simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity

authoritative-dns: Drop INWX secondaries

Browse source
This commit is contained in:
Simon Bruder 2024-02-27 15:57:04 +01:00
parent 939df6ae2a
commit 11609eb96f
Signed by: simon
GPG key ID: 347FF8699CDA0776
1 changed files with 3 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
modules/authoritative-dns.nix
View file

@ -1,4 +1,4 @@
# SPDX-FileCopyrightText: 2023 Simon Bruder <simon@sbruder.de>
# SPDX-FileCopyrightText: 2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
@ -67,12 +67,7 @@ in
id = host;
address = hostAddresses;
})
addresses) ++ lib.optional isPrimaryHost {
id = "inwx";
# INWX only allows the specification of one primary DNS,
# which limits the IP protocol usable for zone transfers to one.
address = lib.singleton "185.181.104.96";
};
addresses);
}
(lib.mkIf isPrimaryHost {
policy = lib.singleton {
@ -90,7 +85,7 @@ in
zonefile-load = "difference-no-serial";
journal-content = "all";
# secondary
notify = [ "inwx" ] ++ secondaryHosts;
notify = secondaryHosts;
# dnssec
dnssec-signing = true;
dnssec-policy = "default";