project-wide: DNS records for services and athame

2026-02-10 04:49:19 -08:00 · 2021-03-30 02:59:22 +01:00 · 2021-03-30 02:59:22 +01:00 · bcfdc68b30
commit bcfdc68b30
parent 2eb84e4654
9 changed files with 67 additions and 15 deletions
--- a/hosts/athame/meta.nix
+++ b/hosts/athame/meta.nix
@ -1,4 +1,4 @@
-{ config, hosts, ... }: {
+{ config, hosts, lib, ... }: {
  config = {
    resources.athame = {
      provider = "null";
@ -9,17 +9,16 @@
      };
    };

-    resources.athame_test_domain = {
-      provider = "dns";
-      type = "a_record_set";
-      inputs = {
-        zone = "kittywit.ch.";
-        name = "testy";
-        addresses = [
-          "168.119.126.111"
-        ];
-        ttl = 300;
-      };
+    dns.records.kittywitch_athame = {
+      tld = "kittywit.ch.";
+      domain = "athame";
+      a.address = "168.119.126.111";
+    };
+
+    dns.records.kittywitch_root = {
+      tld = "kittywit.ch.";
+      domain = "@";
+      a.address = "168.119.126.111";
    };

    deploy.systems.athame = with config.resources; {
@ -27,7 +26,12 @@
      connection = athame.connection.set;
      triggers.copy.athame = athame.refAttr "id";
      triggers.secrets.athame = athame.refAttr "id";
-      triggers.switch.athame = config.lib.tf.terraformExpr ''join(",", ${athame_test_domain.namedRef}.addresses)'';
-    };
+      #triggers.switch = lib.mapAttrs (name: record: { 
+      #A = config.lib.tf.terraformExpr ''join(",", ${record.out.resource.namedRef}.addresses)'';
+      #AAAA = config.lib.tf.terraformExpr ''join(",", ${record.out.resource.namedRef}.addresses)'';
+      #CNAME = record.out.resource.refAttr "cname";
+      #SRV = record.out.resource.refAttr "id";
+      #}.${record.out.type}) config.dns.records;
+  };
  };
 }
--- a/hosts/athame/nixos/default.nix
+++ b/hosts/athame/nixos/default.nix
@ -33,6 +33,12 @@
    interfaces.enp1s0.useDHCP = true;
  };

+  deploy.tf.dns.records.kittywitch_www = {
+    tld = "kittywit.ch.";
+    domain = "www";
+    cname.target = "athame.kittywit.ch.";
+  };
+
  networking.firewall.allowedTCPPorts =
    [ 22 80 443 5160 5060 8999 64738 1935 53589 5001 ];
  networking.firewall.allowedUDPPorts = [ 5160 5060 64738 ];
--- a/hosts/athame/nixos/virtualhosts.nix
+++ b/hosts/athame/nixos/virtualhosts.nix
@ -11,4 +11,10 @@ in {
    "athame.kittywit.ch" = { root = "/var/www/athame"; } // common;
    "files.kittywit.ch" = { root = "/var/www/files"; } // common;
  } // witch.secrets.virtualHosts.athame;
+
+  deploy.tf.dns.records.kittywitch_files = {
+    tld = "kittywit.ch.";
+    domain = "files";
+    cname.target = "athame.kittywit.ch.";
+  };
 }