From 3dde751ddd0bb8a1efe7d67af647c129ea648691 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Wed, 14 May 2025 11:30:49 +0200 Subject: [PATCH] dns: exclude false domains --- hosts/falkenstein/modules/dns/default.nix | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/hosts/falkenstein/modules/dns/default.nix b/hosts/falkenstein/modules/dns/default.nix index 81c0f2a..dfebb89 100644 --- a/hosts/falkenstein/modules/dns/default.nix +++ b/hosts/falkenstein/modules/dns/default.nix @@ -42,14 +42,6 @@ let subdomains = - let - # generate ACME challenge recorsd for every VirtualHost - genACMECNAMEs = hostname: lib.attrsets.genAttrs (getVirtualHosts hostname) (_label: { - subdomains._acme-challenge.CNAME = [ "challenge.acme.${domain}." ]; - }); - # fuckery to merge the generated attribute lists - mergeRecords = recordList: lib.attrsets.mapAttrs (_host: records: lib.attrsets.mergeAttrsList records) (lib.attrsets.zipAttrs recordList); - in lib.attrsets.mergeAttrsList [ rec { nuc = { @@ -68,7 +60,7 @@ let _domainkey.subdomains.rspamd.TXT = [ "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoirUMubro4nlmY6a8JMwK9QB2agAXiJzexDU/7ba6KCggONfoSTfUHlrM/XeM1GG/9oKpngApxDPP97adJuxc8/EELyo4HjTyYD8GBFZhg0AN7V8IPaJ1o5k6dGDk8ZLh41ZCnlAVWkhVSKs5pYtzkrlJIfUSzyuoe8nuFsVe3QIDAQAB" ]; } (builtins.removeAttrs (genCNAMEs "nuc") ([ ":2018" ] ++ (builtins.filter (host: lib.strings.hasInfix "vpn" host) (getVirtualHosts "nuc")))) - (builtins.removeAttrs (genCNAMEs "falkenstein") ([ ":2018" "mail" ])) + (builtins.removeAttrs (genCNAMEs "falkenstein") ([ ":2018" "mail" "rfive.de" ] ++ (builtins.filter (host: lib.strings.hasInfix "vpn" host) (getVirtualHosts "nuc")))) # (mergeRecords [ # (builtins.removeAttrs (genCNAMEs "nuc") ([ ":2018" ] ++ (builtins.filter (host: lib.strings.hasInfix "vpn" host) (getVirtualHosts "nuc")))) # (builtins.removeAttrs (genACMECNAMEs "nuc") ([ ":2018" ]))