aynish/commoncomputing-nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a8b583482843b99d48d2843c3c3c93b5abbf48ff
commoncomputing-nix/dns
T
History
Anish Lakhwara 415d1d9f0e wip: dns stub
2025-10-16 03:51:39 -07:00
..
.gitignore
wip: dns stub
2025-10-16 03:51:39 -07:00
creds.json
wip: dns stub
2025-10-16 03:51:39 -07:00
dnscontrol.js
wip: dns stub
2025-10-16 03:51:39 -07:00
README.md
wip: dns stub
2025-10-16 03:51:39 -07:00

README.md

DNS Configuration

DNS records are managed with dnscontrol.

Setup

  1. Create/edit DNS credentials in agenix:

    cd secrets
agenix -e dns-creds.age

    Format the JSON like creds.json example:

    {
  "cloudflare": {
    "TYPE": "CLOUDFLAREAPI",
    "accountid": "your-account-id",
    "apitoken": "your-api-token"
  }
}

  2. Update dnscontrol.js with your static IP address (replace TODO_STATIC_IP)

  3. If using a different DNS provider, update the provider in dnscontrol.js

Commands

On the server, credentials are auto-decrypted to /run/agenix/dns-creds.

Preview changes:

cd /etc/nixos/dns
dnscontrol preview --config dnscontrol.js --creds /run/agenix/dns-creds

Apply changes:

dnscontrol push --config dnscontrol.js --creds /run/agenix/dns-creds

Validate config:

dnscontrol check --config dnscontrol.js

DNS Records

All subdomains point to the same static IP:

  • pds.commonscomputer.com → PDS (port 5556, proxied via Caddy)
  • knot.commonscomputer.com → Tangled Knot (port 5555, proxied via Caddy)
  • spindle.commonscomputer.com → Tangled Spindle (port 6555, proxied via Caddy)

Caddy handles HTTPS termination and reverse proxying to the internal services.

Reference in New Issue View Git Blame Copy Permalink