commit 2667da05f9ef03a36de47a859b908b96c0ceeabe
parent 13726201db6e9d3c4fca7cbf45703a999eaea31b
Author: Leah (ctucx) <git@ctu.cx>
Date: Fri, 28 Oct 2022 21:46:47 +0200
parent 13726201db6e9d3c4fca7cbf45703a999eaea31b
Author: Leah (ctucx) <git@ctu.cx>
Date: Fri, 28 Oct 2022 21:46:47 +0200
dns: move mail to apple
2 files changed, 57 insertions(+), 32 deletions(-)
diff --git a/configurations/linux/services/dns.nix b/configurations/linux/services/dns.nix @@ -14,16 +14,29 @@ adminEmail = "dns@ctu.cx"; # Email address with a real `@`! serial = lib.toInt ("2022" + "10" + "23" + "02"); }; + MXApple = with mx; [ + (mx 10 "mx01.mail.icloud.com.") + (mx 10 "mx02.mail.icloud.com.") + ]; + SPFApple = [ + "v=spf1 include:icloud.com ~all" + ]; in { "ctu.cx" = { inherit SOA NS CAA; + MX = MXApple; + + TXT = SPFApple ++ [ "apple-domain=8Z4zfabXhvO0cjZi" ]; + subdomains = { blechkasten = (host "195.39.246.42" "2a0f:4ac0:acab:1234::42"); ns1 = (host "185.232.70.80" "2a03:4000:4e:af1::1"); ns2 = (host "46.38.253.139" "2a03:4000:1:45d::1"); + "sig1._domainkey".CNAME = [ "sig1.dkim.ctu.cx.at.icloudmailadmin.com." ]; + "48-247-39-195.wireguard".A = [ (a "195.39.247.48") ]; "49-247-39-195.wireguard".A = [ (a "195.39.247.49") ]; "50-247-39-195.wireguard".A = [ (a "195.39.247.50") ]; @@ -66,10 +79,22 @@ "ctucx.de" = { inherit SOA NS CAA; + + MX = MXApple; + + TXT = SPFApple ++ [ "apple-domain=dAXXtfWkKtR1aNoT" ]; + + subdomains."sig1._domainkey".CNAME = [ "sig1.dkim.ctucx.de.at.icloudmailadmin.com." ]; }; "thein.ovh" = { inherit SOA NS CAA; + + MX = MXApple; + + TXT = SPFApple ++ [ "apple-domain=gUI16uTaoWHz1n0P" ]; + + subdomains."sig1._domainkey".CNAME = [ "sig1.dkim.thein.ovh.at.icloudmailadmin.com." ]; }; "flauschehorn.sexy" = {
diff --git a/machines/osterei/maddy.nix b/machines/osterei/maddy.nix @@ -89,38 +89,38 @@ in { DMARC = "v=DMARC1; p=none"; MX = with mx; [ (mx 10 "osterei.ctu.cx.") ]; in { - "ctu.cx" = { - inherit MX TXT; - - SRV = [ - { proto = "tcp"; service = "imaps"; priority = 0; weight = 1; port = 993; target = "osterei.ctu.cx."; } - { proto = "tcp"; service = "imap"; priority = 0; weight = 1; port = 143; target = "osterei.ctu.cx."; } - { proto = "tcp"; service = "submission"; priority = 0; weight = 1; port = 587; target = "osterei.ctu.cx."; } - ]; - - subdomains = { - _dmarc.TXT = [ DMARC ]; - "default._domainkey".TXT = [ "v=DKIM1; k=ed25519; p=nWRKCHE19fL1RHJ2cVkC8Xvfzm9OtgeF5VC2lD+EaEo=" ]; - }; - }; - - "ctucx.de" = { - inherit MX TXT; - - subdomains = { - _dmarc.TXT = [ DMARC ]; - "default._domainkey".TXT = [ "v=DKIM1; k=ed25519; p=U9JMZlv7BpLXGIpO7WdJ/7ephxwJtJ02jaVUUadyP9s" ]; - }; - }; - - "thein.ovh" = { - inherit MX TXT; - - subdomains = { - _dmarc.TXT = [ DMARC ]; - "default._domainkey".TXT = [ "v=DKIM1; k=ed25519; p=KYkebiXYSc/+7Rtdz/ZZFRAXAsQnyLPYA6r2uboh5oc=" ]; - }; - }; +# "ctu.cx" = { +# inherit MX TXT; +# +# SRV = [ +# { proto = "tcp"; service = "imaps"; priority = 0; weight = 1; port = 993; target = "osterei.ctu.cx."; } +# { proto = "tcp"; service = "imap"; priority = 0; weight = 1; port = 143; target = "osterei.ctu.cx."; } +# { proto = "tcp"; service = "submission"; priority = 0; weight = 1; port = 587; target = "osterei.ctu.cx."; } +# ]; +# +# subdomains = { +# _dmarc.TXT = [ DMARC ]; +# "default._domainkey".TXT = [ "v=DKIM1; k=ed25519; p=nWRKCHE19fL1RHJ2cVkC8Xvfzm9OtgeF5VC2lD+EaEo=" ]; +# }; +# }; + +# "ctucx.de" = { +# inherit MX TXT; +# +# subdomains = { +# _dmarc.TXT = [ DMARC ]; +# "default._domainkey".TXT = [ "v=DKIM1; k=ed25519; p=U9JMZlv7BpLXGIpO7WdJ/7ephxwJtJ02jaVUUadyP9s" ]; +# }; +# }; + +# "thein.ovh" = { +# inherit MX TXT; +# +# subdomains = { +# _dmarc.TXT = [ DMARC ]; +# "default._domainkey".TXT = [ "v=DKIM1; k=ed25519; p=KYkebiXYSc/+7Rtdz/ZZFRAXAsQnyLPYA6r2uboh5oc=" ]; +# }; +# }; }; users.groups.maddy = {};