dns/zones: add zone aaronly.me; update zone liwt.net with mail records

1 files changed, 14 insertions, 4 deletions

diff --git a/roles/dns/templates/zones/liwt.net.zone.j2 b/roles/dns/templates/zones/liwt.net.zone.j2
index fc44279..02e649c 100644
--- a/roles/dns/templates/zones/liwt.net.zone.j2
+++ b/roles/dns/templates/zones/liwt.net.zone.j2
@@ -1,6 +1,7 @@
+; -*- mode: dns; -*-
+; {{ ansible_managed }}
 {% set domain = "liwt.net" %}
 {% set hostmaster = "hostmaster." + network.domain %}
-; {{ ansible_managed }}
 $ORIGIN     {{ domain }}.
 $TTL        1h
 
@@ -24,6 +25,7 @@ $TTL        1h
                         1h          ; minimum
                         )
 
+; Name servers
 {% for server in nameservers %}
 {% for ns in server.ns %}
 @           IN  NS      {{ ns }}.  ; {{ server.name }}
@@ -32,15 +34,23 @@ $TTL        1h
 
 @           IN  A       {{ network.ipv4.address }}
 @           IN  AAAA    {{ network.ipv6.address }}
-mail        IN  A       {{ network.ipv4.address }}
-mail        IN  AAAA    {{ network.ipv6.address }}
 
+vultr       IN  CNAME   @
 www         IN  CNAME   @
 git         IN  CNAME   @
-vultr       IN  CNAME   @
+carddav     IN  CNAME   @
+caldav      IN  CNAME   @
 *           IN  CNAME   @
 
+; Mail server
+{% if domain == network.domain %}
+mail        IN  A       {{ network.ipv4.address }}
+mail        IN  AAAA    {{ network.ipv6.address }}
 @           IN  MX      10  mail
+{% endif %}
 @           IN  TXT     "v=spf1 mx -all"
+@           IN  TXT     "google-site-verification={{ mail['google-site-verification'][domain] }}"
+_dmarc      IN  TXT     "v=DMARC1; p={{ mail.dmarc.p }}; sp={{ mail.dmarc.sp }}; pct={{ mail.dmarc.pct }}; aspf={{ mail.dmarc.aspf }}; rua=mailto:{{ mail.dmarc.rua[domain] }};"
+{{ mail.dkim.selector }}._domainkey  IN  TXT  "v=DKIM1; k=rsa; s={{ mail.dkim.selector }}; p=???"
 
 ; vim: set ft=bindzone: