diff options
Diffstat (limited to '')
-rw-r--r-- | hosts/common/optional/services/nsd.nix | 13 | ||||
-rw-r--r-- | hosts/common/optional/services/nsd/bitgnome.com.zone | 23 | ||||
-rw-r--r-- | hosts/common/optional/services/nsd/bitgnome.net.zone | 76 | ||||
-rw-r--r-- | hosts/common/optional/services/nsd/blaspheme.net.zone | 27 | ||||
-rw-r--r-- | hosts/common/optional/services/nsd/dwmachfab.com.zone | 35 | ||||
-rw-r--r-- | hosts/common/optional/services/nsd/lindseyholcomb.org.zone | 23 | ||||
-rw-r--r-- | hosts/common/optional/services/nsd/timetrad.com.zone | 35 | ||||
-rw-r--r-- | hosts/darkstar/default.nix | 1 |
8 files changed, 233 insertions, 0 deletions
diff --git a/hosts/common/optional/services/nsd.nix b/hosts/common/optional/services/nsd.nix new file mode 100644 index 0000000..7f95d5a --- /dev/null +++ b/hosts/common/optional/services/nsd.nix @@ -0,0 +1,13 @@ +{ + services.nsd = { + enable = true; + zones = { + "bitgnome.com.".data = builtins.readFile ./nsd/bitgnome.com.zone; + "bitgnome.net.".data = builtins.readFile ./nsd/bitgnome.net.zone; + "blaspheme.net.".data = builtins.readFile ./nsd/blaspheme.net.zone; + "dwmachfab.com.".data = builtins.readFile ./nsd/dwmachfab.com.zone; + "lindseyholcomb.org.".data = builtins.readFile ./nsd/lindseyholcomb.org.zone; + "timetrad.com.".data = builtins.readFile ./nsd/timetrad.com.zone; + }; + }; +} diff --git a/hosts/common/optional/services/nsd/bitgnome.com.zone b/hosts/common/optional/services/nsd/bitgnome.com.zone new file mode 100644 index 0000000..8163125 --- /dev/null +++ b/hosts/common/optional/services/nsd/bitgnome.com.zone @@ -0,0 +1,23 @@ +; Mark Nipper <nipsy@bitgnome.net> +$ORIGIN bitgnome.com. +$TTL 1h + +@ in soa ns.bitgnome.net. nipsy.bitgnome.net. ( + 2022101701 ; serial + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + + in ns ns.bitgnome.net. + in ns ns2.bitgnome.net. + in mx 10 mail.bitgnome.net. + in spf "v=spf1 a mx -all" + in txt "v=spf1 a mx -all" + in a 5.161.149.85 + in aaaa 2a01:4ff:f0:e164::1 + in caa 0 issue ";" + in caa 0 iodef "mailto:nipsy@bitgnome.net" + +www in cname @ diff --git a/hosts/common/optional/services/nsd/bitgnome.net.zone b/hosts/common/optional/services/nsd/bitgnome.net.zone new file mode 100644 index 0000000..a64855c --- /dev/null +++ b/hosts/common/optional/services/nsd/bitgnome.net.zone @@ -0,0 +1,76 @@ +; Mark Nipper <nipsy@bitgnome.net> +$ORIGIN bitgnome.net. +$TTL 1h + +@ in soa ns.bitgnome.net. nipsy.bitgnome.net. ( + 2024060502 ; serial + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + + in ns ns + in ns ns2 + in mx 10 mail + in a 5.161.149.85 + in aaaa 2a01:4ff:f0:e164::1 + in spf "v=spf1 a mx -all" + in txt "v=spf1 a mx -all" + in caa 0 issue "letsencrypt.org" + in caa 0 iodef "mailto:nipsy@bitgnome.net" +; in sshfp 1 1 3a57d529429d56a34da3633c57ab7be197896a8f +; in sshfp 2 1 34acc116ea0ec7853a70f7df5d72e7539bfdeacf +; in sshfp 3 1 b9acd4407929f3193d2757a104775d3cafebacaf +; in sshfp 1 2 01d092a732d0818f50f1775aeb52bece87b2b43d7ef87df9c293da95bf85de23 +; in sshfp 2 2 c9b093a17ee29785c1c6fe94482735d6e20e59e25732b63a3998bdf3f7f7960b +; in sshfp 3 2 b303db2410f71b4d861a9e840bac9e085a5519d68bbefb0fee6232b9408c0dae + +; name servers +ns in a 5.161.149.85 +ns in aaaa 2a01:4ff:f0:e164::1 +ns2 in a 67.5.105.68 + +; srv records +_xmpp-client._tcp 5m in srv 0 0 5222 bitgnome.net. +_xmpp-server._tcp 5m in srv 0 0 5269 bitgnome.net. +_jabber._tcp 5m in srv 0 0 5269 bitgnome.net. + +; assorted mail records +202006._domainkey 5m in txt ( "v=DKIM1; h=sha256; k=rsa; s=email; " + "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoNuipuXzlhkKA8p7TkQe59gKyfAzOa4beUgjmRJ+vhRtwkQ8eFUBLoomAwJDgu1v/x06oguKnWyb8BBkhS47PLS5JptKWeZxBLPuVOSC0ZBpktTNdzvT6ZOHZZQ/QP8XByNItDuMnf9D+7iuBbADeIZpfWdBBJLJ+VyCnp4iyIFSOaN6JKYB1zKTj8zv2Sa0FTLvzAVEsn7KIG" + "LYjwSV1Xjoa5FTtxEg/I96G4FntdwThHO1/GBTF6sYeAXh5ZEeftnSJ5tybi3wYnqvE1zLxPS6hy5TKuU0HqdXAw6sBFmsqeKS9TYPNyoY2Uhb1c5DjcQhztbuebDzsE5dOVkCAp4iaSmK7WfIkYoshEokxS8Ge6LYDFqYlUvj37wZPYbPHlBU3vxmmgw6iMbqwgqk0hk7FJDH8LSe8cfnN2HhYA74OHvqb1a38zSF28VLSzJhVB7xHmct" + "wkRwZToD2whfCq7ug4SzEssBrHNYFC1HBrjbedNujChvFLqAt4bufXmsRwnyLxejStnQ/hfuu+8GczNb/Z8yhpErsS/aWrNTPStxiMnS7vHbQuISCXdxmqI2jZG6JPEsN2lRKa9Q8LYCOHfQj0aeLA9TI7C3lqhux1wrFUkCB4edBHzwUe2aDU+4dQyUeBiHNU4GryrEpAVNL5JECK9XX8i70jvO1hbdHNUCAwEAAQ==" ) +_adsp._domainkey 5m in txt "dkim=all" +_dmarc 5m in txt "v=DMARC1;p=quarantine;sp=quarantine;adkim=r;aspf=r" + +_mta-sts 5m in txt "v=STSv1; id=20220120235310" +_smtp._tls 5m in txt "v=TLSRPTv1; rua=mailto:nipsy@bitgnome.net" + +king 5m in a 5.161.149.85 +king 5m in aaaa 2a01:4ff:f0:e164::1 +;king in sshfp 1 1 3a57d529429d56a34da3633c57ab7be197896a8f +;king in sshfp 2 1 34acc116ea0ec7853a70f7df5d72e7539bfdeacf +;king in sshfp 3 1 b9acd4407929f3193d2757a104775d3cafebacaf +;king in sshfp 1 2 01d092a732d0818f50f1775aeb52bece87b2b43d7ef87df9c293da95bf85de23 +;king in sshfp 2 2 c9b093a17ee29785c1c6fe94482735d6e20e59e25732b63a3998bdf3f7f7960b +;king in sshfp 3 2 b303db2410f71b4d861a9e840bac9e085a5519d68bbefb0fee6232b9408c0dae +mail 5m in a 5.161.149.85 +mail 5m in aaaa 2a01:4ff:f0:e164::1 +www 5m in cname @ +irc 5m in cname @ +nipsy 5m in cname @ +mta-sts 5m in cname @ +;jamie in cname @ +;ssh in cname @ +;absolut101 in cname @ +;royder in cname @ + +; external machines +arrakis 1m in a 67.5.105.68 +;darkstar 1m in a 66.69.213.114 +;nb 1m in a 67.10.209.108 +;terraria 1m in a 128.83.27.4 +;caladan 1m in a 104.130.129.241 +;caladan 1m in aaaa 2001:4800:7818:101:be76:4eff:fe03:db44 +darkstar 1m in a 67.5.105.68 diff --git a/hosts/common/optional/services/nsd/blaspheme.net.zone b/hosts/common/optional/services/nsd/blaspheme.net.zone new file mode 100644 index 0000000..5eb3fec --- /dev/null +++ b/hosts/common/optional/services/nsd/blaspheme.net.zone @@ -0,0 +1,27 @@ +; Mark Nipper <nipsy@bitgnome.net> +$ORIGIN blaspheme.net. +$TTL 1h + +@ in soa ns.bitgnome.net. nipsy.bitgnome.net. ( + 2022101701 ; serial + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + + in ns ns.bitgnome.net. + in ns ns2.bitgnome.net. + in mx 10 mail.bitgnome.net. + in spf "v=spf1 a mx -all" + in txt "v=spf1 a mx -all" + in a 5.161.149.85 + in aaaa 2a01:4ff:f0:e164::1 + in caa 0 issue "letsencrypt.org" + in caa 0 iodef "mailto:nipsy@bitgnome.net" + +www in cname @ +;gallery in cname @ + +; external machines +;ramped 1m in a 24.28.14.165 diff --git a/hosts/common/optional/services/nsd/dwmachfab.com.zone b/hosts/common/optional/services/nsd/dwmachfab.com.zone new file mode 100644 index 0000000..7b02acd --- /dev/null +++ b/hosts/common/optional/services/nsd/dwmachfab.com.zone @@ -0,0 +1,35 @@ +; Mark Nipper <nipsy@bitgnome.net> +$ORIGIN dwmachfab.com. +$TTL 1h + +@ in soa ns.bitgnome.net. nipsy.bitgnome.net. ( + 2022101701 ; serial + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + + in ns ns.bitgnome.net. + in ns ns2.bitgnome.net. + in mx 10 mail.bitgnome.net. + in spf "v=spf1 a mx -all" + in txt "v=spf1 a mx -all" + in a 5.161.149.85 + in aaaa 2a01:4ff:f0:e164::1 + in caa 0 issue "letsencrypt.org" + in caa 0 iodef "mailto:nipsy@bitgnome.net" + +; assorted mail records +202006._domainkey 5m in txt ( "v=DKIM1; h=sha256; k=rsa; s=email; " + "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA6TSR+BszGaWenRxgg53e8qGbMWsNpjmB8XdwGMmae1RviB1/6FTqdlvDhgLQLdL7zK/CiGxgPECsZHqMouNZK/9bh0xjtvVSdCD2LhZJtWBkZjV5h5rVg4diBTZSN9i83FtUaUg4lH0rsek9s1XvO7BAF2mF80L4G77xpQEb2BJLIbinkvY1emIxScMU9Hj3nW8j0sJgruKJon" + "QuPHChfnI43Q5OOZ1pXZiX2hxiVAFFZBo/K2dGDHXpb9ZkgQlKM7k+arhRdGUen6LzV4du8eWT3EFzMnY1YOoVznZC/QZ3ty1uq3hv57BG5+VnYDY6IwopFKVSvQA+Gx7XKCwYFQjseHIClCL/VS6SXvAedijLEWmWpO8Q8Lnm8sWewPLuwKuDhV42prviqhUEbtB6e2ablRjwhfkw1G7C3CaM56rgEDiu3Ri97QiqPc3XML+8qYWQal0k" + "18AL5v0AxCvDKrIASUd9az9JeA0fkXtgu6xGcZj94JzZHL3MQ9KZG8apWJebplItZokzaoT58Q4mbuUeXWSFyd/gV2KjPcdgYPleSqKVee76QwQtQdZQv9jiraro4wCL4i2nFxH4rDrN/It0uRbHg0DHCQsKD1QTbVXNXDJ8H3n+mFm5MePTsoiVgHLM/zoFZ50jNUk11Fr+7zQewdJLjEI9EXdTekzKV6ECAwEAAQ==" ) +_adsp._domainkey 5m in txt "dkim=all" +_dmarc 5m in txt "v=DMARC1;p=quarantine;sp=quarantine;adkim=r;aspf=r" + +_mta-sts 5m in txt "v=STSv1; id=20220120235310" +_smtp._tls 5m in txt "v=TLSRPTv1; rua=mailto:nipsy@bitgnome.net" + +www in cname @ +mta-sts in cname @ diff --git a/hosts/common/optional/services/nsd/lindseyholcomb.org.zone b/hosts/common/optional/services/nsd/lindseyholcomb.org.zone new file mode 100644 index 0000000..2141d43 --- /dev/null +++ b/hosts/common/optional/services/nsd/lindseyholcomb.org.zone @@ -0,0 +1,23 @@ +; Lindsey Holcomb <lindsey.n.holcomb@gmail.com> +$ORIGIN lindseyholcomb.org. +$TTL 1h + +@ in soa ns.bitgnome.net. nipsy.bitgnome.net. ( + 2022101701 ; serial + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + + in ns ns.bitgnome.net. + in ns ns2.bitgnome.net. + in mx 10 mail.bitgnome.net. + in spf "v=spf1 a mx -all" + in txt "v=spf1 a mx -all" + in a 5.161.149.85 + in aaaa 2a01:4ff:f0:e164::1 + in caa 0 issue "letsencrypt.org" + in caa 0 iodef "mailto:nipsy@bitgnome.net" + +www in cname @ diff --git a/hosts/common/optional/services/nsd/timetrad.com.zone b/hosts/common/optional/services/nsd/timetrad.com.zone new file mode 100644 index 0000000..c456f2d --- /dev/null +++ b/hosts/common/optional/services/nsd/timetrad.com.zone @@ -0,0 +1,35 @@ +; Mark Nipper <nipsy@bitgnome.net> +$ORIGIN timetrad.com. +$TTL 1h + +@ in soa ns.bitgnome.net. nipsy.bitgnome.net. ( + 2022101701 ; serial + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + + in ns ns.bitgnome.net. + in ns ns2.bitgnome.net. + in mx 10 mail.bitgnome.net. + in spf "v=spf1 a mx -all" + in txt "v=spf1 a mx -all" + in a 5.161.149.85 + in aaaa 2a01:4ff:f0:e164::1 + in caa 0 issue "letsencrypt.org" + in caa 0 iodef "mailto:nipsy@bitgnome.net" + +; assorted mail records +202006._domainkey 5m in txt ( "v=DKIM1; h=sha256; k=rsa; s=email; " + "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyFHnvujgYzLhdgBIB951u4MgWNcyUCbbBVCDmbvJHnobD9mryY6QF9rn6hS24XHLwz9kRE2V9bYuuLoPHkLvmp6TC6fl0Iq657Tm1j11lZXKI6rZZ9iXuDWdfN3p5zrj1dgYjTYS1mlAgwTjRfdmgd+u7mQo8Gx715TtXgStKpDv1aPdzN479igGRwpylCYKgmkkaQ2ZUH/zm7" + "NcNFGO0kBAhbro7fvKBcxISS/gRyF+e01hCgPSy6YBr/He0jXTiWL5YC7eO21XpCGEIZ2Y0Oa6gFD0rFIsIkkz5IZk49iWKwUw5jj9kFTf5q1dDvDAmiDyh53LQLas2brDXqH0uASAQkFAMOJbekquiWBkIfUljOZbxUIvbrlO4eBtywzGNcaMxnBRxxL/WydCKe9y3s84Xlp8mmtNevY9bfJOreq3qLDgpD/Nts8eSG+XxHirdUBbiKf3" + "7CCeLfqSppGss582hM+QpRzD+MR99sZCccGNhM2oPmWNzupV50F2gUzNR3X/CBO2q+bUoWLGU2nFJNEsYbLIxtV94U7Zmpt0j0WImbfrjuVgY5HDbJcKSC2D5AzBEURwVjyjX1a1F9TbiBdSaVT2yKf113faK4wXC/y+vwHCsgdZ+c4G/P3olOq7b5emMgPkthze+RVeQCrijnTOz8UsdJzY3UPaO7DHMFcCAwEAAQ==" ) +_adsp._domainkey 5m in txt "dkim=all" +_dmarc 5m in txt "v=DMARC1;p=quarantine;sp=quarantine;adkim=r;aspf=r" + +_mta-sts 5m in txt "v=STSv1; id=20220120235310" +_smtp._tls 5m in txt "v=TLSRPTv1; rua=mailto:nipsy@bitgnome.net" + +www in cname @ +mta-sts in cname @ diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix index c3c6dcd..3b9da31 100644 --- a/hosts/darkstar/default.nix +++ b/hosts/darkstar/default.nix @@ -31,6 +31,7 @@ ./services.nix ../common/core ../common/optional/services/kea.nix + ../common/optional/services/nsd.nix ../common/optional/services/openssh.nix ../common/optional/zfs.nix ../common/users/nipsy |