ptr.pet
+13
dns/dnsconfig.js
+13
dns/dnsconfig.js
···
85
85
TXT("@", "v=spf1 -all"),
86
86
TXT("_dmarc", "v=DMARC1; p=reject;"),
87
87
);
88
+
89
+
D(
90
+
"ptr.pet",
91
+
REG_NONE,
92
+
DnsProvider(DSP_CLOUDFLARE),
93
+
DefaultTTL(1),
94
+
A("@", WOLUMONDE_IP, CF_PROXY_OFF),
95
+
A("nil", WOLUMONDE_IP, CF_PROXY_OFF),
96
+
TXT("_atproto", "did=did:plc:dfl62fgb7wtjj3fcbb72naae"),
97
+
TXT("_atproto.nil", "did=did:web:dawn.gaze.systems"),
98
+
TXT("@", "v=spf1 -all"),
99
+
TXT("_dmarc", "v=DMARC1; p=reject;"),
100
+
);
+15
-15
hosts/wolumonde/modules/atproto.nix
+15
-15
hosts/wolumonde/modules/atproto.nix
···
17
17
}) files
18
18
);
19
19
};
20
+
mkHandleCfg = rootDomain: did: (mkWellKnownCfg {
21
+
"atproto-did" = pkgs.writeText "server" did;
22
+
})
23
+
// {
24
+
useACMEHost = rootDomain;
25
+
forceSSL = true;
26
+
quic = true;
27
+
kTLS = true;
28
+
};
20
29
mkDidWebCfg = domain: {
21
30
"${domain}" =
22
31
(mkWellKnownCfg {
···
26
35
// (lib.optionalAttrs (lib.hasSuffix "gaze.systems" domain) {
27
36
useACMEHost = "gaze.systems";
28
37
forceSSL = true;
38
+
quic = true;
39
+
kTLS = true;
29
40
});
30
41
};
31
42
dawnDid = "dawn.gaze.systems";
···
36
47
dawnDid guestbookDid "drew.gaze.systems"
37
48
];
38
49
services.nginx.virtualHosts = {
39
-
# "gaze.systems" = mkWellKnownCfg {
40
-
# "atproto-did" = pkgs.writeText "server" "did:plc:dfl62fgb7wtjj3fcbb72naae";
41
-
# };
42
-
"poor.dog" = mkWellKnownCfg {
43
-
"atproto-did" = pkgs.writeText "server" "did:plc:dfl62fgb7wtjj3fcbb72naae";
44
-
};
45
-
# "9.0.0.0.8.e.f.1.5.0.7.4.0.1.0.0.2.ip6.arpa" = mkWellKnownCfg {
46
-
# "atproto-did" = pkgs.writeText "server" "did:plc:dfl62fgb7wtjj3fcbb72naae";
47
-
# };
48
-
"drew.gaze.systems" = (mkWellKnownCfg {
49
-
"atproto-did" = pkgs.writeText "server" "did:plc:vo6ie3kd6xvpjlof4pnb2zzp";
50
-
}) // {
51
-
useACMEHost = "gaze.systems";
52
-
forceSSL = true;
53
-
};
50
+
"poor.dog" = mkHandleCfg "poor.dog" "did:plc:dfl62fgb7wtjj3fcbb72naae";
51
+
"ptr.pet" = mkHandleCfg "ptr.pet" "did:plc:dfl62fgb7wtjj3fcbb72naae";
52
+
"nil.ptr.pet" = mkHandleCfg "ptr.pet" "did:web:dawn.gaze.systems";
53
+
"drew.gaze.systems" = mkHandleCfg "gaze.systems" "did:plc:vo6ie3kd6xvpjlof4pnb2zzp";
54
54
}
55
55
// (mkDidWebCfg dawnDid)
56
56
// (mkDidWebCfg guestbookDid);
+4
hosts/wolumonde/modules/blog.nix
+4
hosts/wolumonde/modules/blog.nix
+7
hosts/wolumonde/modules/nginx.nix
+7
hosts/wolumonde/modules/nginx.nix
···
45
45
defaults.email = (import "${inputs.self}/personal.nix").emails.primary;
46
46
defaults.webroot = "/var/lib/acme/acme-challenge";
47
47
certs."poor.dog" = { };
48
+
certs."ptr.pet" = { };
48
49
certs."gaze.systems" = { };
49
50
};
50
51
services.nginx.virtualHosts."gaze.systems" = {
···
57
58
quic = true;
58
59
kTLS = true;
59
60
useACMEHost = "poor.dog";
61
+
forceSSL = true;
62
+
};
63
+
services.nginx.virtualHosts."ptr.pet" = {
64
+
quic = true;
65
+
kTLS = true;
66
+
useACMEHost = "ptr.pet";
60
67
forceSSL = true;
61
68
};
62
69