800;
    minimum = 300;
  };
  NS = map (name: "${name}.rebmit.link.") nameservers;
  DKIM = [
    {
      selector = "20241219";
      k = "rsa";
      p = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLyv0K6sJv2aybXJAtmHyEEGdbTl58iTODDBAePKo10WI4B342QgfS0GWz7PmX/R/v0SK3fnpbG+VS9ZX8YTIEa0CZvnn9F7TcaIb8B6UkiELW9RAlDc8oNTk32EeTw/DZNATDXU1uin7Thea80YgXbbmB2X2HXZVw589YWbSfa9buHCEvxzx/ilIaQO2kf7/V9E9jcC/Ey0qQ7HF8Iyd3w9jKPaY0larzOrarkHGEmSxFPWBvZNlHOHa0cFW3HLT3cg5EzDwHrdcnqQmgHGbZWMMp1krEwPgTpbwYIQYuhADoNJSH6CktAc45wjFrzHQBAUY52YTR+ZjppWroTPcQIDAQAB";
      s = [ "email" ];
    }
  ];
  DMARC = [
    {
      p = "reject";
      sp = "reject";
      pct = 100;
      adkim = "strict";
      aspf = "strict";
      fo = [ "1" ];
      ri = 604800;
    }
  ];

  primary = "reisen-sea0";
  secondary = [
    "reisen-nrt0"
    "reisen-sin0"
    "suwako-vie1"
  ];
  nameservers = [ primary ] ++ secondary;
  hosts = data.hosts;
}
zones: add rebmit.moe and rebmit.link 2024-12-15 22:33:35 +08:00			`let`
			`data = builtins.fromJSON (builtins.readFile ./data.json);`
			`in`
			`rec {`
			`TTL = 60;`
			`SOA = {`
			`nameServer = "${primary}.rebmit.link.";`
			`adminEmail = "noc@rebmit.moe";`
			`serial = 0;`
			`refresh = 14400;`
			`retry = 3600;`
			`expire = 604800;`
			`minimum = 300;`
			`};`
			`NS = map (name: "${name}.rebmit.link.") nameservers;`
services/mail: init postfix, dovecot and rspamd 2024-12-19 21:26:19 +08:00			`DKIM = [`
			`{`
			`selector = "20241219";`
			`k = "rsa";`
			`p = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLyv0K6sJv2aybXJAtmHyEEGdbTl58iTODDBAePKo10WI4B342QgfS0GWz7PmX/R/v0SK3fnpbG+VS9ZX8YTIEa0CZvnn9F7TcaIb8B6UkiELW9RAlDc8oNTk32EeTw/DZNATDXU1uin7Thea80YgXbbmB2X2HXZVw589YWbSfa9buHCEvxzx/ilIaQO2kf7/V9E9jcC/Ey0qQ7HF8Iyd3w9jKPaY0larzOrarkHGEmSxFPWBvZNlHOHa0cFW3HLT3cg5EzDwHrdcnqQmgHGbZWMMp1krEwPgTpbwYIQYuhADoNJSH6CktAc45wjFrzHQBAUY52YTR+ZjppWroTPcQIDAQAB";`
			`s = [ "email" ];`
			`}`
			`];`
			`DMARC = [`
			`{`
			`p = "reject";`
			`sp = "reject";`
			`pct = 100;`
			`adkim = "strict";`
			`aspf = "strict";`
			`fo = [ "1" ];`
			`ri = 604800;`
			`}`
			`];`
zones: add rebmit.moe and rebmit.link 2024-12-15 22:33:35 +08:00
zones: move primary dns to reisen-sea0 2024-12-17 22:32:23 +08:00			`primary = "reisen-sea0";`
zones: add rebmit.moe and rebmit.link 2024-12-15 22:33:35 +08:00			`secondary = [`
			`"reisen-nrt0"`
hosts/reisen-sin0: init 2024-12-17 22:08:23 +08:00			`"reisen-sin0"`
treewide: move secondary dns from suwako-vie0 to suwako-vie1 2025-01-01 09:44:46 +08:00			`"suwako-vie1"`
zones: add rebmit.moe and rebmit.link 2024-12-15 22:33:35 +08:00			`];`
			`nameservers = [ primary ] ++ secondary;`
			`hosts = data.hosts;`
			`}`