the-distro/infra
9
0
Fork 5
Code Issues 39 Pull requests 8 Packages Projects 1 Releases Wiki Activity

feat(dns): migrate forkos.org zone to dnsimple

Browse source
This commit is contained in:
Maxine Aubrey 2024-09-24 21:10:39 +02:00
parent 16027be2ca
commit 29c1b366c6
Signed by: amaxine
GPG key ID: F6FE033DFCB899F7
1 changed files with 56 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
terraform/dnsimple.nix
View file

@ -81,6 +81,62 @@ in
) (lib.flatten records)); ) (lib.flatten records));
zones = domains: lib.zipAttrs (lib.mapAttrsToList (zoneName: records: domain zoneName records) domains); zones = domains: lib.zipAttrs (lib.mapAttrsToList (zoneName: records: domain zoneName records) domains);
in zones { in zones {
"forkos.org" = ([
# (record "@" 300 "A" "163.172.69.160")
(record "@" 300 "AAAA" "2001:bc8:38ee:100:1000::20")
(dualProxyRecords "bagel-box.infra" 300 "AAAA" "2001:bc8:38ee:100:100::1")
(dualProxyRecords "gerrit01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::10")
(dualProxyRecords "meta01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::20")
(dualProxyRecords "fodwatch.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::30")
# git.infra.forkos.org exposes opensshd
(dualProxyRecords "git.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::41")
# git.p.forkos.org exposes forgejo ssh server.
(proxyRecords "git.p" 300 "AAAA" "2001:bc8:38ee:100:1000::40")
(dualProxyRecords "buildbot.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::50")
(dualProxyRecords "public01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::60")
(record "cl" 300 "CNAME" "gerrit01.infra.p")
(record "fodwatch" 300 "CNAME" "fodwatch.infra.p")
# git.p.forkos.org is the proxy variant of the Forgejo server.
(record "git" 300 "CNAME" "git.p")
(record "netbox" 300 "CNAME" "meta01.infra.p")
(record "amqp" 300 "CNAME" "bagel-box.infra.p")
(record "grafana" 300 "CNAME" "meta01.infra.p")
(record "hydra" 300 "CNAME" "build-coord.wob01.infra.p")
(record "loki" 300 "CNAME" "meta01.infra.p")
(record "mimir" 300 "CNAME" "meta01.infra.p")
(record "pyroscope" 300 "CNAME" "meta01.infra.p")
(record "tempo" 300 "CNAME" "meta01.infra.p")
(record "matrix" 300 "CNAME" "meta01.infra.p")
(record "alerts" 300 "CNAME" "meta01.infra.p")
(record "buildbot" 300 "CNAME" "buildbot.infra.p")
(record "b" 300 "CNAME" "public01.infra.p")
(record "postgres" 300 "CNAME" "bagel-box.infra.p")
(record "news" 3600 "CNAME" "public01.infra.p")
# S3 in delroth's basement
(record "cache" 300 "AAAA" "2a02:168:6426::12") # smol.delroth.net
(record "cache" 300 "A" "195.39.247.161") # sni proxy
(record "vpn-gw.wob01.infra" 300 "AAAA" "2a01:584:11::2")
(dualProxyRecords "build-coord.wob01.infra" 300 "AAAA" "2a01:584:11::1:11")
# TODO: do not hardcode, just reuse the Colmena hive module outputs to generate all the required details.
]
++ (map (index: record "builder-${toString index}.wob01.infra" 300 "AAAA" "2a01:584:11::1:${toString index}") (genList lib.id 11))
++ (
let
# FIXME: figure out a way to poke `config.services.s3-revproxy` and
# automate the DNS part away?
buckets = [
"channels"
"releases"
"channel-scripts-test"
];
in
map (bucket: record "${bucket}" 300 "CNAME" "public01.infra.p") buckets
));
"flowery.systems" = [ "flowery.systems" = [
(record "" 300 "ALIAS" "news.forkos.org") (record "" 300 "ALIAS" "news.forkos.org")
]; ];