; -*- mode: dns; -*- ; {{ ansible_managed }} {% set hostmaster = "hostmaster." + network.domain %} $ORIGIN {{ domain }}. $TTL {{ dns.ttl }} @ IN SOA {{ nameservers[0].ns[0] }}. {{ hostmaster }}. ( {{ domain | next_serial }} ; serial number {{ dns.refresh }} ; refresh {{ dns.retry }} ; retry {{ dns.expire }} ; expire {{ dns.minimum }} ; minimum ) ; Name servers {% for server in nameservers %} {% for ns in server.ns %} @ IN NS {{ ns }}. ; {{ server.name }} {% endfor %} {% endfor %} @ IN A {{ network.ipv4.address }} @ IN AAAA {{ network.ipv6.address }} dorm-x42 IN A 58.196.142.84 office IN A 202.120.52.45 cluster IN A 202.120.52.63 liteserver IN A 5.2.70.218 liteserver IN AAAA 2a04:52c0:101:55a::218 {% for name in ["www", "code", "g", "zw", "git", "carddav", "caldav"] %} {{ name }} IN CNAME liteserver {% endfor %} ; Mail server {% if domain != network.domain %} @ IN MX 10 mail.{{ network.domain }}. mail IN CNAME mail.{{ network.domain }}. {% endif %} @ IN TXT "v=spf1 mx -all" @ IN TXT "google-site-verification={{ mail['google-site-verification'][domain] }}" {% set ruatxt = "rua=mailto:" + mail.dmarc.rua[domain] + ";" %} {% set ruf = mail.dmarc.ruf | default({}) %} {% if ruf[domain] is defined %} {% set ruftxt = "ruf=mailto:" + ruf[domain] + ";" %} {% else %} {% set ruftxt = "" %} {% endif %} _dmarc IN TXT "v=DMARC1; p={{ mail.dmarc.p }}; sp={{ mail.dmarc.sp }}; pct={{ mail.dmarc.pct }}; adkim={{ mail.dmarc.adkim }}; aspf={{ mail.dmarc.aspf }}; fo={{ mail.dmarc.fo }}; {{ ruatxt }} {{ ruftxt }}" {% if domain_key is defined %} {{ domain_key | dkim_record(selector=mail.dkim.selector) | join("\n") }} {% endif %} ; vim: set ft=bindzone: