diff options
| author | Nguyễn Gia Phong <cnx@loang.net> | 2023-11-12 09:55:57 +0900 |
|---|---|---|
| committer | Nguyễn Gia Phong <cnx@loang.net> | 2023-11-12 10:06:43 +0900 |
| commit | fd0b487e839f12feb8c113d2bf8ba59a1949eed6 (patch) | |
| tree | 2eb6f5398a984ada04ad68330ddc7e2b84fa0276 | |
| parent | af06d27ded236d397278dafcbd41e95d076a7d8a (diff) | |
| download | nixos-conf-fd0b487e839f12feb8c113d2bf8ba59a1949eed6.tar.gz | |
Add PUCK secondary for OpenNIC domains
| -rw-r--r-- | dns.nix | 53 |
1 files changed, 30 insertions, 23 deletions
diff --git a/dns.nix b/dns.nix index 1e1b0ea..31554cd 100644 --- a/dns.nix +++ b/dns.nix @@ -22,12 +22,15 @@ let in '' @ SOA danh.loang.net. cnx.loang.net. ${s} 14400 3600 604800 3600 @ NS danh.loang.net. + @ NS puck.nether.net. @ A 37.205.11.127 @ AAAA 2a03:3b40:100::1:2 ''; - openNICZone = domain: serial: { + openNICZone = domain: file: { domain = domain; - file = builtins.toFile "${domain}.zone" (localZone serial); + file = builtins.toFile "${domain}.zone" file; + notify = "puck"; + acl = [ "puck" ]; dnssec-signing = false; }; in { @@ -45,9 +48,13 @@ in { server.listen = [ "0.0.0.0@53" "::@53" ]; remote = [ { - id = "secondary"; + id = "ns-global"; address = [ "204.87.183.53@53" "2607:7c80:54:6::53@53" ]; } + { + id = "puck"; + address = [ "204.42.254.5@53" "2001:418:3f4::5@53" ]; + } ]; log = [ { @@ -57,11 +64,16 @@ in { ]; acl = [ { - id = "secondary"; + id = "ns-global"; address = [ "204.87.183.53" "2607:7c80:54:6::53" ]; action = "transfer"; } { + id = "puck"; + address = [ "204.42.254.5" "2001:418:3f4::5" ]; + action = "transfer"; + } + { id = "xarvos"; key = "xrvs.net"; action = "update"; @@ -77,33 +89,28 @@ in { } ]; zone = [ - (openNICZone "cercle.libre" 2023021702) + (openNICZone "cercle.libre" (localZone 2023021702)) { domain = "cnx.gdn"; - notify = "secondary"; - acl = [ "secondary" ]; + notify = "ns-global"; + acl = [ "ns-global" ]; } { domain = "loang.net"; - notify = "secondary"; - acl = [ "secondary" ]; - } - (openNICZone "musike.pirate" 2023071727) - (openNICZone "rub.parody" 2023032101) - { - domain = "sinyx.indy"; - file = builtins.toFile "sinyx.indy.zone" - ((localZone 2023022002) + '' - * A 37.205.11.127 - * AAAA 2a03:3b40:100::1:2 - ''); - dnssec-signing = false; + notify = "ns-global"; + acl = [ "ns-global" ]; } - (openNICZone "striproman.pirate" 2023022023) + (openNICZone "musike.pirate" (localZone 2023071727)) + (openNICZone "rub.parody" (localZone 2023032101)) + (openNICZone "sinyx.indy" ((localZone 2023022002) + '' + * A 37.205.11.127 + * AAAA 2a03:3b40:100::1:2 + '')) + (openNICZone "striproman.pirate" (localZone 2023022023)) { domain = "xrvs.net"; - notify = "secondary"; - acl = [ "secondary" "xarvos" ]; + notify = "ns-global"; + acl = [ "ns-global" "xarvos" ]; } ]; }; |