deployment/services/dns.scm


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

;;; SPDX-License-Identifier: GPL-3.0-or-later
;;; SPDX-FileCopyrightText: 2024-2026 Marek Paśnikowski <marek@marekpasnikowski.pl>

(define-module (deployment services dns)
  #:export     (aisaka-knot-service)
  #:use-module (gnu services)
  #:use-module (gnu services dns))

(define ip-multimedia "81.190.248.246")

(define ip-otvarta "95.171.119.109")

(define ttl "3600")

(define spf-value
  (string-append "\"v=spf1 ip4:"
                 ip-otvarta
                 " -all\""))

(define-zone-entries marekpasnikowski.pl-entries
  ("@"               ttl "IN" "A"     ip-otvarta)
  ("2"               ttl "IN" "A"     ip-otvarta)
  ("ns1"             ttl "IN" "A"     ip-otvarta)
  ("@"               ttl "IN" "NS"    "ns1.marekpasnikowski.pl.")
  ("@"               ttl "IN" "A"     ip-multimedia)
  ("1"               ttl "IN" "A"     ip-multimedia)
  ("ns2"             ttl "IN" "A"     ip-multimedia)
  ("@"               ttl "IN" "NS"    "ns2.marekpasnikowski.pl.")
  ("@"               ttl "IN" "MX"    "10 marekpasnikowski.pl.")
  ("@"               ttl "IN" "TXT"   spf-value)
  ("_caldavs._tcp"   ttl "IN" "SRV"   "10 0 443 radicale.marekpasnikowski.pl")
  ("_carddavs._tcp"  ttl "IN" "SRV"   "10 0 443 radicale.marekpasnikowski.pl")
  ("_dmarc"          ttl "IN" "TXT"   "\"v=DMARC1; p=reject; sp=reject; pct=100; aspf=s; adkim=s; fo=1; rua=mailto:abuse@marekpasnikowski.pl; ruf=mailto:abuse@marekpasnikowski.pl\"")
  ("dkim._domainkey" ttl "IN" "TXT"   "\"v=DKIM1; d=marekpasnikowski.pl; t=s; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/b/WV5EUxqAhBgJ4v5K3sP8QI+IwziRJ/F9SDO3p3QOMjZd9AGVt2/AztZ4EmcOJnTlbQnLE/DKCOq4HAdxSZjIqj5AXyMddvWiO78+ugdame/flV0tjdDGNflx65Twap3qgJ9jzhvJfZ1BDuh2WC06fn2pyFl1TCETEGp6ZDkI41FW5GH8l9Jk7hhCmr+Mau0EpE7V42lBdireItOA1e7jQcub50584QATme4rYxA7WR4AeIsknOkUo4q8vkVrssoP11nSg/sNM9RGn1QDfVMJRX0twtgGnJ8N5QE4Ia9DvXL4Y0PNMC0/frp13pB6m1VQP/Z4jfDy+TQzEdSRaQIDAQAB\"")
  ("git"             ttl "IN" "CNAME" "1")
  ("guix"            ttl "IN" "CNAME" "1")
  ("matrix"          ttl "IN" "CNAME" "1")
  ("radicale"        ttl "IN" "CNAME" "1")
  ("schron"          ttl "IN" "CNAME" "1")
  ("sejf"            ttl "IN" "CNAME" "1")
  ("test"            ttl "IN" "CNAME" "1")
  ("www"             ttl "IN" "CNAME" "1"))

(define marekpasnikowski.pl-zone
  (zone-file
   (entries marekpasnikowski.pl-entries)
   (origin  "marekpasnikowski.pl")
   (ns      "ns1.marekpasnikowski.pl.")
   (mail    "marek.marekpasnikowski.pl.")
   (serial  2026042000)))

(define aisaka-master-zone
  (knot-zone-configuration
   (domain "marekpasnikowski.pl")
   (zone   marekpasnikowski.pl-zone)))

(define aisaka-knot-configuration
  (knot-configuration
   (listen-v4 "0.0.0.0")
   (zones     (list aisaka-master-zone))))

(define aisaka-knot-service
  (service knot-service-type
           aisaka-knot-configuration))