From 605302091d6f35f6c6cd56170fde1c932cdb28ee Mon Sep 17 00:00:00 2001
From: Vincent Ambo <mail@tazj.in>
Date: Wed, 14 Apr 2021 17:20:16 +0200
Subject: refactor(tazjin/dns): Add zone validity checks in CI

Same as //ops/dns

Change-Id: I0399efd2e48956ec91833386adff27d94d08ef1e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3013
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
---
 users/tazjin/cloud-dns/import            | 11 -----------
 users/tazjin/cloud-dns/kontemplate-works | 15 ---------------
 users/tazjin/cloud-dns/root-tazj-in      | 33 --------------------------------
 users/tazjin/dns/default.nix             | 14 ++++++++++++++
 users/tazjin/dns/import                  | 12 ++++++++++++
 users/tazjin/dns/kontemplate.works.zone  | 15 +++++++++++++++
 users/tazjin/dns/tazj.in.zone            | 33 ++++++++++++++++++++++++++++++++
 7 files changed, 74 insertions(+), 59 deletions(-)
 delete mode 100755 users/tazjin/cloud-dns/import
 delete mode 100644 users/tazjin/cloud-dns/kontemplate-works
 delete mode 100644 users/tazjin/cloud-dns/root-tazj-in
 create mode 100644 users/tazjin/dns/default.nix
 create mode 100755 users/tazjin/dns/import
 create mode 100644 users/tazjin/dns/kontemplate.works.zone
 create mode 100644 users/tazjin/dns/tazj.in.zone

diff --git a/users/tazjin/cloud-dns/import b/users/tazjin/cloud-dns/import
deleted file mode 100755
index e79e426b55..0000000000
--- a/users/tazjin/cloud-dns/import
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-set -ue
-
-# Imports a zone file into a Google Cloud DNS zone of the same name
-readonly ZONE="${1}"
-
-gcloud dns record-sets import "${ZONE}" \
-       --project composite-watch-759 \
-       --zone-file-format \
-       --delete-all-existing \
-       --zone "${ZONE}"
diff --git a/users/tazjin/cloud-dns/kontemplate-works b/users/tazjin/cloud-dns/kontemplate-works
deleted file mode 100644
index 326a129d21..0000000000
--- a/users/tazjin/cloud-dns/kontemplate-works
+++ /dev/null
@@ -1,15 +0,0 @@
-;;  -*- mode: zone; -*-
-;; Do not delete these
-kontemplate.works. 21600 IN NS ns-cloud-d1.googledomains.com.
-kontemplate.works. 21600 IN NS ns-cloud-d2.googledomains.com.
-kontemplate.works. 21600 IN NS ns-cloud-d3.googledomains.com.
-kontemplate.works. 21600 IN NS ns-cloud-d4.googledomains.com.
-kontemplate.works. 21600 IN SOA ns-cloud-d1.googledomains.com. cloud-dns-hostmaster.google.com. 4 21600 3600 259200 300
-
-;; Github site setup
-kontemplate.works. 60 IN A 185.199.108.153
-kontemplate.works. 60 IN A 185.199.109.153
-kontemplate.works. 60 IN A 185.199.110.153
-kontemplate.works. 60 IN A 185.199.111.153
-
-www.kontemplate.works. 60 IN CNAME tazjin.github.io.
diff --git a/users/tazjin/cloud-dns/root-tazj-in b/users/tazjin/cloud-dns/root-tazj-in
deleted file mode 100644
index 43db5834a0..0000000000
--- a/users/tazjin/cloud-dns/root-tazj-in
+++ /dev/null
@@ -1,33 +0,0 @@
-;; -*- mode: zone; -*-
-;; Do not delete these
-tazj.in. 21600 IN NS ns-cloud-a1.googledomains.com.
-tazj.in. 21600 IN NS ns-cloud-a2.googledomains.com.
-tazj.in. 21600 IN NS ns-cloud-a3.googledomains.com.
-tazj.in. 21600 IN NS ns-cloud-a4.googledomains.com.
-tazj.in. 21600 IN SOA ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 123 21600 3600 1209600 300
-
-;; Email setup
-tazj.in. 300 IN MX 1 aspmx.l.google.com.
-tazj.in. 300 IN MX 5 alt1.aspmx.l.google.com.
-tazj.in. 300 IN MX 5 alt2.aspmx.l.google.com.
-tazj.in. 300 IN MX 10 alt3.aspmx.l.google.com.
-tazj.in. 300 IN MX 10 alt4.aspmx.l.google.com.
-tazj.in. 300 IN TXT "v=spf1 include:_spf.google.com ~all"
-google._domainkey.tazj.in. 21600 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AphX/WJf8zVXQB5Jk0Ry1MI6ARa6vEyAoJtpjpt9Nbm7XU4qVWFRJm+L0VFd5EZ5YDPJTIZ90lJE3/B8vae2ipnoGbJbj8LaVSzzIPMbWmhPhX3fkLJFdkv7xRDMDn730iYXRlfkgv6GsqbS8vZt7mzxx4mpnePTI323yjRVkwRW8nGVbsmB25ZoG1/0985" "kg4mSYxzWeJ2ozCPFhT4sfMtZMXe/4QEkJz/zkod29KZfFJmLgEaf73WLdBX8kdwbhuh2PYXt/PwzUrRzF5ujVCsSaTZwdRVPErcf+yo4NvedelTjjs8rFVfoJiaDD1q2bQ3w0gDEBWPdC2VP7k9zwIDAQAB"
-
-;; Site verifications
-tazj.in. 3600 IN TXT "keybase-site-verification=gC4kzEmnLzY7F669PjN-pw2Cf__xHqcxQ08Gb-W9dhE"
-tazj.in. 300 IN TXT "google-site-verification=d3_MI1OwD6q2OT42Vvh0I9w2u3Q5KFBu-PieNUE1Fig"
-www.tazj.in. 3600 IN TXT "keybase-site-verification=ER8m_byyqAhzeIy9TyzkAU1H2p2yHtpvImuB_XrRF2U"
-
-;; Blog "storage engine"
-blog.tazj.in. 21600 IN NS ns-cloud-c1.googledomains.com.
-blog.tazj.in. 21600 IN NS ns-cloud-c2.googledomains.com.
-blog.tazj.in. 21600 IN NS ns-cloud-c3.googledomains.com.
-blog.tazj.in. 21600 IN NS ns-cloud-c4.googledomains.com.
-
-;; Webpage records setup
-tazj.in.       300 IN A 34.98.120.189
-www.tazj.in.   300 IN A 34.98.120.189
-git.tazj.in.   300 IN A 34.98.120.189
-files.tazj.in. 300 IN CNAME c.storage.googleapis.com.
diff --git a/users/tazjin/dns/default.nix b/users/tazjin/dns/default.nix
new file mode 100644
index 0000000000..14b9d42864
--- /dev/null
+++ b/users/tazjin/dns/default.nix
@@ -0,0 +1,14 @@
+# Performs simple (local-only) validity checks on DNS zones.
+{ depot, pkgs, ... }:
+
+let
+  inherit (depot.nix.utils) drvTargets;
+
+  checkZone = zone: file: pkgs.runCommandNoCC "${zone}-check" {} ''
+    ${pkgs.bind}/bin/named-checkzone -i local ${zone} ${file} | tee $out
+  '';
+
+in drvTargets {
+  kontemplate-works = checkZone "kontemplate.works"./kontemplate.works.zone;
+  tazj-in = checkZone "tazj.in" ./tazj.in.zone;
+}
diff --git a/users/tazjin/dns/import b/users/tazjin/dns/import
new file mode 100755
index 0000000000..8ea1d694c9
--- /dev/null
+++ b/users/tazjin/dns/import
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -ue
+
+# Imports a zone file into Google Cloud DNS
+readonly ZONE="${1}"
+readonly FILE="${2}"
+
+gcloud dns record-sets import "${FILE}" \
+       --project composite-watch-759 \
+       --zone-file-format \
+       --delete-all-existing \
+       --zone "${ZONE}"
diff --git a/users/tazjin/dns/kontemplate.works.zone b/users/tazjin/dns/kontemplate.works.zone
new file mode 100644
index 0000000000..326a129d21
--- /dev/null
+++ b/users/tazjin/dns/kontemplate.works.zone
@@ -0,0 +1,15 @@
+;;  -*- mode: zone; -*-
+;; Do not delete these
+kontemplate.works. 21600 IN NS ns-cloud-d1.googledomains.com.
+kontemplate.works. 21600 IN NS ns-cloud-d2.googledomains.com.
+kontemplate.works. 21600 IN NS ns-cloud-d3.googledomains.com.
+kontemplate.works. 21600 IN NS ns-cloud-d4.googledomains.com.
+kontemplate.works. 21600 IN SOA ns-cloud-d1.googledomains.com. cloud-dns-hostmaster.google.com. 4 21600 3600 259200 300
+
+;; Github site setup
+kontemplate.works. 60 IN A 185.199.108.153
+kontemplate.works. 60 IN A 185.199.109.153
+kontemplate.works. 60 IN A 185.199.110.153
+kontemplate.works. 60 IN A 185.199.111.153
+
+www.kontemplate.works. 60 IN CNAME tazjin.github.io.
diff --git a/users/tazjin/dns/tazj.in.zone b/users/tazjin/dns/tazj.in.zone
new file mode 100644
index 0000000000..43db5834a0
--- /dev/null
+++ b/users/tazjin/dns/tazj.in.zone
@@ -0,0 +1,33 @@
+;; -*- mode: zone; -*-
+;; Do not delete these
+tazj.in. 21600 IN NS ns-cloud-a1.googledomains.com.
+tazj.in. 21600 IN NS ns-cloud-a2.googledomains.com.
+tazj.in. 21600 IN NS ns-cloud-a3.googledomains.com.
+tazj.in. 21600 IN NS ns-cloud-a4.googledomains.com.
+tazj.in. 21600 IN SOA ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 123 21600 3600 1209600 300
+
+;; Email setup
+tazj.in. 300 IN MX 1 aspmx.l.google.com.
+tazj.in. 300 IN MX 5 alt1.aspmx.l.google.com.
+tazj.in. 300 IN MX 5 alt2.aspmx.l.google.com.
+tazj.in. 300 IN MX 10 alt3.aspmx.l.google.com.
+tazj.in. 300 IN MX 10 alt4.aspmx.l.google.com.
+tazj.in. 300 IN TXT "v=spf1 include:_spf.google.com ~all"
+google._domainkey.tazj.in. 21600 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AphX/WJf8zVXQB5Jk0Ry1MI6ARa6vEyAoJtpjpt9Nbm7XU4qVWFRJm+L0VFd5EZ5YDPJTIZ90lJE3/B8vae2ipnoGbJbj8LaVSzzIPMbWmhPhX3fkLJFdkv7xRDMDn730iYXRlfkgv6GsqbS8vZt7mzxx4mpnePTI323yjRVkwRW8nGVbsmB25ZoG1/0985" "kg4mSYxzWeJ2ozCPFhT4sfMtZMXe/4QEkJz/zkod29KZfFJmLgEaf73WLdBX8kdwbhuh2PYXt/PwzUrRzF5ujVCsSaTZwdRVPErcf+yo4NvedelTjjs8rFVfoJiaDD1q2bQ3w0gDEBWPdC2VP7k9zwIDAQAB"
+
+;; Site verifications
+tazj.in. 3600 IN TXT "keybase-site-verification=gC4kzEmnLzY7F669PjN-pw2Cf__xHqcxQ08Gb-W9dhE"
+tazj.in. 300 IN TXT "google-site-verification=d3_MI1OwD6q2OT42Vvh0I9w2u3Q5KFBu-PieNUE1Fig"
+www.tazj.in. 3600 IN TXT "keybase-site-verification=ER8m_byyqAhzeIy9TyzkAU1H2p2yHtpvImuB_XrRF2U"
+
+;; Blog "storage engine"
+blog.tazj.in. 21600 IN NS ns-cloud-c1.googledomains.com.
+blog.tazj.in. 21600 IN NS ns-cloud-c2.googledomains.com.
+blog.tazj.in. 21600 IN NS ns-cloud-c3.googledomains.com.
+blog.tazj.in. 21600 IN NS ns-cloud-c4.googledomains.com.
+
+;; Webpage records setup
+tazj.in.       300 IN A 34.98.120.189
+www.tazj.in.   300 IN A 34.98.120.189
+git.tazj.in.   300 IN A 34.98.120.189
+files.tazj.in. 300 IN CNAME c.storage.googleapis.com.
-- 
cgit 1.4.1