move chir.rs zone to the server
This commit is contained in:
parent
691b0c6c00
commit
dcfd955e57
3 changed files with 16 additions and 12 deletions
|
@ -13,7 +13,7 @@ in
|
|||
ksk = "services/dns/rs/chir/32969";
|
||||
zsk = "services/dns/rs/chir/51207";
|
||||
zone = chir-rs;
|
||||
zonename = "staging.chir.rs";
|
||||
zonename = "chir.rs";
|
||||
})
|
||||
];
|
||||
|
||||
|
@ -28,15 +28,17 @@ in
|
|||
file = "darkkirb.de.zone";
|
||||
};
|
||||
"chir.rs" = {
|
||||
master = false;
|
||||
masters = [
|
||||
"fd00:e621:e621::1"
|
||||
];
|
||||
file = "chir.rs.zone";
|
||||
};
|
||||
"staging.chir.rs" = {
|
||||
master = true;
|
||||
file = "/var/lib/named/staging.chir.rs";
|
||||
file = "/var/lib/named/chir.rs";
|
||||
};
|
||||
"_acme-challenge.chir.rs" = {
|
||||
master = true;
|
||||
file = "_acme-challenge.chir.rs";
|
||||
extraConfig = ''
|
||||
update-policy {
|
||||
grant certbot. name _acme-challenge.chir.rs. txt;
|
||||
}
|
||||
'';
|
||||
};
|
||||
"int.chir.rs" = {
|
||||
master = false;
|
||||
|
@ -57,6 +59,7 @@ in
|
|||
statistics-channels {
|
||||
${toString listenEntries}
|
||||
};
|
||||
include "/run/secrets/services/dns/named-keys";
|
||||
'';
|
||||
extraOptions = ''
|
||||
allow-recursion {
|
||||
|
@ -79,4 +82,5 @@ in
|
|||
bindURI = "http://${internalIP.listenIP}:8653/";
|
||||
listenAddress = internalIP.listenIP;
|
||||
};
|
||||
sops.secrets."services/dns/named-keys" = { };
|
||||
}
|
||||
|
|
|
@ -24,6 +24,7 @@ services:
|
|||
virtual_alias_maps.cf: ENC[AES256_GCM,data:FgHuBbf2e/3Fq8A2WY0n8XWMjohpkHUsZdddG44PLHY4//UdFeWUzcGUyJ4G4RsqEZo3thTOPxMzkXEV+eWThtdDzEtw+njdFAzltP0HRM3VtKn0LhXVP4SvyAKwGAFtCPz3R/EiutHhOv5o/4NmbRQrWByIPvWMZCfTO1NYz/P6,iv:jYMHwhCSGMdUgolGxHJxPTaUu5U0Z3uc/+JHUNPjKXo=,tag:88THWp6r3SDNSd77uUBEbw==,type:str]
|
||||
virtual_mailbox_domains.cf: ENC[AES256_GCM,data:mu0oxzRVddXcue7e7XHuulAYgJDpKA+TZd5l7jPzK8xRHxdfzD+fsqm/Kl/bDWGAOlXsltbiBoaIruddywhAOGWwSgMJ8iu2NMx1u1aMvBC2qI4usfjVhp9N0jOkWmIG8YAgYgQaA6qhQorJFXeJjDNX86J5JNBdKAxwQFk20+fOZ1MtVg==,iv:5llgcXLkoRzXwHIDvwZ1qRTf/TBwMgjsxfNGo9I7Blc=,tag:AcCz4LJxacYVButRO/zl9A==,type:str]
|
||||
dns:
|
||||
named-keys: ENC[AES256_GCM,data:0xYRsg7+8uFmEnMBpi1kee9IuZLlSKeIGmslUKU2gdesfXQbgtT5uh+fPMz0EgPVmTyw6JWBIe+j+lbmdc1jlCihh6uq8GJ6CxvYjwdBM5Mqgk2bLTtLC9UPuVNcl7sH3j7cPt7mjQYdoEzIurEosDhw1/IwTB8/2RoFmoKd9IGVQeufxqO5ifwOxPN7kuS+PGviU6A=,iv:b5jWkbLCxKeNt+fV5zW+3mjIxKWCW1ar6ZjECOo8K6c=,tag:KZyqQAuasCeG3SZiYjx4QA==,type:str]
|
||||
de:
|
||||
darkkirb:
|
||||
53136.key: ENC[AES256_GCM,data:etA17O4C2t186i4epPKXwXFVqCZPsu84LaTh4aI4AVfcbK9It0n6d5ynCbwK2/ckbLP3pZqegY70LXNfh6eWhUNw6Ni+cZr06eER1o672tVPwbI7f8pbTGdO7nQzbycwvlXusBYXdp9OHrleJ8PdfmWdlyVrIWMpf1GOAHsdaA5sCTx/qEo4rxnp6viHqC5fRcYRoZRtI1tYcW1O2/dXlDvZLE45lRO0ys7GkXpKT5kvTOnvXmg/m9QjsHGI98qXN/SBQWOybqlNdnZYJY6WEtlLw2AOVKyOsq7sL6l/gEYwB0/kmhrIwbxLw+/Ev82+HvrYskfNWqF5rUmve+7x0KhWcdySbyfuu7sTZlqVagv7jtdyXmEjNGCxwQZt62nttlHUmO34s79OJqy2vQPGJqDBoheagMsug+xmcSx8x2zd7Qg2Ji21tR6y7kQQ7tZKj63o3yc=,iv:BFWbN2G1EyHohOBCIDGst7T0Ceiz+9XRT4L8/qM4Lv4=,tag:pI+osFnPdBemZXKftuSPDg==,type:str]
|
||||
|
@ -60,8 +61,8 @@ sops:
|
|||
N1lNTTRhSDFsczd4VjNudUU2NEt4MUEKdVJIJmaoGcwUHa0BGB45jqYnm9aPVZxP
|
||||
dl1vkMx8EAiKhWKbBwQm5fFZcNh371rspGE7KOXmwNbNWef5bVfHpQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-02-09T08:24:21Z"
|
||||
mac: ENC[AES256_GCM,data:40/Z9j5+W+cY5lRqyGjrflpAVoWOAG3tVy7btWD+snI7UIeqhDtvRKzpayBdltA4X+kPgegS+haElUFRykfYB8asUBlzU+D0tBGbCQV/MasGxvVGL+1MCSpJFullVtUIWJ+qnmpfgRqdI0m9xZdeTp0BGf3DBrURiUmCfMfyfK8=,iv:1NKn9YJsMxTmKAexpXjJIWqkK8gR+en0XBw6jwNxKg0=,tag:J7i7Zt6eFJceP7EL1qCb5w==,type:str]
|
||||
lastmodified: "2022-02-09T08:45:20Z"
|
||||
mac: ENC[AES256_GCM,data:6MI/0X1lcULre/8dImg2iSNrNy6hZlnhIGca0K7eaZiC+DLDjp8d7GGKQfxaGX+DFSx7mPvwseQp52dWVgRfAQARyPitRahe7wPFZG1nbCHwzOck/LQ88KzQQ0h9f9hXIaQRfI53fGsPZR+O2NB1RlLls8EFHZvT065qpZjPHt0=,iv:TI8zreHbGTTSuMNvN5aKFHRQUu6TPga0xzC9vvOqx3w=,tag:tsx+lkRY6ZpZUQ97Fn7nOg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-02-02T17:50:42Z"
|
||||
enc: |
|
||||
|
|
|
@ -166,7 +166,6 @@ let
|
|||
mail = createZone { };
|
||||
|
||||
int = delegateTo [
|
||||
"ns1.darkkirb.de."
|
||||
"ns2.darkkirb.de."
|
||||
] // {
|
||||
DS = [{
|
||||
|
|
Loading…
Reference in a new issue