2024-09-24 20:52:20 +00:00
1 changed files with 56 additions and 0 deletions
--- a/terraform/dnsimple.nix
+++ b/terraform/dnsimple.nix
@ -81,6 +81,62 @@ in
      ) (lib.flatten records));
      zones = domains: lib.zipAttrs (lib.mapAttrsToList (zoneName: records: domain zoneName records) domains);
    in zones {
+        "forkos.org" = ([
+          # (record "@" 300 "A" "163.172.69.160")
+          (record "@" 300 "AAAA" "2001:bc8:38ee:100:1000::20")
+
+          (dualProxyRecords "bagel-box.infra" 300 "AAAA" "2001:bc8:38ee:100:100::1")
+          (dualProxyRecords "gerrit01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::10")
+          (dualProxyRecords "meta01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::20")
+          (dualProxyRecords "fodwatch.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::30")
+          # git.infra.forkos.org exposes opensshd
+          (dualProxyRecords "git.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::41")
+          # git.p.forkos.org exposes forgejo ssh server.
+          (proxyRecords "git.p" 300 "AAAA" "2001:bc8:38ee:100:1000::40")
+          (dualProxyRecords "buildbot.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::50")
+          (dualProxyRecords "public01.infra" 300 "AAAA" "2001:bc8:38ee:100:1000::60")
+
+          (record "cl" 300 "CNAME" "gerrit01.infra.p")
+          (record "fodwatch" 300 "CNAME" "fodwatch.infra.p")
+          # git.p.forkos.org is the proxy variant of the Forgejo server.
+          (record "git" 300 "CNAME" "git.p")
+          (record "netbox" 300 "CNAME" "meta01.infra.p")
+          (record "amqp" 300 "CNAME" "bagel-box.infra.p")
+          (record "grafana" 300 "CNAME" "meta01.infra.p")
+          (record "hydra" 300 "CNAME" "build-coord.wob01.infra.p")
+          (record "loki" 300 "CNAME" "meta01.infra.p")
+          (record "mimir" 300 "CNAME" "meta01.infra.p")
+          (record "pyroscope" 300 "CNAME" "meta01.infra.p")
+          (record "tempo" 300 "CNAME" "meta01.infra.p")
+          (record "matrix" 300 "CNAME" "meta01.infra.p")
+          (record "alerts" 300 "CNAME" "meta01.infra.p")
+          (record "buildbot" 300 "CNAME" "buildbot.infra.p")
+          (record "b" 300 "CNAME" "public01.infra.p")
+          (record "postgres" 300 "CNAME" "bagel-box.infra.p")
+          (record "news" 3600 "CNAME" "public01.infra.p")
+
+          # S3 in delroth's basement
+          (record "cache" 300 "AAAA" "2a02:168:6426::12") # smol.delroth.net
+          (record "cache" 300 "A" "195.39.247.161") # sni proxy
+
+          (record "vpn-gw.wob01.infra" 300 "AAAA" "2a01:584:11::2")
+
+          (dualProxyRecords "build-coord.wob01.infra" 300 "AAAA" "2a01:584:11::1:11")
+          # TODO: do not hardcode, just reuse the Colmena hive module outputs to generate all the required details.
+        ]
+        ++ (map (index: record "builder-${toString index}.wob01.infra" 300 "AAAA" "2a01:584:11::1:${toString index}") (genList lib.id 11))
+        ++ (
+          let
+            # FIXME: figure out a way to poke `config.services.s3-revproxy` and
+            # automate the DNS part away?
+            buckets = [
+              "channels"
+              "releases"
+              "channel-scripts-test"
+            ];
+          in
+          map (bucket: record "${bucket}" 300 "CNAME" "public01.infra.p") buckets
+        ));
        "flowery.systems" = [
          (record "" 300 "ALIAS" "news.forkos.org")
        ];