Simon Marsh
81df6cd350
All checks were successful
continuous-integration/drone/push Build is passing
167 lines
5.3 KiB
JavaScript
167 lines
5.3 KiB
JavaScript
//////////////////////////////////////////////////////////////////////////
|
|
// define domains
|
|
|
|
domain='burble.dn42';
|
|
pdns_domain(domain);
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// special records
|
|
|
|
D_EXTEND(
|
|
domain,
|
|
TXT('canary', "It's Alive!", TTL(1))
|
|
);
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// services
|
|
|
|
// IPv4 service names
|
|
service('ns1', 'fd42:4242:2601:ac53::1', '172.20.129.1');
|
|
service('dns', 'fd42:4242:2601:ac53::53', '172.20.129.2');
|
|
service('@', 'fd42:4242:2601:ac80::1', '172.20.129.3');
|
|
service('grc', 'fd42:4242:2601:ac12::1', '172.20.129.4');
|
|
service('pingable', 'fd42:4242:2601:ac05::1', '172.20.129.5');
|
|
// 172.20.129.6 was wiki but not now used
|
|
service('rproxy', 'fd42:4242:2601:acf0::1', '172.20.129.7');
|
|
service('whois', 'fd42:4242:2601:ac43::1', '172.20.129.8');
|
|
// services 172.20.129.9 -> 172.20.129.30 are unassigned
|
|
service('shell.us-nyc1', 'fd42:4242:2601:1005:216:3eff:fe77:4dfe', '172.20.129.29');
|
|
service('shell.ca-bhs2', 'fd42:4242:2601:100d:216:3eff:fed7:2ceb', '172.20.129.30');
|
|
service('shell.fr-rbx1', 'fd42:4242:2601:1016:216:3eff:feae:51a8', '172.20.129.31');
|
|
|
|
// internal anycasts
|
|
service('rpki', 'fd42:4242:2601:ac10::1');
|
|
service('dns64', 'fd42:4242:2601:ac53::64'),
|
|
service('wiki.service', 'fd42:4242:2601:ac00::10:1'),
|
|
service('dn42regsrv', 'fd42:4242:2601:ac00::20:1');
|
|
service('dns-slave', 'fd42:4242:2601:ac00::53:1');
|
|
service('consul.service', 'fd42:4242:2601:acf0::10:1'),
|
|
service('vault.service', 'fd42:4242:2601:acf0::20:1'),
|
|
service('acme', 'fd42:4242:2601:acf0::30:1'),
|
|
service('etcd', 'fd42:4242:2601:acf0::50:1'),
|
|
service('ldap', 'fd42:4242:2601:acf0::60:1'),
|
|
|
|
// proxied services
|
|
proxied('explorer');
|
|
proxied('ci');
|
|
proxied('glass');
|
|
proxied('lg');
|
|
proxied('wiki');
|
|
proxied('lounge');
|
|
proxied('nextcloud');
|
|
proxied('alertmanager');
|
|
proxied('monitor');
|
|
proxied('grafana');
|
|
proxied('consul');
|
|
proxied('vault');
|
|
proxied('paste');
|
|
proxied('tasks');
|
|
proxied('n8n');
|
|
proxied('wdev');
|
|
proxied('mkdev');
|
|
proxied('gdev');
|
|
proxied('fusion');
|
|
proxied('ldap-admin');
|
|
proxied('multics');
|
|
|
|
// other service cnames
|
|
D_EXTEND(
|
|
domain,
|
|
|
|
// evpn subdomain
|
|
NS('evpn', 'ns.uk-lon4.evpn.burble.dn42.'),
|
|
NS('evpn', 'ns.us-nyc1.evpn.burble.dn42.'),
|
|
AAAA('ns.uk-lon4.evpn', 'fd42:4242:2601:329:72e8:bff:fe58:b51b'),
|
|
AAAA('ns.uk-nyc1.evpn', 'fd42:4242:2601:325:72e8:bff:fe58:b51b'),
|
|
// DS('evpn', 46501,13,2,'ba25a8ee27c9fcc9595b60aab43aad60fd30fad073861159e157e7edf7239fc0'),
|
|
|
|
// global service aliases
|
|
CNAME('www', 'burble.dn42.'),
|
|
CNAME('git', 'git.de-fra1.burble.dn42.'),
|
|
|
|
// local service aliases
|
|
CNAME('wiki.us', 'nginx.us-dal3.burble.dn42.'),
|
|
CNAME('wiki.fr', 'nginx.de-fra1.burble.dn42.'),
|
|
CNAME('wiki.sg', 'nginx.sg-sin2.burble.dn42.'),
|
|
CNAME('wiki.ca', 'nginx.ca-bhs2.burble.dn42.'),
|
|
|
|
// host aliases
|
|
CNAME('repo', 'repo.tier2.fr-rbx1.burble.dn42.'),
|
|
CNAME('minio', 'minio.tier2.uk-lon3.burble.dn42.'),
|
|
|
|
// grc SSHFP
|
|
SSHFP('grc', 4, 1, 'ff61153c18334e89df3b4b4e4696306eeb5ffe9c'),
|
|
SSHFP('grc', 4, 2, 'c3a2470309cb1e6fba252231a6504a096ffd8b6f92442493f762e7512c515e76'),
|
|
|
|
// dn42.dev mail
|
|
MX('mail-dn42dev', 10, 'mail-dn42dev.tier2.de-fra1.burble.dn42.'),
|
|
MX('mail-dn42dev', 10, 'mail-dn42dev.tier2.ca-bhs2.burble.dn42.'),
|
|
|
|
// speedtest
|
|
CNAME('speedtest.fr-rbx1', 'nginx.fr-rbx1.burble.dn42.'),
|
|
CNAME('speedtest.ca-bhs2', 'nginx.ca-bhs2.burble.dn42.'),
|
|
|
|
// etcd service discovery
|
|
SRV('_etcd-server-ssl._tcp', 0, 0, 2380, 'etcd.tier2.fr-rbx1.burble.dn42.'),
|
|
SRV('_etcd-server-ssl._tcp', 0, 0, 2380, 'etcd.tier2.uk-lon1.burble.dn42.'),
|
|
SRV('_etcd-server-ssl._tcp', 0, 0, 2380, 'etcd.tier2.ca-bhs2.burble.dn42.'),
|
|
SRV('_etcd-server-ssl._tcp', 0, 0, 2380, 'etcd.tier2.de-fra1.burble.dn42.'),
|
|
SRV('_etcd-server-ssl._tcp', 0, 0, 2380, 'etcd.tier2.us-dal3.burble.dn42.'),
|
|
|
|
SRV('_etcd-client-ssl._tcp', 0, 0, 2379, 'etcd.burble.dn42.')
|
|
|
|
);
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// hosts
|
|
|
|
// dmz special config
|
|
D_EXTEND(
|
|
domain,
|
|
|
|
AAAA('dmz.uk-lon1', '2a04:92c5:2:1::1'),
|
|
AAAA('dmz.de-fra1', '2a0d:5941:1:17c::4e2a'),
|
|
AAAA('dmz.fr-rbx1', '2001:41d0:8:6a47::1'),
|
|
AAAA('dmz.ca-bhs2', '2607:5300:120:81a::1')
|
|
);
|
|
|
|
// homenet special config
|
|
D_EXTEND(
|
|
domain,
|
|
|
|
A( 'vega.mesh.uk-bri1', '172.20.129.191'),
|
|
AAAA('vega.mesh.uk-bri1', 'fd42:4242:2601:2001:216:3eff:fed4:fb70'),
|
|
A( 'alathfar.mesh.uk-bri1', '172.20.129.190'),
|
|
AAAA('alathfar.mesh.uk-bri1', 'fd42:4242:2601:2001:216:3eff:fee8:709d')
|
|
);
|
|
|
|
|
|
// main nodes
|
|
|
|
nodes.forEach(function(n) {
|
|
var hex = (n[4] + 32).toString(16);
|
|
var ip4 = (n[5] == 'undefined' ? undefined : n[5]);
|
|
|
|
// main IP
|
|
host(n[0],'fd42:4242:2601:'+hex+'::1', ip4);
|
|
// subnet IPs
|
|
host('tier1.'+n[0], 'fd42:4242:2601:'+hex+'::1');
|
|
host('tier2.'+n[0], 'fd42:4242:2601:'+hex+'02::1');
|
|
host('evpn.'+n[0], 'fd42:4242:2601:3'+hex+'::1');
|
|
|
|
// create dn42-xxx CNAME for dn42 nodes
|
|
if (n[3] == 'true') {
|
|
D_EXTEND(domain,CNAME('dn42-'+n[0], n[0]+'.burble.dn42.'));
|
|
}
|
|
});
|
|
|
|
// containers and VMs
|
|
|
|
virtual.forEach(function(v) {
|
|
host(v[0], v[1], v[2]);
|
|
});
|
|
|
|
//////////////////////////////////////////////////////////////////////////
|
|
// end of file
|
|
|