From b4e87f8254355678c37056bcbeb474f4a0a50648 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Sun, 14 Mar 2021 02:58:30 +0200 Subject: feat(ops/dns): Import tvl.fyi DNS zone into depot Imports the current state of the tvl.fyi zone and configures simple CI checks on the file format. No deployment automation exists for this (yet?). Change-Id: Ia7d72e02b9f6d3adef994c5dc1898cc0df9dfcfb Reviewed-on: https://cl.tvl.fyi/c/depot/+/2600 Tested-by: BuildkiteCI Reviewed-by: glittershark Reviewed-by: sterni --- ops/dns/README.md | 11 +++++++++++ ops/dns/default.nix | 14 ++++++++++++++ ops/dns/tvl.fyi.zone | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 58 insertions(+) create mode 100644 ops/dns/README.md create mode 100644 ops/dns/default.nix create mode 100644 ops/dns/tvl.fyi.zone (limited to 'ops/dns') diff --git a/ops/dns/README.md b/ops/dns/README.md new file mode 100644 index 000000000000..2290299fe46c --- /dev/null +++ b/ops/dns/README.md @@ -0,0 +1,11 @@ +DNS configuration +================= + +This folder contains configuration for our DNS zones. The zones are hosted with +Google Cloud DNS, which supports zone-file based import/export. + +Currently there is no automation to deploy these zones, but CI will check their +integrity. + +*Note: While each zone file specifies an SOA record, it only exists to satisfy +`named-checkzone`. Cloud DNS manages this record for us.* diff --git a/ops/dns/default.nix b/ops/dns/default.nix new file mode 100644 index 000000000000..d2f75f836c00 --- /dev/null +++ b/ops/dns/default.nix @@ -0,0 +1,14 @@ +# Performs simple (local-only) validity checks on DNS zones. +{ pkgs, ... }: + +let + checkZone = zone: file: pkgs.runCommandNoCC "${zone}-check" {} '' + ${pkgs.bind}/bin/named-checkzone -i local ${zone} ${file} | tee $out + ''; + + zones = { + tvl-fyi = checkZone "tvl.fyi" ./tvl.fyi.zone; + }; +in zones // { + meta.targets = builtins.attrNames zones; +} diff --git a/ops/dns/tvl.fyi.zone b/ops/dns/tvl.fyi.zone new file mode 100644 index 000000000000..8707ca2ed425 --- /dev/null +++ b/ops/dns/tvl.fyi.zone @@ -0,0 +1,33 @@ +;; Google Cloud DNS zone for tvl.fyi. +;; +;; This zone is hosted in the project 'tvl-fyi', and registered via +;; Google Domains. +tvl.fyi. 21600 IN SOA ns-cloud-b1.googledomains.com. cloud-dns-hostmaster.google.com. 9 21600 3600 259200 300 +tvl.fyi. 21600 IN NS ns-cloud-b1.googledomains.com. +tvl.fyi. 21600 IN NS ns-cloud-b2.googledomains.com. +tvl.fyi. 21600 IN NS ns-cloud-b3.googledomains.com. +tvl.fyi. 21600 IN NS ns-cloud-b4.googledomains.com. + +;; Mail forwarding (via domains.google) +tvl.fyi. 3600 IN MX 5 gmr-smtp-in.l.google.com. +tvl.fyi. 3600 IN MX 10 alt1.gmr-smtp-in.l.google.com. +tvl.fyi. 3600 IN MX 20 alt2.gmr-smtp-in.l.google.com. +tvl.fyi. 3600 IN MX 30 alt3.gmr-smtp-in.l.google.com. +tvl.fyi. 3600 IN MX 40 alt4.gmr-smtp-in.l.google.com. + +;; Landing website is hosted on whitby on the apex. +tvl.fyi. 21600 IN A 49.12.129.211 +tvl.fyi. 21600 IN AAAA 2a01:4f8:242:5b21:0:feed:edef:beef + +;; TVL infrastructure +whitby.tvl.fyi. 21600 IN A 49.12.129.211 +whitby.tvl.fyi. 21600 IN AAAA 2a01:4f8:242:5b21:0:feed:edef:beef + +;; TVL services +b.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. +cache.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. +cl.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. +code.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. +cs.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. +login.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. +todo.tvl.fyi. 21600 IN CNAME whitby.tvl.fyi. -- cgit 1.4.1