init new infra

2026-01-16 17:45:14 +01:00 · 2024-07-26 18:19:07 +02:00 · 2024-07-26 18:19:07 +02:00 · 0825d85c93
commit 0825d85c93
parent 83458998aa
6 changed files with 206 additions and 0 deletions
--- a/newinfra/nix/modules/dns/default.nix
+++ b/newinfra/nix/modules/dns/default.nix
@ -0,0 +1,28 @@
+{ pkgs, ... }: {
+  # get the package for the debugging tools
+  environment.systemPackages = with pkgs; [ knot-dns ];
+
+  networking.firewall.allowedUDPPortRanges = [
+    { from = 53; to = 53; }
+  ];
+
+  services.knot = {
+    enable = true;
+    settingsFile = pkgs.writeTextFile {
+      name = "knot.conf";
+      text = ''
+        server:
+            listen: 0.0.0.0@53
+            listen: ::@53
+
+        zone:
+          - domain: noratrieb.dev
+            storage: /var/lib/knot/zones/
+            file: ${import ./noratrieb.dev.nix { inherit pkgs; }}
+        log:
+          - target: syslog
+            any: info
+      '';
+    };
+  };
+}
--- a/newinfra/nix/modules/dns/nilstrieb.dev.md
+++ b/newinfra/nix/modules/dns/nilstrieb.dev.md
@ -0,0 +1,29 @@
+@ A N/A 185.199.108.153
+@ A N/A 185.199.109.153
+@ A N/A 185.199.110.153
+@ A N/A 185.199.111.153
+@ AAAA N/A 2606:50c0:8002:0:0:0:0:153
+@ AAAA N/A 2606:50c0:8003:0:0:0:0:153
+@ AAAA N/A 2606:50c0:8000:0:0:0:0:153
+@ AAAA N/A 2606:50c0:8001:0:0:0:0:153
+@ MX 10 mail.protonmail.ch
+@ MX 20 mailsec.protonmail.ch
+@ TXT N/A protonmail-verification=86964dcc4994261eab23dbc53dad613b10bab6de
+@ TXT N/A v=spf1 include:_spf.protonmail.ch ~all
+bisect-rustc A N/A 184.174.32.252
+blog CNAME N/A nilstrieb.github.io
+_atproto.bsky TXT N/A did=did:plc:pqyzoyxk7gfcbxk65mjyncyl
+cors-school A N/A 184.174.32.252
+api.cors-school A N/A 184.174.32.252
+docker A N/A 184.174.32.252
+hugo-chat A N/A 184.174.32.252
+api.hugo-chat A N/A 184.174.32.252
+k8s-control A N/A 161.97.165.1
+localhost A N/A 127.0.0.1
+olat A N/A 184.174.32.252
+pronouns TXT N/A TODO
+uptime A N/A 184.174.32.252
+vps1 A N/A 161.97.165.1
+vps2 A N/A 184.174.32.252
+www A N/A 184.174.32.252
+dns1 A N/A 154.38.163.74
--- a/newinfra/nix/modules/dns/noratrieb.dev.nix
+++ b/newinfra/nix/modules/dns/noratrieb.dev.nix
@ -0,0 +1,43 @@
+# https://github.com/nix-community/dns.nix
+{ pkgs, ... }:
+let
+  # TODO: do this in a central place
+  dns = import (pkgs.fetchFromGitHub {
+    owner = "nix-community";
+    repo = "dns.nix";
+    rev = "v1.1.2";
+    hash = "sha256-EHiDP2jEa7Ai5ZwIf5uld9RVFcV77+2SUxjQXwJsJa0=";
+  });
+
+  data = with dns.lib.combinators;
+    {
+      SOA = {
+        nameServer = "154.38.163.74"; #"ns1.noratrieb.dev";
+        adminEmail = "void@noratrieb.dev";
+        serial = 2024072601;
+      };
+
+      NS = [
+        "154.38.163.74" #"ns1.noratrieb.dev"
+        #"ns2.noratrieb.dev"
+      ];
+
+      A = [ (a "161.97.165.1") ];
+      AAAA = [ ];
+
+      subdomains = {
+        www.CNAME = [ (cname "noratrieb.dev") ];
+        pronouns.TXT = [
+          "she/her"
+        ];
+
+        #ns1 = (host "154.38.163.74");
+
+        #"dns1.infra" = (a "154.38.163.74");
+      };
+    };
+in
+pkgs.writeTextFile {
+  name = "noratrieb.dev.zone";
+  text = dns.lib.toString "noratrieb.dev" data;
+}