blob: 1eabb77f24c2b7ec7b858d27cd3a32f6b0926f80 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
; -*- mode: dns; -*-
; {{ ansible_managed }}
{% set domain = "liwt.net" %}
{% set hostmaster = "hostmaster." + network.domain %}
$ORIGIN {{ domain }}.
$TTL 1h
; WARNING:
;
; The DNS CNAME ("canonical name") record exists to provide the canonical
; name associated with an alias name. There may be only one such canonical
; name for any one alias. That name should generally be a name that exists
; elsewhere in the DNS, though there are some rare applications for aliases
; with the accompanying canonical name undefined in the DNS. An alias name
; (label of a CNAME record) may, if DNSSEC is in use, have SIG, NXT, and
; KEY RRs, but may have no other data.
;
; Credit: https://serverfault.com/a/613830
@ IN SOA {{ nameservers[0].ns[0] }}. {{ hostmaster }}. (
{{ domain | next_serial }} ; serial number
1d ; refresh
2h ; retry
4w ; expire
1h ; minimum
)
; Name servers
{% for server in nameservers %}
{% for ns in server.ns %}
@ IN NS {{ ns }}. ; {{ server.name }}
{% endfor %}
{% endfor %}
@ IN A {{ network.ipv4.address }}
@ IN AAAA {{ network.ipv6.address }}
vultr IN CNAME @
www IN CNAME @
git IN CNAME @
carddav IN CNAME @
caldav IN CNAME @
* IN CNAME @
; Mail server
{% if domain == network.domain %}
mail IN A {{ network.ipv4.address }}
mail IN AAAA {{ network.ipv6.address }}
@ IN MX 10 mail
{% endif %}
@ IN TXT "v=spf1 mx -all"
@ IN TXT "google-site-verification={{ mail['google-site-verification'][domain] }}"
_dmarc IN TXT "v=DMARC1; p={{ mail.dmarc.p }}; sp={{ mail.dmarc.sp }}; pct={{ mail.dmarc.pct }}; aspf={{ mail.dmarc.aspf }}; rua=mailto:{{ mail.dmarc.rua[domain] }};"
{% if domain_key is defined %}
{{ domain_key | dkim_record(selector=mail.dkim.selector) | join("\n") }}
{% endif %}
; vim: set ft=bindzone:
|
