ptr.pet / ark
nix machine / user configurations
fork atom

use hedns

ptr.pet 007f5018 6daa2428

verified
options
unified split
Changed files
+21 -28
dns
dnsconfig.js
hosts
trimounts
modules
nginx.nix
+20 -24
dns/dnsconfig.js
··· 1 1 var DSP_CLOUDFLARE = NewDnsProvider("cloudflare"); 2 - var DSP_BUNNY = NewDnsProvider("bunny_dns"); 2 + var DSP_PRIMARY = NewDnsProvider("hedns"); 3 3 var REG_NONE = NewRegistrar("none"); 4 4 5 5 var DZWONEK_IP4 = "94.237.26.47"; ··· 52 52 D( 53 53 "gaze.systems", 54 54 REG_NONE, 55 - DnsProvider(DSP_BUNNY), 56 - DefaultTTL(1), 55 + DnsProvider(DSP_PRIMARY), 57 56 TRIMOUNTS( 58 57 [ 59 58 "@", "doc", "pmart", "dash", "id", ··· 90 89 "9.0.0.0.8.e.f.1.5.0.7.4.0.1.0.0.2.ip6.arpa", 91 90 REG_NONE, 92 91 DnsProvider(DSP_CLOUDFLARE), 93 - DefaultTTL(1), 94 92 TRIMOUNTS("@", CF_PROXY_ON), 95 93 TXT("@", "a data endpoint for entity with serial id /90008/."), 96 94 TXT( ··· 111 109 D( 112 110 "poor.dog", 113 111 REG_NONE, 114 - DnsProvider(DSP_BUNNY), 115 - DefaultTTL(1), 112 + DnsProvider(DSP_PRIMARY), 116 113 TRIMOUNTS("@", CF_PROXY_OFF), 117 114 TXT("@", "v=spf1 -all"), 118 115 TXT("_dmarc", "v=DMARC1; p=reject;"), ··· 120 117 IGNORE_ACME(), 121 118 ); 122 119 123 - var EMAIL_TTL = 86400; 120 + var EMAIL_TTL = function () { return TTL(86400); }; 124 121 125 122 D( 126 123 "ptr.pet", 127 124 REG_NONE, 128 - DnsProvider(DSP_BUNNY), 129 - DefaultTTL(1), 125 + DnsProvider(DSP_PRIMARY), 130 126 TRIMOUNTS("@", CF_PROXY_OFF), 131 127 DZWONEK(["nucleus", "trill", "dysnomia"], CF_PROXY_OFF), 132 128 // atproto ··· 138 134 CNAME("*.june", "girlboss.ceo."), 139 135 // email 140 136 // verification 141 - TXT("@", "hosted-email-verify=zr04ylon", TTL(EMAIL_TTL)), 137 + TXT("@", "hosted-email-verify=zr04ylon", EMAIL_TTL()), 142 138 143 - MX("@", 10, "aspmx1.migadu.com.", TTL(EMAIL_TTL)), 144 - MX("@", 20, "aspmx2.migadu.com.", TTL(EMAIL_TTL)), 139 + MX("@", 10, "aspmx1.migadu.com.", EMAIL_TTL()), 140 + MX("@", 20, "aspmx2.migadu.com.", EMAIL_TTL()), 145 141 146 142 // DKIM 147 143 CNAME( 148 144 "key1._domainkey", 149 145 "key1.ptr.pet._domainkey.migadu.com.", 150 - TTL(EMAIL_TTL), 146 + EMAIL_TTL(), 151 147 ), 152 148 CNAME( 153 149 "key2._domainkey", 154 150 "key2.ptr.pet._domainkey.migadu.com.", 155 - TTL(EMAIL_TTL), 151 + EMAIL_TTL(), 156 152 ), 157 153 CNAME( 158 154 "key3._domainkey", 159 155 "key3.ptr.pet._domainkey.migadu.com.", 160 - TTL(EMAIL_TTL), 156 + EMAIL_TTL(), 161 157 ), 162 158 163 159 // SPF 164 - TXT("@", "v=spf1 include:spf.migadu.com -all", TTL(EMAIL_TTL)), 160 + TXT("@", "v=spf1 include:spf.migadu.com -all", EMAIL_TTL()), 165 161 166 162 // DMARC 167 163 TXT( 168 164 "_dmarc", 169 165 "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; fo=1; pct=100; rua=mailto:infrastructure@ptr.pet; ruf=mailto:infrastructure@ptr.pet", 170 - TTL(EMAIL_TTL), 166 + EMAIL_TTL(), 171 167 ), 172 168 173 169 // configuration 174 170 TXT( 175 171 "@", 176 172 "mailconf=https://autoconfig.migadu.com/mail/config-v1.1.xml", 177 - TTL(EMAIL_TTL), 173 + EMAIL_TTL(), 178 174 ), 179 175 180 176 // TLS reporting 181 177 TXT( 182 178 "_smtp._tls", 183 179 "v=TLSRPTv1; rua=mailto:infrastructure@ptr.pet", 184 - TTL(EMAIL_TTL), 180 + EMAIL_TTL(), 185 181 ), 186 182 187 183 // mta-sts 188 184 TRIMOUNTS("mta-sts", CF_PROXY_OFF), 189 - TXT("_mta-sts", "v=STSv1; id=20250930T1945", TTL(EMAIL_TTL)), 185 + TXT("_mta-sts", "v=STSv1; id=20250930T1945", EMAIL_TTL()), 190 186 191 187 // autoconfig 192 188 TRIMOUNTS(["autoconfig", "autodiscover"], CF_PROXY_OFF), ··· 198 194 1, 199 195 443, 200 196 "autodiscover.migadu.com.", 201 - TTL(EMAIL_TTL), 197 + EMAIL_TTL(), 202 198 ), 203 - SRV("_submissions._tcp", 0, 1, 465, "smtp.migadu.com.", TTL(EMAIL_TTL)), 204 - SRV("_imaps._tcp", 0, 1, 993, "imap.migadu.com.", TTL(EMAIL_TTL)), 205 - SRV("_pop3s._tcp", 0, 1, 995, "pop.migadu.com.", TTL(EMAIL_TTL)), 199 + SRV("_submissions._tcp", 0, 1, 465, "smtp.migadu.com.", EMAIL_TTL()), 200 + SRV("_imaps._tcp", 0, 1, 993, "imap.migadu.com.", EMAIL_TTL()), 201 + SRV("_pop3s._tcp", 0, 1, 995, "pop.migadu.com.", EMAIL_TTL()), 206 202 207 203 IGNORE_ACME(), 208 204 );
+1 -4
hosts/trimounts/modules/nginx.nix
··· 44 44 defaults = { 45 45 group = "nginx"; 46 46 email = (import "${inputs.self}/personal.nix").emails.primary; 47 - dnsProvider = "bunny"; 48 - credentialFiles = { 49 - BUNNY_API_KEY_FILE = config.age.secrets.bunnyApiKey.path; 50 - }; 47 + webroot = "/var/lib/acme/acme-challenge"; 51 48 }; 52 49 certs."poor.dog" = { }; 53 50 certs."ptr.pet" = { };