diff options
| author | Aaron LI <aly@aaronly.me> | 2018-03-03 00:20:58 +0800 |
|---|---|---|
| committer | Aaron LI <aly@aaronly.me> | 2018-03-14 11:35:07 +0800 |
| commit | 815ca6c58cf9c1e7469ff1bc9659aca426ac293e (patch) | |
| tree | 80e08030b30fdac3d1031679e08d2c4f78a9a4a7 /roles/dns/templates/zones | |
| parent | e3e2ee76b6df3f16f8aac92914c07a38170953e8 (diff) | |
| download | ansible-dfly-vps-815ca6c58cf9c1e7469ff1bc9659aca426ac293e.tar.bz2 | |
dns/zones: add zone aaronly.me; update zone liwt.net with mail records
Diffstat (limited to 'roles/dns/templates/zones')
| -rw-r--r-- | roles/dns/templates/zones/aaronly.me.zone.j2 | 42 | ||||
| -rw-r--r-- | roles/dns/templates/zones/liwt.net.zone.j2 | 18 |
2 files changed, 56 insertions, 4 deletions
diff --git a/roles/dns/templates/zones/aaronly.me.zone.j2 b/roles/dns/templates/zones/aaronly.me.zone.j2 new file mode 100644 index 0000000..02b5e9b --- /dev/null +++ b/roles/dns/templates/zones/aaronly.me.zone.j2 @@ -0,0 +1,42 @@ +; -*- mode: dns; -*- +; {{ ansible_managed }} +{% set domain = "aaronly.me" %} +{% set hostmaster = "hostmaster." + network.domain %} +$ORIGIN {{ domain }}. +$TTL 1h + +@ IN SOA {{ nameservers[0].ns[0] }}. {{ hostmaster }}. ( + {{ domain | next_serial }} ; serial number + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum + ) + +; Name servers +{% for server in nameservers %} +{% for ns in server.ns %} +@ IN NS {{ ns }}. ; {{ server.name }} +{% endfor %} +{% endfor %} + +@ IN A {{ network.ipv4.address }} +@ IN AAAA {{ network.ipv6.address }} +dorm-x42 IN A 58.196.142.84 +office IN A 202.120.52.45 +cluster IN A 202.120.52.63 +liteserver IN A 5.2.70.218 + +www IN CNAME @ +* IN CNAME @ + +; Mail server +{% if domain != network.domain %} +@ IN MX 10 mail.{{ network.domain }}. +{% endif %} +@ IN TXT "v=spf1 mx -all" +@ IN TXT "google-site-verification={{ mail['google-site-verification'][domain] }}" +_dmarc IN TXT "v=DMARC1; p={{ mail.dmarc.p }}; sp={{ mail.dmarc.sp }}; pct={{ mail.dmarc.pct }}; aspf={{ mail.dmarc.aspf }}; rua=mailto:{{ mail.dmarc.rua[domain] }};" +{{ mail.dkim.selector }}._domainkey IN TXT "v=DKIM1; k=rsa; s={{ mail.dkim.selector }}; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7LZbXj5HBjT5yoMCnCd5eBLBZ1s/WP0hPQSignjEu4pCtOsPf7f/knhDDD7eMOSlOAa91Dq6e8B0aNKfV2m7e88SvHLnWVhH+kUNIdSQRTrTL6Pt1WAH0XjgDcd0f2MB+ho5GIeRJnLWHoRtrSUoBKgMxnvW8aco/Z/z0/qn5Tcsrz7wP/W7c/eX38SRuanrKUVnE8FqvvshZzaPfqe46WrqKDI6mfeYa0up/1ikUWgAHKVZEXTUCPVBUXxHbyK7a6MgZW+BYkYEeypMnYViq9k+TIHNNjlGbOLXqujn2j/L0r7ORjZX16C1qNf54qvMeklDK1+8KW872F6s+kVKwIDAQAB" + +; vim: set ft=bindzone: diff --git a/roles/dns/templates/zones/liwt.net.zone.j2 b/roles/dns/templates/zones/liwt.net.zone.j2 index fc44279..02e649c 100644 --- a/roles/dns/templates/zones/liwt.net.zone.j2 +++ b/roles/dns/templates/zones/liwt.net.zone.j2 @@ -1,6 +1,7 @@ +; -*- mode: dns; -*- +; {{ ansible_managed }} {% set domain = "liwt.net" %} {% set hostmaster = "hostmaster." + network.domain %} -; {{ ansible_managed }} $ORIGIN {{ domain }}. $TTL 1h @@ -24,6 +25,7 @@ $TTL 1h 1h ; minimum ) +; Name servers {% for server in nameservers %} {% for ns in server.ns %} @ IN NS {{ ns }}. ; {{ server.name }} @@ -32,15 +34,23 @@ $TTL 1h @ IN A {{ network.ipv4.address }} @ IN AAAA {{ network.ipv6.address }} -mail IN A {{ network.ipv4.address }} -mail IN AAAA {{ network.ipv6.address }} +vultr IN CNAME @ www IN CNAME @ git IN CNAME @ -vultr IN CNAME @ +carddav IN CNAME @ +caldav IN CNAME @ * IN CNAME @ +; Mail server +{% if domain == network.domain %} +mail IN A {{ network.ipv4.address }} +mail IN AAAA {{ network.ipv6.address }} @ IN MX 10 mail +{% endif %} @ IN TXT "v=spf1 mx -all" +@ IN TXT "google-site-verification={{ mail['google-site-verification'][domain] }}" +_dmarc IN TXT "v=DMARC1; p={{ mail.dmarc.p }}; sp={{ mail.dmarc.sp }}; pct={{ mail.dmarc.pct }}; aspf={{ mail.dmarc.aspf }}; rua=mailto:{{ mail.dmarc.rua[domain] }};" +{{ mail.dkim.selector }}._domainkey IN TXT "v=DKIM1; k=rsa; s={{ mail.dkim.selector }}; p=???" ; vim: set ft=bindzone: |