|
|
|
|
@ -81,74 +81,10 @@ in
|
|
|
|
|
) (lib.flatten records));
|
|
|
|
|
zones = domains: lib.zipAttrs (lib.mapAttrsToList (zoneName: records: domain zoneName records) domains);
|
|
|
|
|
in zones {
|
|
|
|
|
"forkos.org" = ([
|
|
|
|
|
# (record "@" 300 "A" "163.172.69.160")
|
|
|
|
|
(record "@" 300 "AAAA" "2001:bc8:38ee:100:1000::20")
|
|
|
|
|
|
|
|
|
|
(dualProxyRecords "bagel-box.infra" 300 "AAAA" "2001:bc8:38ee:100:100::1")
|
|
|
|
|
(dualProxyRecords "gerrit01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::10")
|
|
|
|
|
(dualProxyRecords "meta01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::20")
|
|
|
|
|
(dualProxyRecords "fodwatch.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::30")
|
|
|
|
|
# git.infra.forkos.org exposes opensshd
|
|
|
|
|
(dualProxyRecords "git.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::41")
|
|
|
|
|
# git.p.forkos.org exposes forgejo ssh server.
|
|
|
|
|
(proxyRecords "git.p" 300 "AAAA" "2001:bc8:38ee:100:1000::40")
|
|
|
|
|
(dualProxyRecords "buildbot.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::50")
|
|
|
|
|
(dualProxyRecords "public01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::60")
|
|
|
|
|
|
|
|
|
|
(record "cl" 300 "CNAME" "gerrit01.infra.p")
|
|
|
|
|
(record "fodwatch" 300 "CNAME" "fodwatch.infra.p")
|
|
|
|
|
# git.p.forkos.org is the proxy variant of the Forgejo server.
|
|
|
|
|
(record "git" 300 "CNAME" "git.p")
|
|
|
|
|
(record "netbox" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "amqp" 300 "CNAME" "bagel-box.infra.p")
|
|
|
|
|
(record "grafana" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "hydra" 300 "CNAME" "build-coord.wob01.infra.p")
|
|
|
|
|
(record "loki" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "mimir" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "pyroscope" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "tempo" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "matrix" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "alerts" 300 "CNAME" "meta01.infra.p")
|
|
|
|
|
(record "buildbot" 300 "CNAME" "buildbot.infra.p")
|
|
|
|
|
(record "b" 300 "CNAME" "public01.infra.p")
|
|
|
|
|
(record "postgres" 300 "CNAME" "bagel-box.infra.p")
|
|
|
|
|
(record "news" 3600 "CNAME" "public01.infra.p")
|
|
|
|
|
|
|
|
|
|
# S3 in delroth's basement
|
|
|
|
|
(record "cache" 300 "AAAA" "2a02:168:6426::12") # smol.delroth.net
|
|
|
|
|
(record "cache" 300 "A" "195.39.247.161") # sni proxy
|
|
|
|
|
|
|
|
|
|
# misc
|
|
|
|
|
(record "vpn-gw.wob01.infra" 300 "AAAA" "2a01:584:11::2")
|
|
|
|
|
|
|
|
|
|
(dualProxyRecords "build-coord.wob01.infra" 300 "AAAA" "2a01:584:11::1:11")
|
|
|
|
|
|
|
|
|
|
(record "mail.infra.forkos.org" 300 "A" [ "49.13.86.172" ])
|
|
|
|
|
(record "mail.infra.forkos.org" 300 "AAAA" [ "2a01:4f8:1c17:6866::1" ])
|
|
|
|
|
|
|
|
|
|
# TODO: do not hardcode, just reuse the Colmena hive module outputs to generate all the required details.
|
|
|
|
|
]
|
|
|
|
|
++ (map (index: record "builder-${toString index}.wob01.infra" 300 "AAAA" "2a01:584:11::1:${toString index}") (genList lib.id 11))
|
|
|
|
|
++ (
|
|
|
|
|
let
|
|
|
|
|
# FIXME: figure out a way to poke `config.services.s3-revproxy` and
|
|
|
|
|
# automate the DNS part away?
|
|
|
|
|
buckets = [
|
|
|
|
|
"channels"
|
|
|
|
|
"releases"
|
|
|
|
|
"channel-scripts-test"
|
|
|
|
|
];
|
|
|
|
|
in
|
|
|
|
|
map (bucket: record "${bucket}" 300 "CNAME" "public01.infra.p") buckets
|
|
|
|
|
));
|
|
|
|
|
"flowery.systems" = [
|
|
|
|
|
(record "" 300 "ALIAS" "news.forkos.org")
|
|
|
|
|
(record "" 300 "CNAME" "news.forkos.org")
|
|
|
|
|
];
|
|
|
|
|
"vzfdfp.de" = [
|
|
|
|
|
(record "" 300 "MX" "10 mail.infra.forkos.org")
|
|
|
|
|
(record "_dmarc" 300 "TXT" "v=DMARC1; p=none") # TODO: Setup dmarc and dmarc exporer/monitoring
|
|
|
|
|
(record "mail._domainkey" 3600 "TXT" "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8Xy2Rytpa3X/9Or3gKqH0LTn/TD3BoLf77HtUu+GsAsZit+yIVz+zTt3NoNoYsygl2Qc27zAeJhcK3w7dbKVbuWlVBqBzrLP/QK1NqR499RUAwQfyQHZkI+BCTYEY5UkWrFAwZ7LeHgtqDNtbyeCdS7MTST0DhogtIqSJKpP0/QIDAQAB")
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
Janik Haag