mirror of
https://github.com/partofmyid/register.git
synced 2026-06-05 18:46:50 +07:00
91 lines
1.6 KiB
Nix
91 lines
1.6 KiB
Nix
{ dns, ... }:
|
|
with dns.lib.combinators;
|
|
{
|
|
A = [
|
|
{
|
|
address = "203.0.113.1";
|
|
ttl = 60 * 60;
|
|
}
|
|
"203.0.113.2"
|
|
(ttl (60 * 60) (a "203.0.113.3"))
|
|
];
|
|
|
|
AAAA = [
|
|
"4321:0:1:2:3:4:567:89ab"
|
|
];
|
|
|
|
MX = mx.google;
|
|
|
|
TXT = [
|
|
(
|
|
with spf;
|
|
strict [
|
|
"a:mail.example.com"
|
|
google
|
|
]
|
|
)
|
|
];
|
|
|
|
DMARC = [ (dmarc.postmarkapp "mailto:re+abcdefghijk@dmarc.postmarkapp.com") ];
|
|
|
|
CAA = letsEncrypt "admin@example.com";
|
|
|
|
SRV = [
|
|
{
|
|
service = "sip";
|
|
proto = "tcp";
|
|
port = 5060;
|
|
target = "sip.example.com";
|
|
}
|
|
];
|
|
|
|
SSHFP = [
|
|
{
|
|
algorithm = "ed25519";
|
|
fingerprintType = "sha256";
|
|
fingerprint = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA";
|
|
}
|
|
];
|
|
OPENPGPKEY = [
|
|
"very long base64 text"
|
|
];
|
|
HTTPS = [
|
|
{
|
|
svcPriority = 1;
|
|
targetName = ".";
|
|
alpn = [
|
|
"http/1.1"
|
|
"h2"
|
|
"h3"
|
|
];
|
|
ipv4hint = [
|
|
"203.0.113.1"
|
|
"203.0.113.2"
|
|
"203.0.113.3"
|
|
];
|
|
ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ];
|
|
}
|
|
];
|
|
TLSA = [
|
|
{
|
|
certUsage = "dane-ee";
|
|
selector = "spki";
|
|
matchingType = "sha256";
|
|
certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA";
|
|
}
|
|
];
|
|
|
|
subdomains = rec {
|
|
www.A = [ "203.0.113.4" ];
|
|
www2 = host "203.0.113.5" "4321:0:1:2:3:4:567:89bb";
|
|
www3 = host "203.0.113.6" null;
|
|
www4 = www3;
|
|
|
|
staging = delegateTo [
|
|
"ns1.another.com."
|
|
"ns2.another.com."
|
|
];
|
|
|
|
foo.subdomains.www.CNAME = [ "foo.test.com." ];
|
|
};
|
|
}
|