change schema final

2026-06-05 10:36:50 +07:00 · 2026-03-22 12:43:47 +07:00 · 2026-03-22 12:43:47 +07:00 · 550ca5228c
commit 550ca5228c
parent 42f6c415b6
31 changed files with 470 additions and 396 deletions
--- a/docs/example.nix
+++ b/docs/example.nix
@ -1,49 +1,76 @@
-{ dns, ... }: with dns.lib.combinators; {
-  owner = {
-    username = "satr14washere";
-    email = "admin@satr14.my.id";
+{ dns, ... }: {
+  metadata = {
+    description = "Example domain configuration for dns.nix"; # optional, description of use
+    proxy = false; # optional, defaults to false. proxy through Cloudflare
+    owner = { # add extra contacts if needed
+      username = "satr14washere"; # required, github username
+      email = "admin@satr14.my.id";
+    };
  };
-  proxy = false;
-  records = {
+  records = with dns.lib.combinators; { # full list of records supported: https://github.com/nix-community/dns.nix/tree/master/dns/types/records
+    # dns.lib.combinators is optional but provides a lot of useful shortcuts:
+    # https://github.com/nix-community/dns.nix/blob/master/dns/combinators.nix
+    
    A = [
-      {
-        address = "203.0.113.1";
-        ttl = 60 * 60;
-      }
-      "203.0.113.2"
-      (ttl (60 * 60) (a "203.0.113.3"))
+      "203.0.113.50"
+      "198.51.100.50"
+      
+      # or:
+      
+      { address = "203.0.113.50"; ttl = 60 * 60; } # TTL is optional
+      { address = "198.51.100.50"; ttl = 60 * 60; }
+      
+      # using dns.lib.combinators:
+      
+      (ttl (60 * 60) (a "203.0.113.50")) # standalone A record
+      (ttl (60 * 60) (a "2198.51.100.50")) # record with TTL
    ];
-    AAAA = [
-      "4321:0:1:2:3:4:567:89ab"
+    
+    AAAA = [ # mostly same as above
+      "2001:db8::1"
+      "2001:db8::2"
+      
+      # or:
+      
+      { address = "2001:db8::1"; ttl = 60 * 60; }
+      { address = "2001:db8::2"; ttl = 60 * 60; }
+      
+      # using dns.lib.combinators:
+      
+      (ttl (60 * 60) (aaaa "2001:db8::1"))
+      (ttl (60 * 60) (aaaa "2001:db8::2"))
    ];
-    MX = mx.google;
+    
    TXT = [
-      (
-        with spf;
-        strict [
-          "a:mail.example.com"
-          google
-        ]
-      )
+      "v=spf1 include:mailgun.org ~all"
+      "dh=some-long-random-string"
    ];
-    CNAME = [ "example.com." ];
-    DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ];
-    CAA = letsEncrypt "admin@example.com";
-    SRV = [
+    
+    MX = [
      {
-        service = "sip";
-        proto = "tcp";
-        port = 5060;
-        target = "sip.example.com";
+        preference = 10;
+        exchange = "mail.protonmail.ch.";
      }
-    ];
-    TLSA = [
      {
-        certUsage = "dane-ee";
-        selector = "spki";
-        matchingType = "sha256";
-        certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA";
+        preference = 20;
+        exchange = "mailsec.protonmail.ch.";
      }
+      
+      # using dns.lib.combinators:
+      
+      (mx.mx 10 "mail.protonmail.ch.")
+      (mx.mx 20 "mailsec.protonmail.ch.")
    ];
+        
+    # a few notes about CNAME records:
+    # - value must end with a dot (.)
+    # - cannot coexist with other record types (e.g. A, AAAA, MX) for the same subdomain
+    # - can only be one despite being a list (this example defined multiple only for demonstrating valid values)
+    CNAME = [
+      "edge.redirect.pizza."
+      "username.github.io."
+      "site.pages.dev."
+    ];
+    
  };
 }