gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

project-wide: DNS records for services and athame

Browse source
This commit is contained in:
kat witch 2021-03-30 02:59:22 +01:00
parent 2eb84e4654
commit bcfdc68b30
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
9 changed files with 67 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

32
hosts/athame/meta.nix
View file

@ -1,4 +1,4 @@
{ config, hosts, ... }: {
{ config, hosts, lib, ... }: {
config = {
resources.athame = {
provider = "null";
@ -9,17 +9,16 @@
};
};
resources.athame_test_domain = {
provider = "dns";
type = "a_record_set";
inputs = {
zone = "kittywit.ch.";
name = "testy";
addresses = [
"168.119.126.111"
];
ttl = 300;
};
dns.records.kittywitch_athame = {
tld = "kittywit.ch.";
domain = "athame";
a.address = "168.119.126.111";
};
dns.records.kittywitch_root = {
tld = "kittywit.ch.";
domain = "@";
a.address = "168.119.126.111";
};
deploy.systems.athame = with config.resources; {
@ -27,7 +26,12 @@
connection = athame.connection.set;
triggers.copy.athame = athame.refAttr "id";
triggers.secrets.athame = athame.refAttr "id";
triggers.switch.athame = config.lib.tf.terraformExpr ''join(",", ${athame_test_domain.namedRef}.addresses)'';
};
#triggers.switch = lib.mapAttrs (name: record: {
#A = config.lib.tf.terraformExpr ''join(",", ${record.out.resource.namedRef}.addresses)'';
#AAAA = config.lib.tf.terraformExpr ''join(",", ${record.out.resource.namedRef}.addresses)'';
#CNAME = record.out.resource.refAttr "cname";
#SRV = record.out.resource.refAttr "id";
#}.${record.out.type}) config.dns.records;
};
};
}

6
hosts/athame/nixos/default.nix
View file

@ -33,6 +33,12 @@
interfaces.enp1s0.useDHCP = true;
};
deploy.tf.dns.records.kittywitch_www = {
tld = "kittywit.ch.";
domain = "www";
cname.target = "athame.kittywit.ch.";
};
networking.firewall.allowedTCPPorts =
[ 22 80 443 5160 5060 8999 64738 1935 53589 5001 ];
networking.firewall.allowedUDPPorts = [ 5160 5060 64738 ];

6
hosts/athame/nixos/virtualhosts.nix
View file

@ -11,4 +11,10 @@ in {
"athame.kittywit.ch" = { root = "/var/www/athame"; } // common;
"files.kittywit.ch" = { root = "/var/www/files"; } // common;
} // witch.secrets.virtualHosts.athame;
deploy.tf.dns.records.kittywitch_files = {
tld = "kittywit.ch.";
domain = "files";
cname.target = "athame.kittywit.ch.";
};
}

6
services/bitwarden.nix
View file

@ -32,5 +32,11 @@
"/notifications/hub".proxyPass = "http://127.0.0.1:3012";
"/notifications/hub/negotiate".proxyPass = "http://127.0.0.1:80";
};
};
deploy.tf.dns.records.kittywitch_vault = {
tld = "kittywit.ch.";
domain = "vault";
cname.target = "athame.kittywit.ch.";
};
}

6
services/gitea/default.nix
View file

@ -50,4 +50,10 @@
forceSSL = true;
locations = { "/".proxyPass = "http://127.0.0.1:3000"; };
};
deploy.tf.dns.records.kittywitch_git = {
tld = "kittywit.ch.";
domain = "git";
cname.target = "athame.kittywit.ch.";
};
}

8
services/murmur.nix
View file

@ -8,11 +8,17 @@
services.murmur = {
enable = true;
hostName = "mumble.kittywit.ch";
hostName = "voice.kittywit.ch";
extraConfig = ''
sslCert=/var/lib/acme/kittywit.ch/fullchain.pem
sslKey=/var/lib/acme/kittywit.ch/key.pem
'';
};
deploy.tf.dns.records.kittywitch_voice = {
tld = "kittywit.ch.";
domain = "voice";
cname.target = "athame.kittywit.ch.";
};
}

6
services/syncserver.nix
View file

@ -12,5 +12,11 @@
enableACME = true;
forceSSL = true;
locations = { "/".proxyPass = "http://127.0.0.1:5001"; };
};
deploy.tf.dns.records.kittywitch_sync = {
tld = "kittywit.ch.";
domain = "sync";
cname.target = "athame.kittywit.ch.";
};
}

6
services/weechat.nix
View file

@ -35,5 +35,11 @@ in {
proxyWebsockets = true;
};
};
};
deploy.tf.dns.records.kittywitch_irc = {
tld = "kittywit.ch.";
domain = "irc";
cname.target = "athame.kittywit.ch.";
};
}

6
services/znc.nix
View file

@ -27,4 +27,10 @@
forceSSL = true;
locations = { "/".proxyPass = "http://127.0.0.1:5000"; };
};
deploy.tf.dns.records.kittywitch_znc = {
tld = "kittywit.ch.";
domain = "znc";
cname.target = "athame.kittywit.ch.";
};
}