-
-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathexample.nix
96 lines (81 loc) · 1.97 KB
/
example.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#
# SPDX-FileCopyrightText: 2019 Kirill Elagin <https://kir.elagin.me/>
#
# SPDX-License-Identifier: MPL-2.0 or MIT
#
let
dns = import ./. { };
util = dns.util;
testZone = with dns.lib.combinators; {
SOA = {
nameServer = "ns.test.com.";
adminEmail = "[email protected]";
serial = 2019030800;
};
NS = [
"ns.test.com."
"ns2.test.com."
];
A = [
{ address = "203.0.113.1"; ttl = 60 * 60; }
"203.0.113.2"
(ttl (60 * 60) (a "203.0.113.3"))
];
AAAA = [
"4321:0:1:2:3:4:567:89ab"
];
MX = mx.google;
TXT = [
(with spf; strict [ "a:mail.example.com" google ])
];
DMARC = [ (dmarc.postmarkapp "mailto:[email protected]") ];
CAA = letsEncrypt "[email protected]";
SRV = [
{
service = "sip";
proto = "tcp";
port = 5060;
target = "sip.example.com";
}
];
SSHFP = [
{
algorithm = "ed25519";
fingerprintType = "sha256";
fingerprint = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA";
}
];
OPENPGPKEY = [
"very long base64 text"
];
HTTPS = [
{
svcPriority = 1;
targetName = ".";
alpn = [ "http/1.1" "h2" "h3" ];
ipv4hint = [ "203.0.113.1" "203.0.113.2" "203.0.113.3" ];
ipv6hint = [ "4321:0:1:2:3:4:567:89ab" ];
}
];
TLSA = [
{
certUsage = "dane-ee";
selector = "spki";
matchingType = "sha256";
certificate = "899EB4AC9285578AFDA3CCBE152EE78D8618B8F3862FEF2703E1FC7011E9B8AA";
}
];
subdomains = rec {
www.A = [ "203.0.113.4" ];
www2 = host "203.0.113.5" "4321:0:1:2:3:4:567:89bb";
www3 = host "203.0.113.6" null;
www4 = www3;
staging = delegateTo [
"ns1.another.com."
"ns2.another.com."
];
foo.subdomains.www.CNAME = [ "foo.test.com." ];
};
};
in
util.writeZone "test.com" testZone