(system, services): move dns definitions to a new module

1 files changed, 64 insertions, 0 deletions

diff --git a/deployment/services/dns.scm b/deployment/services/dns.scm
new file mode 100644
index 0000000..ce348a6
--- /dev/null
+++ b/deployment/services/dns.scm
@@ -0,0 +1,64 @@
+;;; SPDX-License-Identifier: GPL-3.0-or-later
+;;; SPDX-FileCopyrightText: 2024-2026 Marek Paśnikowski <marek@marekpasnikowski.pl>
+
+(define-module (deployment services dns)
+  #:export     (aisaka-knot-service)
+  #:use-module (gnu services)
+  #:use-module (gnu services dns))
+
+(define ip-multimedia "81.190.248.246")
+
+(define ip-otvarta "95.171.119.109")
+
+(define ttl "3600")
+
+(define spf-value
+  (string-append "\"v=spf1 ip4:"
+                 ip-otvarta
+                 " -all\""))
+
+(define-zone-entries marekpasnikowski.pl-entries
+  ("@"               ttl "IN" "A"     ip-otvarta)
+  ("2"               ttl "IN" "A"     ip-otvarta)
+  ("ns1"             ttl "IN" "A"     ip-otvarta)
+  ("@"               ttl "IN" "NS"    "ns1.marekpasnikowski.pl.")
+  ("@"               ttl "IN" "A"     ip-multimedia)
+  ("1"               ttl "IN" "A"     ip-multimedia)
+  ("ns2"             ttl "IN" "A"     ip-multimedia)
+  ("@"               ttl "IN" "NS"    "ns2.marekpasnikowski.pl.")
+  ("@"               ttl "IN" "MX"    "10 marekpasnikowski.pl.")
+  ("@"               ttl "IN" "TXT"   spf-value)
+  ("_caldavs._tcp"   ttl "IN" "SRV"   "10 0 443 radicale.marekpasnikowski.pl")
+  ("_carddavs._tcp"  ttl "IN" "SRV"   "10 0 443 radicale.marekpasnikowski.pl")
+  ("_dmarc"          ttl "IN" "TXT"   "\"v=DMARC1; p=reject; sp=reject; pct=100; aspf=s; adkim=s; fo=1; rua=mailto:abuse@marekpasnikowski.pl; ruf=mailto:abuse@marekpasnikowski.pl\"")
+  ("dkim._domainkey" ttl "IN" "TXT"   "\"v=DKIM1; d=marekpasnikowski.pl; t=s; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/b/WV5EUxqAhBgJ4v5K3sP8QI+IwziRJ/F9SDO3p3QOMjZd9AGVt2/AztZ4EmcOJnTlbQnLE/DKCOq4HAdxSZjIqj5AXyMddvWiO78+ugdame/flV0tjdDGNflx65Twap3qgJ9jzhvJfZ1BDuh2WC06fn2pyFl1TCETEGp6ZDkI41FW5GH8l9Jk7hhCmr+Mau0EpE7V42lBdireItOA1e7jQcub50584QATme4rYxA7WR4AeIsknOkUo4q8vkVrssoP11nSg/sNM9RGn1QDfVMJRX0twtgGnJ8N5QE4Ia9DvXL4Y0PNMC0/frp13pB6m1VQP/Z4jfDy+TQzEdSRaQIDAQAB\"")
+  ("git"             ttl "IN" "CNAME" "1")
+  ("guix"            ttl "IN" "CNAME" "1")
+  ("matrix"          ttl "IN" "CNAME" "1")
+  ("radicale"        ttl "IN" "CNAME" "1")
+  ("schron"          ttl "IN" "CNAME" "1")
+  ("sejf"            ttl "IN" "CNAME" "1")
+  ("test"            ttl "IN" "CNAME" "1")
+  ("www"             ttl "IN" "CNAME" "1"))
+
+(define marekpasnikowski.pl-zone
+  (zone-file
+   (entries marekpasnikowski.pl-entries)
+   (origin  "marekpasnikowski.pl")
+   (ns      "ns1.marekpasnikowski.pl.")
+   (mail    "marek.marekpasnikowski.pl.")
+   (serial  2026042000)))
+
+(define aisaka-master-zone
+  (knot-zone-configuration
+   (domain "marekpasnikowski.pl")
+   (zone   marekpasnikowski.pl-zone)))
+
+(define aisaka-knot-configuration
+  (knot-configuration
+   (listen-v4 "0.0.0.0")
+   (zones     (list aisaka-master-zone))))
+
+(define aisaka-knot-service
+  (service knot-service-type
+           aisaka-knot-configuration))