From 49d126e023ce859c3fcbebe69db268fa0a925bc3 Mon Sep 17 00:00:00 2001 From: Sanchayan Maity Date: Thu, 8 Dec 2022 21:36:28 +0530 Subject: [PATCH] dnscontrol: Automate & version control DNS management --- .gitignore | 3 ++ dnscontrol/dnsconfig.js | 69 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 dnscontrol/dnsconfig.js diff --git a/.gitignore b/.gitignore index 9eb4f40..e70d519 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,6 @@ gnupg/.gnupg/*.d gnupg/.gnupg/.#* qutebrowser/.config/qutebrowser/bookmarks/ qutebrowser/.config/qutebrowser/quickmarks +creds.json +*-domains.js +zones/* diff --git a/dnscontrol/dnsconfig.js b/dnscontrol/dnsconfig.js new file mode 100644 index 0000000..a9be9fb --- /dev/null +++ b/dnscontrol/dnsconfig.js @@ -0,0 +1,69 @@ +// Providers: +// A “Registrar” is who you register the domain with. +// Start with NONE, which is a provider that never talks to or updates +// the registrar. + +var REG_NONE = NewRegistrar('none'); +var REG_GANDI = NewRegistrar('gandi'); +// Porkbun as a registrar is not supported +// var REG_PORKBUN = NewRegistrar('porkbun'); + +// Domains: +// A “DnsProvider” is the service that actually provides DNS service (port 53) +// and may be the same or different as the registrar. +var DNS_BIND = NewDnsProvider('bind'); +var DNS_DESEC = NewDnsProvider('desec'); + +D('sanchayanmaity.net', REG_GANDI, DnsProvider(DNS_DESEC), + DefaultTTL("1h"), + A('@', '157.90.118.14'), + CAA("@", "issue", "letsencrypt.org"), + CNAME("git" , "sanchayanmaity.net."), + CNAME("www" , "sanchayanmaity.net."), + MX("@", 10, "in1-smtp.messagingengine.com."), + MX("@", 20, "in2-smtp.messagingengine.com."), + TXT('@', 'v=spf1 include:spf.messagingengine.com ?all'), + TXT('*', 'v=spf1 include:spf.messagingengine.com ?all'), + CNAME("fm1._domainkey", "fm1.sanchayanmaity.net.dkim.fmhosted.com."), + CNAME("fm2._domainkey", "fm2.sanchayanmaity.net.dkim.fmhosted.com."), + CNAME("fm3._domainkey", "fm3.sanchayanmaity.net.dkim.fmhosted.com."), + // Create SRV records for mail service + // ,priority, weight, port, target + SRV('_submission._tcp', 0 , 1, 587, 'smtp.fastmail.com.'), + SRV('_imap._tcp' , 0 , 0, 0 , '.'), + SRV('_imaps._tcp' , 0 , 1, 993, 'imap.fastmail.com.'), + SRV('_pop3._tcp' , 0 , 0, 0 , '.'), + SRV('_pop3s._tcp' , 10, 1, 995, 'pop.fastmail.com.'), + SRV('_jmap._tcp' , 0 , 1, 443, 'api.fastmail.com.'), + SRV('_carddav._tcp' , 0 , 0, 0 , '.'), + SRV('_carddavs._tcp' , 0 , 1, 443, 'carddav.fastmail.com.'), + SRV('_caldav._tcp' , 0 , 0, 0 , '.'), + SRV('_caldavs._tcp' , 0 , 1, 443, 'caldav.fastmail.com.') +); + +D('sanchayanmaity.com', REG_NONE, DnsProvider(DNS_DESEC), + DefaultTTL("1h"), + A('@', '157.90.118.14'), + CAA("@", "issue", "letsencrypt.org"), + CNAME("git" , "sanchayanmaity.com."), + CNAME("www" , "sanchayanmaity.com."), + MX("@", 10, "in1-smtp.messagingengine.com."), + MX("@", 20, "in2-smtp.messagingengine.com."), + TXT('@', 'v=spf1 include:spf.messagingengine.com ?all'), + TXT('*', 'v=spf1 include:spf.messagingengine.com ?all'), + CNAME("fm1._domainkey", "fm1.sanchayanmaity.com.dkim.fmhosted.com."), + CNAME("fm2._domainkey", "fm2.sanchayanmaity.com.dkim.fmhosted.com."), + CNAME("fm3._domainkey", "fm3.sanchayanmaity.com.dkim.fmhosted.com."), + // Create SRV records for mail service + // ,priority, weight, port, target + SRV('_submission._tcp', 0 , 1, 587, 'smtp.fastmail.com.'), + SRV('_imap._tcp' , 0 , 0, 0 , '.'), + SRV('_imaps._tcp' , 0 , 1, 993, 'imap.fastmail.com.'), + SRV('_pop3._tcp' , 0 , 0, 0 , '.'), + SRV('_pop3s._tcp' , 10, 1, 995, 'pop.fastmail.com.'), + SRV('_jmap._tcp' , 0 , 1, 443, 'api.fastmail.com.'), + SRV('_carddav._tcp' , 0 , 0, 0 , '.'), + SRV('_carddavs._tcp' , 0 , 1, 443, 'carddav.fastmail.com.'), + SRV('_caldav._tcp' , 0 , 0, 0 , '.'), + SRV('_caldavs._tcp' , 0 , 1, 443, 'caldav.fastmail.com.') +);