zones: Provide a single entry point for all zones

author: Benedikt Peetz <benedikt.peetz@b-peetz.de> 2025-03-11 17:47:26 +0100
committer: Benedikt Peetz <benedikt.peetz@b-peetz.de> 2025-03-11 17:47:26 +0100
commit: cc2c262277f5311ed1a74ba6f11d13a12c9b663f (patch)
tree: 1ab15f89d4cf0a75f53e2af0dbc139620e6b35cd
parent: zones/vhack.eu: Set correct CNAME records (diff)
download: nixos-server-cc2c262277f5311ed1a74ba6f11d13a12c9b663f.zip
4 files changed, 109 insertions, 108 deletions
diff --git a/hosts/by-name/server2/configuration.nix b/hosts/by-name/server2/configuration.nix
index b7b868f..5fe635a 100644
--- a/hosts/by-name/server2/configuration.nix
+++ b/hosts/by-name/server2/configuration.nix
@@ -33,7 +33,7 @@
         "185.16.61.132"
         "2a03:4000:a:106::1"
       ];
-      zones = import ../../../zones/vhack.eu/zone.nix {};
+      zones = import ../../../zones {};
     };
     etesync = {
       enable = true;
diff --git a/hosts/by-name/server3/configuration.nix b/hosts/by-name/server3/configuration.nix
index e18d055..9ad73ea 100644
--- a/hosts/by-name/server3/configuration.nix
+++ b/hosts/by-name/server3/configuration.nix
@@ -18,7 +18,7 @@
         "92.60.38.179"
         "2a03:4000:33:25b::4f4e"
       ];
-      zones = import ../../../zones/vhack.eu/zone.nix {};
+      zones = import ../../../zones {};
     };
     fail2ban.enable = true;
     nix-sync = {
diff --git a/zones/default.nix b/zones/default.nix
new file mode 100644
index 0000000..cde6def
--- /dev/null
+++ b/zones/default.nix
@@ -0,0 +1,3 @@
+{...}: {
+  "vhack.eu" = import ./vhack.eu/zone.nix {};
+}
diff --git a/zones/vhack.eu/zone.nix b/zones/vhack.eu/zone.nix
index 96aed6c..a1e6d2e 100644
--- a/zones/vhack.eu/zone.nix
+++ b/zones/vhack.eu/zone.nix
@@ -1,119 +1,117 @@
 {...}: {
-  "vhack.eu" = {
-    SOA = {
-      nameServer = "name-server.foss-syndicate.org.";
-      adminEmail = "dns-admin@foss-syndicate.org";
-      serial = 2025031001;
-    };
-    useOrigin = false;
+  SOA = {
+    nameServer = "name-server.foss-syndicate.org.";
+    adminEmail = "dns-admin@foss-syndicate.org";
+    serial = 2025031001;
+  };
+  useOrigin = false;
 
-    # NOTE: matrix/mastodon need to have the point from `vhack.eu` to their IP <2025-03-10>
-    A = [
-      "92.60.38.179"
-    ];
-    AAAA = [
-      "2a03:4000:33:25b::4f4e"
-    ];
+  # NOTE: matrix/mastodon need to have the point from `vhack.eu` to their IP <2025-03-10>
+  A = [
+    "92.60.38.179"
+  ];
+  AAAA = [
+    "2a03:4000:33:25b::4f4e"
+  ];
 
-    CAA = [
-      {
-        issuerCritical = false;
-        tag = "issue";
-        value = "letsencrypt.org";
-      }
-    ];
+  CAA = [
+    {
+      issuerCritical = false;
+      tag = "issue";
+      value = "letsencrypt.org";
+    }
+  ];
 
-    MX = [
-      {
-        preference = 10;
-        exchange = "mail.foss-syndicate.org";
-      }
-    ];
-    DKIM = [
-      {
-        selector = "mail";
-        k = "rsa";
-        p = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8KXSkQD0ZFk3EetJ1qaoqevvdBoV93dRh5X2GCcc7hWBtLWtj31F3BefgfcrbdACVitdmJcRu7ed8qZMpxZM9pN5TrPMebAkjxMvMH554Wvi1FSwzuPSR724NHPKIgveU8pgiYffks5Mu1ejZmBvlnhXjpbDCEL1reWk+OtmB+QIDAQAB";
-        s = ["email"];
-        t = ["s"];
-      }
-    ];
-    DMARC = [
-      {
-        adkim = "strict";
-        aspf = "strict";
-        fo = ["0" "1" "d" "s"];
-        p = "quarantine";
-        rua = "admin@foss-syndicate.org";
-        ruf = ["admin@foss-syndicate.org"];
-      }
-    ];
-    SRV = [
-      {
-        service = "imaps";
-        proto = "tcp";
-        priority = 0;
-        weight = 1;
-        port = 993;
-        target = "mail.foss-syndicate.org";
-      }
-      {
-        service = "pop3s";
-        proto = "tcp";
-        priority = 0;
-        weight = 1;
-        port = 995;
-        target = "mail.foss-syndicate.org";
-      }
-      {
-        service = "smtps";
-        proto = "tcp";
-        priority = 0;
-        weight = 1;
-        port = 465;
-        target = "mail.foss-syndicate.org";
-      }
-    ];
-    TXT = [
-      "v=spf1 +mx -all"
-    ];
+  MX = [
+    {
+      preference = 10;
+      exchange = "mail.foss-syndicate.org";
+    }
+  ];
+  DKIM = [
+    {
+      selector = "mail";
+      k = "rsa";
+      p = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8KXSkQD0ZFk3EetJ1qaoqevvdBoV93dRh5X2GCcc7hWBtLWtj31F3BefgfcrbdACVitdmJcRu7ed8qZMpxZM9pN5TrPMebAkjxMvMH554Wvi1FSwzuPSR724NHPKIgveU8pgiYffks5Mu1ejZmBvlnhXjpbDCEL1reWk+OtmB+QIDAQAB";
+      s = ["email"];
+      t = ["s"];
+    }
+  ];
+  DMARC = [
+    {
+      adkim = "strict";
+      aspf = "strict";
+      fo = ["0" "1" "d" "s"];
+      p = "quarantine";
+      rua = "admin@foss-syndicate.org";
+      ruf = ["admin@foss-syndicate.org"];
+    }
+  ];
+  SRV = [
+    {
+      service = "imaps";
+      proto = "tcp";
+      priority = 0;
+      weight = 1;
+      port = 993;
+      target = "mail.foss-syndicate.org";
+    }
+    {
+      service = "pop3s";
+      proto = "tcp";
+      priority = 0;
+      weight = 1;
+      port = 995;
+      target = "mail.foss-syndicate.org";
+    }
+    {
+      service = "smtps";
+      proto = "tcp";
+      priority = 0;
+      weight = 1;
+      port = 465;
+      target = "mail.foss-syndicate.org";
+    }
+  ];
+  TXT = [
+    "v=spf1 +mx -all"
+  ];
 
-    subdomains = {
-      dav.CNAME = ["server2.vhack.eu."];
-      etebase.CNAME = ["server2.vhack.eu."];
-      git.CNAME = ["server2.vhack.eu."];
-      invidious-router.CNAME = ["server2.vhack.eu."];
+  subdomains = {
+    dav.CNAME = ["server2.vhack.eu."];
+    etebase.CNAME = ["server2.vhack.eu."];
+    git.CNAME = ["server2.vhack.eu."];
+    invidious-router.CNAME = ["server2.vhack.eu."];
 
-      libreddit.CNAME = ["server2.vhack.eu."];
-      redlib.CNAME = ["server2.vhack.eu."];
+    libreddit.CNAME = ["server2.vhack.eu."];
+    redlib.CNAME = ["server2.vhack.eu."];
 
-      mastodon.CNAME = ["server3.vhack.eu."];
-      matrix.CNAME = ["server3.vhack.eu."];
+    mastodon.CNAME = ["server3.vhack.eu."];
+    matrix.CNAME = ["server3.vhack.eu."];
 
-      miniflux.CNAME = ["server3.vhack.eu."];
-      rss.CNAME = ["server3.vhack.eu."];
+    miniflux.CNAME = ["server3.vhack.eu."];
+    rss.CNAME = ["server3.vhack.eu."];
 
-      mumble.CNAME = ["server3.vhack.eu."];
-      openpgpkey.CNAME = ["server3.vhack.eu."];
-      peertube.CNAME = ["server3.vhack.eu."];
-      trinitrix.CNAME = ["server3.vhack.eu."];
+    mumble.CNAME = ["server3.vhack.eu."];
+    openpgpkey.CNAME = ["server3.vhack.eu."];
+    peertube.CNAME = ["server3.vhack.eu."];
+    trinitrix.CNAME = ["server3.vhack.eu."];
 
-      server2 = {
-        AAAA = [
-          "2a03:4000:a:106::1"
-        ];
-        A = [
-          "185.16.61.132"
-        ];
-      };
-      server3 = {
-        AAAA = [
-          "2a03:4000:33:25b::4f4e"
-        ];
-        A = [
-          "92.60.38.179"
-        ];
-      };
+    server2 = {
+      AAAA = [
+        "2a03:4000:a:106::1"
+      ];
+      A = [
+        "185.16.61.132"
+      ];
+    };
+    server3 = {
+      AAAA = [
+        "2a03:4000:33:25b::4f4e"
+      ];
+      A = [
+        "92.60.38.179"
+      ];
     };
   };
 }
author	Benedikt Peetz <benedikt.peetz@b-peetz.de>	2025-03-11 17:47:26 +0100
committer	Benedikt Peetz <benedikt.peetz@b-peetz.de>	2025-03-11 17:47:26 +0100
commit	cc2c262277f5311ed1a74ba6f11d13a12c9b663f (patch)
tree	1ab15f89d4cf0a75f53e2af0dbc139620e6b35cd
parent	zones/vhack.eu: Set correct CNAME records (diff)
download	nixos-server-cc2c262277f5311ed1a74ba6f11d13a12c9b663f.zip