shelvacu/nix-stuff
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6ab9c8178d3c5e8e09e4474195287e3de7ca2edc
nix-stuff/dns/shelvacu.com.nix
Shelvacu a8398bfe70 stuff
2025-08-15 21:54:27 -07:00

100 lines
3.1 KiB
Nix
Raw Blame History

{
config,
lib,
vaculib,
...
}:
let
s = v: [ v ];
inherit (config.vacu) dnsData;
trip_ips = s dnsData.tripPublicV4;
prop_ips = s dnsData.propPublicV4;
solis_ips = s config.vacu.hosts.solis.primaryIp;
mail_thing = s "178.128.79.152";
# which domains to allow dmarc reports.
# ex: _dmarc.dis8.net TXT has "rua=rua-reports@shelvacu.com", reports will only be sent if shelvacu.com allows them
# allow all domains configured in this repo, and one level of subdomain (ideally all but thats hard, this should be good enough)
allow_report_domains = lib.pipe config.vacu.dns [
lib.attrNames
(list: list ++ [ "theviolincase.com" "violingifts.com" ])
(lib.concatMap (domain: [domain "*.${domain}"]))
];
in
{
vacu.dns."shelvacu.com" =
{ ... }:
{
vacu.liamMail = true;
A = trip_ips;
CAA = [
{
issuerCritical = true;
tag = "issue";
value = "letsencrypt.org";
}
{
issuerCritical = true;
tag = "issue";
value = "sectigo.com";
}
{
issuerCritical = true;
tag = "issuewild";
value = "letsencrypt.org";
}
{
issuerCritical = false;
tag = "iodef";
value = "mailto:caa-violation@shelvacu.com";
}
];
subdomains = {
_acme-challenge.CNAME = s "5cb20bf7-5203-417f-b729-fa3a3ad3b775.auwwth.dis8.net.";
_atproto.TXT = s "did=did:plc:oqenurzqeji6ulii3myxls64";
"_report._dmarc".subdomains = vaculib.mapNamesToAttrsConst { TXT = s "v=DMARC1"; } allow_report_domains;
admin-garage-trip.A = trip_ips;
auth.A = trip_ips;
autoconfig.A = mail_thing;
awoo.A = s "45.142.157.71";
dav.A = trip_ips;
dav-experiment.A = prop_ips;
ft.subdomains = {
"*".A = s "45.87.250.193";
_acme-challenge.CNAME = s "17aa43aa-9295-4522-8cf2-b94ba537753d.auth.acme-dns.io.";
};
# hzo3bcydh5khtpeio6zrzb7kwcwiccnh.subdomains._domainkey.CNAME = s "hzo3bcydh5khtpeio6zrzb7kwcwiccnh.dkim.amazonses.com.";
id.A = trip_ips;
imap.A = mail_thing;
jobs.A = trip_ips;
llm.A = trip_ips;
mail.A = mail_thing;
# mlsend2.subdomains._domainkey.CNAME = s "mlsend2._domainkey.mailersend.net.";
mumble.A = prop_ips;
nixcache.A = trip_ips;
ns1.CNAME = s "pns51.cloudns.net.";
ns2.CNAME = s "pns52.cloudns.net.";
ns3.CNAME = s "pns53.cloudns.net.";
ns4.CNAME = s "pns54.cloudns.net.";
prop.CNAME = s "prophecy";
prophecy.A = prop_ips;
prophecy.subdomains.garage.subdomains = {
s3.A = prop_ips;
admin.A = prop_ips;
};
rad.A = trip_ips;
s3-garage-trip.A = trip_ips;
servacu.A = s "167.99.161.174";
smtp.A = mail_thing;
sol.CNAME = s "solis";
solis.A = solis_ips;
solis.subdomains.garage.subdomains = {
s3.A = solis_ips;
admin.A = solis_ips;
};
trip.A = trip_ips;
vaultwarden.A = trip_ips;
www.A = trip_ips;
};
};
}
Reference in New Issue View Git Blame Copy Permalink