From bc0ef84465f5ab0b64518e1386971b8cbdddca4d Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 20:10:52 +0200 Subject: [PATCH 01/10] feat: add common record variables --- dnsconfig.js | 6 ++++++ domains/natenom.org.js | 10 ++++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/dnsconfig.js b/dnsconfig.js index 7d8c6ec..a1a3c77 100644 --- a/dnsconfig.js +++ b/dnsconfig.js @@ -1,6 +1,12 @@ var DNS_DESEC = NewDnsProvider("desec"); var REG_NONE = NewRegistrar("none"); +// Records +var A_NATENOM_MAIN = function (name) { return A(name, "188.245.198.27") }; +var AAAA_NATENOM_MAIN = function (name) { return AAAA(name, "2a01:4f8:c013:3235::1") }; +var CAA_DEFAULT = CAA("@", "issue", "letsencrypt.org"); + +// Addresses var NATENOM_MAIN = "natenom-main.natenom.org."; var WEBSYNTHESIS_MX = "mx.websynthesis.org."; diff --git a/domains/natenom.org.js b/domains/natenom.org.js index b1bcf7e..dca68b7 100644 --- a/domains/natenom.org.js +++ b/domains/natenom.org.js @@ -2,11 +2,13 @@ D("natenom.org", REG_NONE, DnsProvider(DNS_DESEC), DefaultTTL("1h"), NAMESERVER_TTL("1h"), - A("@", "188.245.198.27"), - A("natenom-main", "188.245.198.27"), + A_NATENOM_MAIN("@"), + A_NATENOM_MAIN("natenom-main"), - AAAA("@", "2a01:4f8:c013:3235::1"), - AAAA("natenom-main", "2a01:4f8:c013:3235::1"), + AAAA_NATENOM_MAIN("@"), + AAAA_NATENOM_MAIN("natenom-main"), + + CAA_DEFAULT, CNAME("dev", "@"), CNAME("www", "@"), From c629b3fdf41dcc5ce7b0ed60806e8caabb408f4a Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:10:40 +0200 Subject: [PATCH 02/10] feat: add zone file generating bash function --- flake.nix | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/flake.nix b/flake.nix index cdf082f..d4f8192 100644 --- a/flake.nix +++ b/flake.nix @@ -27,11 +27,23 @@ default = mkShell { nativeBuildInputs = [pkgs.dnscontrol]; - shellHook = '' - echo "Bitte einen deSEC-Auth-Token eingeben:" - read -rs DESEC_AUTH_TOKEN - export DESEC_AUTH_TOKEN - ''; + shellHook = + # Auth Token + '' + echo "Bitte einen deSEC-Auth-Token eingeben:" + read -rs DESEC_AUTH_TOKEN + export DESEC_AUTH_TOKEN + '' + # Zonen-Datei generieren + + '' + generate-zone-file () { + if [[ "$1" != "" ]]; then + dnscontrol get-zone --format=zone --out $1.zone' desec - $1 + else + echo "Bitte eine valide Domain eingeben" + fi + }; + ''; }; }); }; From 2d5421d73da69d2fd93c969743184b6be5a63e6b Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:13:59 +0200 Subject: [PATCH 03/10] feat: remove inherit and rec --- flake.nix | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index d4f8192..d4414e8 100644 --- a/flake.nix +++ b/flake.nix @@ -6,6 +6,7 @@ self, }: let pkgs = nixpkgs; + lib = pkgs.lib; mkAllSystems = lib.genAttrs [ "aarch64-darwin" @@ -14,17 +15,13 @@ "x86_64-darwin" "x86_64-linux" ]; - - inherit (pkgs) lib; in { formatter = mkAllSystems (system: pkgs.legacyPackages.${system}.alejandra); devShells = mkAllSystems (system: let pkgs = nixpkgs.legacyPackages.${system}; - - inherit (pkgs) mkShell; - in rec { - default = mkShell { + in { + default = pkgs.mkShell { nativeBuildInputs = [pkgs.dnscontrol]; shellHook = @@ -48,4 +45,3 @@ }); }; } - From d001ba2f10e7c6333090ba10f244f9c4ae2e14aa Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:14:30 +0200 Subject: [PATCH 04/10] feat: add mini manual --- flake.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/flake.nix b/flake.nix index d4414e8..b3ee75f 100644 --- a/flake.nix +++ b/flake.nix @@ -31,6 +31,14 @@ read -rs DESEC_AUTH_TOKEN export DESEC_AUTH_TOKEN '' + # Mini-Anleitung + + '' + echo "" + echo "Prüfen: dnscontrol preview" + echo "Ausrollen: dnscontrol push" + echo "Zone-Dateien generieren: generate-zone-file [domain]" + echo "" + '' # Zonen-Datei generieren + '' generate-zone-file () { From a32eb7087ebddfdd73c1a103440d75c8cba9aaa2 Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:15:49 +0200 Subject: [PATCH 05/10] docs: add readme --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..8073159 --- /dev/null +++ b/README.md @@ -0,0 +1,13 @@ +# DNS Records des Natenom e. V. + +## Zone-Dateien generieren + +Nach jeder Änderung sollen die Zonen-Dateien generiert werden. +Das ist besonders einfach mit der Bash-Funktion `generate-zone-file [domain]` +in der Nix-DevShell (`nix develop`) möglich. + +Diese führt im Hintergrund folgendes aus (Beispiel): + +``` +dnscontrol get-zone --format=zone --out natenom.org.zone desec - natenom.org +``` From 3032edc41b1771ef033a917ec0d454386697980a Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:16:01 +0200 Subject: [PATCH 06/10] docs: add natenom.org zone file --- natenom.org.zone | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 natenom.org.zone diff --git a/natenom.org.zone b/natenom.org.zone new file mode 100644 index 0000000..5d3fb42 --- /dev/null +++ b/natenom.org.zone @@ -0,0 +1,26 @@ +$ORIGIN natenom.org. +$TTL 3600 +@ IN NS ns1.desec.io. + IN NS ns2.desec.org. + IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 + IN MX 0 mx.websynthesis.org. + IN TXT "v=spf1 mx a -all" + IN CAA 0 issue "letsencrypt.org" +dkim._domainkey IN TXT "v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/pwZeHei9J55sOLsdTNb7DHEAICcsGNzFQJV7cTXIbWW6fTmUx4Fnaf9vgcPSEOZH0nPDPzMQfc05mcAIhbSaygIoRhvg8CJvZorW0FLXxBSpvXmwfH6mS/wxrdbPR+2NvbArOyLGAwcE8h3g5UVzchvm8Di1DNU6XXYCxXaMHYv4tl03WBM9U" "PqMd1U0QfXgzyzPNvtjIEe1Hrm96xAyJ9BjrZQJC2KsET/vKY0LjmdAi8Cvt6pO+pjzqGOTTekwL2MsdTYObv75xmubL27O7viLO/ekxPpHGBxXRrsPd07el+yF9tKEj2VTK3pPOGbX/fXtA4HxEZz4sE4U4hZQIDAQAB" +_autodiscover._tcp IN SRV 0 0 443 mx.websynthesis.org. +archive IN CNAME natenom-main.natenom.org. +autoconfig IN CNAME mx.websynthesis.org. +autodiscover IN CNAME mx.websynthesis.org. +ci IN CNAME natenom-main.natenom.org. +dev IN CNAME natenom.org. +git IN CNAME natenom-main.natenom.org. +m IN CNAME mumble.natenom.de. +mumble IN CNAME mumble.natenom.de. +natenom-main IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 +pad IN CNAME natenom-main.natenom.org. +status IN CNAME cozytown-status.cozy.town. +up IN CNAME cozytown-status.cozy.town. +www IN CNAME natenom.org. + From 7397e4ba4d1088c6d9ba18ac0ef0bd409eba323c Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:16:41 +0200 Subject: [PATCH 07/10] feat: add domain kagube.de --- domains/kagube.de.js | 12 ++++++++++++ kagube.de.zone | 10 ++++++++++ 2 files changed, 22 insertions(+) create mode 100644 domains/kagube.de.js create mode 100644 kagube.de.zone diff --git a/domains/kagube.de.js b/domains/kagube.de.js new file mode 100644 index 0000000..0c0ffa1 --- /dev/null +++ b/domains/kagube.de.js @@ -0,0 +1,12 @@ +D("kagube.de", REG_NONE, DnsProvider(DNS_DESEC), + DefaultTTL("1h"), + NAMESERVER_TTL("1h"), + + A_NATENOM_MAIN("@"), + A_NATENOM_MAIN("www"), + + AAAA_NATENOM_MAIN("@"), + AAAA_NATENOM_MAIN("www"), + + CAA_DEFAULT, +); diff --git a/kagube.de.zone b/kagube.de.zone new file mode 100644 index 0000000..d292585 --- /dev/null +++ b/kagube.de.zone @@ -0,0 +1,10 @@ +$ORIGIN kagube.de. +$TTL 3600 +@ IN NS ns1.desec.io. + IN NS ns2.desec.org. + IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 + IN CAA 0 issue "letsencrypt.org" +www IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 + From 2660e294528d6c2d03fcbc9d8b495cbe3aa72db9 Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:17:25 +0200 Subject: [PATCH 08/10] feat: add domain natenom.com --- domains/natenom.com.js | 22 ++++++++++++++++++++++ natenom.com.zone | 18 ++++++++++++++++++ 2 files changed, 40 insertions(+) create mode 100644 domains/natenom.com.js create mode 100644 natenom.com.zone diff --git a/domains/natenom.com.js b/domains/natenom.com.js new file mode 100644 index 0000000..b47f4a1 --- /dev/null +++ b/domains/natenom.com.js @@ -0,0 +1,22 @@ +D("natenom.com", REG_NONE, DnsProvider(DNS_DESEC), + DefaultTTL("1h"), + NAMESERVER_TTL("1h"), + + A_NATENOM_MAIN("@"), + A_NATENOM_MAIN("bn"), + A("mail", "94.16.117.219"), + + AAAA_NATENOM_MAIN("@"), + AAAA_NATENOM_MAIN("bn"), + AAAA("mail", "2a03:4000:29:168::1"), + + CAA_DEFAULT, + + CNAME("blog", "bn"), + CNAME("m", "mumble"), + CNAME("mumble", "talk.cozy.town."), + CNAME("wiki", "bn"), + CNAME("www", "bn"), + + MX("@", 10, "mail"), +); diff --git a/natenom.com.zone b/natenom.com.zone new file mode 100644 index 0000000..a6b273b --- /dev/null +++ b/natenom.com.zone @@ -0,0 +1,18 @@ +$ORIGIN natenom.com. +$TTL 3600 +@ IN NS ns1.desec.io. + IN NS ns2.desec.org. + IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 + IN MX 10 mail.natenom.com. + IN CAA 0 issue "letsencrypt.org" +blog IN CNAME bn.natenom.com. +bn IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 +m IN CNAME mumble.natenom.com. +mail IN A 94.16.117.219 + IN AAAA 2a03:4000:29:168::1 +mumble IN CNAME talk.cozy.town. +wiki IN CNAME bn.natenom.com. +www IN CNAME bn.natenom.com. + From 0143447b1724961914b17cad83e5c1a1d8706d44 Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:17:47 +0200 Subject: [PATCH 09/10] feat: add domain natenom.de --- domains/natenom.de.js | 24 ++++++++++++++++++++++++ natenom.de.zone | 20 ++++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 domains/natenom.de.js create mode 100644 natenom.de.zone diff --git a/domains/natenom.de.js b/domains/natenom.de.js new file mode 100644 index 0000000..fed5020 --- /dev/null +++ b/domains/natenom.de.js @@ -0,0 +1,24 @@ +D("natenom.de", REG_NONE, DnsProvider(DNS_DESEC), + DefaultTTL("1h"), + NAMESERVER_TTL("1h"), + + A_NATENOM_MAIN("@"), + A_NATENOM_MAIN("bn"), + A("mail", "94.16.117.219"), + + AAAA_NATENOM_MAIN("@"), + AAAA_NATENOM_MAIN("bn"), + AAAA("mail", "2a03:4000:29:168::1"), + + CAA_DEFAULT, + + CNAME("comments", "bn"), + CNAME("f", "bn"), + CNAME("m", "mumble"), + CNAME("mumble", "talk.cozy.town."), + CNAME("wiki", "bn"), + CNAME("wikiarchiv", "bn"), + CNAME("www", "bn"), + + MX("@", 10, "mail"), +); diff --git a/natenom.de.zone b/natenom.de.zone new file mode 100644 index 0000000..5532da1 --- /dev/null +++ b/natenom.de.zone @@ -0,0 +1,20 @@ +$ORIGIN natenom.de. +$TTL 3600 +@ IN NS ns1.desec.io. + IN NS ns2.desec.org. + IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 + IN MX 10 mail.natenom.de. + IN CAA 0 issue "letsencrypt.org" +bn IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 +comments IN CNAME bn.natenom.de. +f IN CNAME bn.natenom.de. +m IN CNAME mumble.natenom.de. +mail IN A 94.16.117.219 + IN AAAA 2a03:4000:29:168::1 +mumble IN CNAME talk.cozy.town. +wiki IN CNAME bn.natenom.de. +wikiarchiv IN CNAME bn.natenom.de. +www IN CNAME bn.natenom.de. + From b7896b132e5632f11bfc61e9fe06185f9a8911ce Mon Sep 17 00:00:00 2001 From: Vri Date: Fri, 2 May 2025 21:18:04 +0200 Subject: [PATCH 10/10] feat: add domain natenom.name --- domains/natenom.name.js | 10 ++++++++++ natenom.name.zone | 9 +++++++++ 2 files changed, 19 insertions(+) create mode 100644 domains/natenom.name.js create mode 100644 natenom.name.zone diff --git a/domains/natenom.name.js b/domains/natenom.name.js new file mode 100644 index 0000000..0cb5b97 --- /dev/null +++ b/domains/natenom.name.js @@ -0,0 +1,10 @@ +D("natenom.name", REG_NONE, DnsProvider(DNS_DESEC), + DefaultTTL("1h"), + NAMESERVER_TTL("1h"), + + A_NATENOM_MAIN("@"), + A_NATENOM_MAIN("www"), + + AAAA_NATENOM_MAIN("@"), + AAAA_NATENOM_MAIN("www"), +); diff --git a/natenom.name.zone b/natenom.name.zone new file mode 100644 index 0000000..ec327dc --- /dev/null +++ b/natenom.name.zone @@ -0,0 +1,9 @@ +$ORIGIN natenom.name. +$TTL 3600 +@ IN NS ns1.desec.io. + IN NS ns2.desec.org. + IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 +www IN A 188.245.198.27 + IN AAAA 2a01:4f8:c013:3235::1 +