first commit

2024-05-19 14:12:26 -07:00 · 2023-12-27 20:30:54 -08:00 · 2023-12-27 20:30:54 -08:00 · 49bd4cfc48
commit 49bd4cfc48
3 changed files with 92 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,18 @@
+# dns-config
+
+This repository contains the code to manage all my DNS records.
+
+### Helpful commands
+
+```sh
+# `preview`, `push` or `check` changes.
+docker run --rm -it \
+    -v "$HOME/app-data/dns-config:/dns" \
+    ghcr.io/stackexchange/dnscontrol preview
+
+# Pull in changes from an existing DNS provider
+docker run --rm -it \
+    -v "$HOME/app-data/dns-config:/dns" \
+    ghcr.io/stackexchange/dnscontrol get-zones \
+    --format=js --out=draft.js cloudflare - walr.us.eu.org
+```
--- a/creds.json
+++ b/creds.json
@ -0,0 +1,19 @@
+{
+    "bind": {
+      "TYPE": "BIND"
+    },
+    "cloudflare": {
+      "TYPE": "CLOUDFLAREAPI",
+      "accountid": "$CLOUDFLARE_ACCOUNT_ID",
+      "apitoken": "$CLOUDFLARE_API_TOKEN"
+    },
+    "desec": {
+      "TYPE": "DESEC",
+      "auth-token": "$DESEC_AUTH_TOKEN"
+    },
+    "namecheap": {
+      "TYPE": "NAMECHEAP",
+      "apikey": "$NAMECHEAP_API_KEY",
+      "apiuser": "$NAMECHEAP_API_USER"
+    }
+}
--- a/dnsconfig.js
+++ b/dnsconfig.js
@ -0,0 +1,55 @@
+var REG_NONE = NewRegistrar("none");
+var REG_NAMECHEAP = NewRegistrar("namecheap");	// Unused right now. See note below.
+
+var DSP_DESEC = NewDnsProvider("desec");
+
+D("walr.us.eu.org", REG_NONE, DnsProvider(DSP_DESEC),
+	DefaultTTL("5m"),
+	MX("@", 10, "mx1.forwardemail.net."),
+	MX("@", 10, "mx2.forwardemail.net."),
+    TXT("@", "forward-email=hi@ketanvijayvargiya.com"),
+	TXT("pic._domainkey", "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCjR2XeDHangUyp5Ug274CcYYz+ZHbjcOkmybarbZkFJ9fIPAGfb2hg+hS/mAX4Sy/SC9hQ/fcgB1DCXqk71DYT63G3a9rzGxfpfKndS+sTc3qjOIGjgZ31G/znxW+9AY1AD3wVB0lEPyIqj/x9h9jsysSWuHI7WNPyPL25iJaYawIDAQAB"),
+	SPF_BUILDER({
+		label: "@",
+		parts: [
+			"v=spf1",
+		  	"include:mailgun.org",
+		  	"~all"
+		]
+	})
+)
+
+// Note: I would have used `REG_NAMECHEAP` below. However, Namecheap APIs require an IP address based
+// allowlist and I can't configure that for GitLab Runners.
+D("ketanvijayvargiya.com", REG_NONE, DnsProvider(DSP_DESEC),
+	DefaultTTL("5m"),
+    CNAME("*.a", "flister.dedyn.io."),
+	CNAME("a", "flister.dedyn.io."),
+	CNAME("git", "flister.dedyn.io."),
+	CNAME("toot", "flister.dedyn.io."),
+	CNAME("autoconfig", "autoconfig.migadu.com."),
+	A("@", "75.2.60.5"),
+	CNAME("key1._domainkey", "key1.ketanvijayvargiya.com._domainkey.migadu.com."),
+	CNAME("key2._domainkey", "key2.ketanvijayvargiya.com._domainkey.migadu.com."),
+	CNAME("key3._domainkey", "key3.ketanvijayvargiya.com._domainkey.migadu.com."),
+	CNAME("www", "ketanvijayvargiya.netlify.app."),
+	MX("@", 10, "aspmx1.migadu.com."),
+	MX("@", 20, "aspmx2.migadu.com."),
+	SRV("_autodiscover._tcp", 0, 1, 443, "autodiscover.migadu.com."),
+	SRV("_imaps._tcp", 0, 1, 993, "imap.migadu.com."),
+	SRV("_pop3s._tcp", 0, 1, 995, "pop.migadu.com."),
+	SRV("_submissions._tcp", 0, 1, 465, "smtp.migadu.com."),
+	DMARC_BUILDER({
+		policy: "quarantine"
+	}),
+	TXT("@", "google-site-verification=o2TNkd5C7x8FntC3t2gZUvMvaZC973EZL1GiVeIRTJs"),
+	SPF_BUILDER({
+		label: "@",
+		parts: [
+			"v=spf1",
+		  	"include:spf.migadu.com",
+		  	"-all"
+		]
+	}),
+	TXT("@", "hosted-email-verify=rcs5gmx0")
+)