1 files changed, 31 insertions, 1 deletions

diff --git a/dns.nix b/dns.nix
index 35f6676..48c5395 100644
--- a/dns.nix
+++ b/dns.nix
@@ -17,7 +17,28 @@
 # along with loang configuration.  If not, see <https://www.gnu.org/licenses/>.
 
 { ... }:
-{
+let
+  cercleLibreZone = builtins.toFile "cercle.libre.zone" ''
+    @ SOA  danh.loang.net. mcsinyx.disroot.org. 2023021702 14400 3600 604800 3600
+    @ NS   danh.loang.net.
+    @ A    37.205.11.127
+    @ AAAA 2a03:3b40:100::1:2
+  '';
+  sinyxIndyZone = builtins.toFile "sinyx.indy.zone" ''
+    @ SOA  danh.loang.net. mcsinyx.disroot.org. 2023022002 14400 3600 604800 3600
+    @ NS   danh.loang.net.
+    @ A    37.205.11.127
+    @ AAAA 2a03:3b40:100::1:2
+    * A    37.205.11.127
+    * AAAA 2a03:3b40:100::1:2
+  '';
+  stripromanPirateZone = builtins.toFile "striproman.pirate.zone" ''
+    @ SOA  danh.loang.net. mcsinyx.disroot.org. 2023022023 14400 3600 604800 3600
+    @ NS   danh.loang.net.
+    @ A    37.205.11.127
+    @ AAAA 2a03:3b40:100::1:2
+  '';
+in {
   networking.firewall = {
     allowedTCPPorts = [ 53 ];
     allowedUDPPorts = [ 53 ];
@@ -63,6 +84,9 @@
           dnssec-signing: on
 
       zone:
+        - domain: cercle.libre
+          file: ${cercleLibreZone}
+          dnssec-signing: off
         - domain: cnx.gdn
           notify: secondary
           acl: secondary
@@ -70,6 +94,12 @@
           notify: secondary
           acl: lego
           acl: secondary
+        - domain: sinyx.indy
+          file: ${sinyxIndyZone}
+          dnssec-signing: off
+        - domain: striproman.pirate
+          file: ${stripromanPirateZone}
+          dnssec-signing: off
         - domain: xrvs.net
           notify: secondary
           acl: secondary