128 lines
3.2 KiB
Text
128 lines
3.2 KiB
Text
---
|
|
# ============================================================
|
|
# Linderhof DNS Zones
|
|
# ============================================================
|
|
# Generated by setup.sh — edit to match your DNS needs.
|
|
# This file is loaded automatically by Ansible as part of group_vars.
|
|
#
|
|
# After first mail deployment, retrieve DKIM keys with:
|
|
# docker exec mailserver cat /tmp/docker-mailserver/rspamd/dkim/$domain/mail.pub
|
|
# Add them to vault.yml and uncomment the mail._domainkey records below.
|
|
# ============================================================
|
|
|
|
dns_zones:
|
|
- zone: $domain
|
|
records:
|
|
# Root domain
|
|
- name: "@"
|
|
type: A
|
|
records:
|
|
- value: $server_ip
|
|
|
|
- name: "@"
|
|
type: MX
|
|
records:
|
|
- value: "10 {{ mail_hostname }}."
|
|
|
|
- name: "@"
|
|
type: TXT
|
|
records:
|
|
- value: "{{ 'v=spf1 mx -all' | hetzner.hcloud.txt_record }}"
|
|
|
|
# Server A record
|
|
- name: $server_name
|
|
type: A
|
|
records:
|
|
- value: $server_ip
|
|
|
|
- name: www
|
|
type: A
|
|
records:
|
|
- value: $server_ip
|
|
|
|
# Mail subdomain A record (for the mail hostname itself)
|
|
- name: "{{ mail_hostname.split('.')[0] }}"
|
|
type: A
|
|
records:
|
|
- value: $server_ip
|
|
|
|
# Service CNAMEs
|
|
- name: webmail
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
- name: code
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
- name: watch
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
- name: rspamd
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
- name: stats
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
- name: chat
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
- name: cal
|
|
type: CNAME
|
|
records:
|
|
- value: $server_name.$domain.
|
|
|
|
# DMARC
|
|
- name: _dmarc
|
|
type: TXT
|
|
records:
|
|
- value: "{{ 'v=DMARC1; p=none; rua=mailto:dmarc@$domain' | hetzner.hcloud.txt_record }}"
|
|
|
|
# DKIM — uncomment after first mail deployment and add key to vault.yml
|
|
# - name: mail._domainkey
|
|
# type: TXT
|
|
# records:
|
|
# - value: "{{ dkim_keys['$domain'] | hetzner.hcloud.txt_record }}"
|
|
|
|
# Extra domains (additional mail-hosted domains) — add as needed:
|
|
# - zone: example2.com
|
|
# records:
|
|
# - name: "@"
|
|
# type: A
|
|
# records:
|
|
# - value: $server_ip
|
|
#
|
|
# - name: "@"
|
|
# type: MX
|
|
# records:
|
|
# - value: "10 {{ mail_hostname }}."
|
|
#
|
|
# - name: "@"
|
|
# type: TXT
|
|
# records:
|
|
# - value: "{{ 'v=spf1 mx -all' | hetzner.hcloud.txt_record }}"
|
|
#
|
|
# - name: www
|
|
# type: CNAME
|
|
# records:
|
|
# - value: example2.com.
|
|
#
|
|
# - name: _dmarc
|
|
# type: TXT
|
|
# records:
|
|
# - value: "{{ 'v=DMARC1; p=none; rua=mailto:dmarc@example2.com' | hetzner.hcloud.txt_record }}"
|
|
#
|
|
# # - name: mail._domainkey
|
|
# # type: TXT
|
|
# # records:
|
|
# # - value: "{{ dkim_keys['example2.com'] | hetzner.hcloud.txt_record }}"
|