From 1c473875f144d6e8e0123070672fdd6f80b86ec1 Mon Sep 17 00:00:00 2001
From: satr14washere <90962949+satr14washere@users.noreply.github.com>
Date: Sat, 21 Mar 2026 18:54:34 +0700
Subject: [PATCH] remove subdomain without root sub

---
 domains/_discord.hanmetaforce.json |  9 -----
 flake.lock                         | 60 ++++++++++++++++++++++++++++++
 flake.nix                          | 32 ++++++++++++++++
 scripts/deploy-apex.sh             | 42 +++++++++++++++++++++
 4 files changed, 134 insertions(+), 9 deletions(-)
 delete mode 100644 domains/_discord.hanmetaforce.json
 create mode 100644 flake.lock
 create mode 100644 flake.nix
 create mode 100644 scripts/deploy-apex.sh

diff --git a/domains/_discord.hanmetaforce.json b/domains/_discord.hanmetaforce.json
deleted file mode 100644
index aaa873a..0000000
--- a/domains/_discord.hanmetaforce.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  "owner": {
-    "username": "hanmetaforce",
-    "discord": "917913229668274186"
-  },
-  "record": {
-    "TXT": ["dh=8c752ee2abcc39a26557a464a8a2401c635c374a"]
-  }
-}
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..306083a
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,60 @@
+{
+  "nodes": {
+    "dns": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      },
+      "locked": {
+        "lastModified": 1768143854,
+        "narHash": "sha256-E5/kyPz4zAZn/lZdvqlF83jMgCWNxmqYjjWuadngCbk=",
+        "owner": "nix-community",
+        "repo": "dns.nix",
+        "rev": "a97cf4156e9f044fe4bed5be531061000dfabb07",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "dns.nix",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "locked": {
+        "lastModified": 1614513358,
+        "narHash": "sha256-LakhOx3S1dRjnh0b5Dg3mbZyH0ToC9I8Y2wKSkBaTzU=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "5466c5bbece17adaab2d82fae80b46e807611bf3",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1774086600,
+        "narHash": "sha256-zjWIPOLpA2yU1PvqaqZ99BP5IRuhTcMpHhw2uDT7lS8=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "6de7809357a63167ebc0cb96d1200fa135f2df8b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "dns": "dns"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..b35d8b3
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,32 @@
+{
+  description = "Zone File Generator For part-of.my.id";
+  inputs.dns.url = "github:nix-community/dns.nix";
+
+  outputs = { dns, ... }: let
+    email = "admin@satr14.my.id";
+    domains."0" = {
+      domain = "part-of.my.id";
+      nameservers = [
+        "adele.ns.cloudflare.com"
+        "fattouche.ns.cloudflare.com"
+      ];
+    };
+  in {
+    packages.x86_64-linux = builtins.mapAttrs (_: domain:
+      dns.util.x86_64-linux.writeZone domain.domain (
+        with dns.lib.combinators; {
+          SOA = {
+            adminEmail = email;
+            nameServer = builtins.head domain.nameservers;
+            serial = builtins.currentTime;
+          };
+          NS = domain.nameservers;
+          
+          # note: Cloudflare ignores SOA and NS records uploaded via Zone File, they are just so that dns.nix builds a valid zone file.
+          
+          A = [ "1.1.1.1" ];
+        }
+      )
+    ) domains;
+  };
+}
diff --git a/scripts/deploy-apex.sh b/scripts/deploy-apex.sh
new file mode 100644
index 0000000..c2ad7a1
--- /dev/null
+++ b/scripts/deploy-apex.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+# script to deploy the APEX domain to Cloudflare with CNAME flattening
+
+set -euo pipefail
+
+ZONE_ID="${CF_ZONE_ID:?}"
+TOKEN="${CF_API_TOKEN:?}"
+TARGET="website-e7n.pages.dev"
+
+EXISTING=$(curl -s \
+  "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records?type=CNAME&name=@" \
+  -H "Authorization: Bearer ${TOKEN}" \
+  | jq -r '.result[0] // empty')
+
+EXISTING_CONTENT=$(echo "$EXISTING" | jq -r '.content // empty')
+EXISTING_ID=$(echo "$EXISTING" | jq -r '.id // empty')
+
+if [[ "$EXISTING_CONTENT" == "$TARGET" ]]; then
+  echo "Apex CNAME unchanged, skipping."
+  exit 0
+fi
+
+if [[ -z "$EXISTING_ID" ]]; then
+  echo "No apex CNAME found, creating..."
+  METHOD="POST"
+  URL="https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records"
+else
+  echo "Apex CNAME changed ($EXISTING_CONTENT → $TARGET), updating..."
+  METHOD="PUT"
+  URL="https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${EXISTING_ID}"
+fi
+
+curl -s -X "$METHOD" "$URL" \
+  -H "Authorization: Bearer ${TOKEN}" \
+  -H "Content-Type: application/json" \
+  --data "{
+    \"type\": \"CNAME\",
+    \"name\": \"@\",
+    \"content\": \"${TARGET}\",
+    \"proxied\": true
+  }" | jq -e '.success'
\ No newline at end of file