Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

terraform: describe the nixos.org records in route53 #68

Merged
merged 4 commits into from Dec 20, 2018
Merged

terraform: describe the nixos.org records in route53 #68

merged 4 commits into from Dec 20, 2018

Conversation

zimbatm
Copy link
Member

@zimbatm zimbatm commented Dec 16, 2018

Right now the DNS is hosted on the udag.org servers and not directly
changeable with code.

@zimbatm
Copy link
Member Author

zimbatm commented Dec 16, 2018

I would need the full dump from united domains to finish this work. Then we can transition to Route53 for the DNS.

@zimbatm zimbatm force-pushed the zimbatm/route53-zone branch 2 times, most recently from 0d0094d to 4dca45f Compare December 16, 2018 17:05
@zimbatm zimbatm mentioned this pull request Dec 16, 2018
Closed
@zimbatm
Copy link
Member Author

zimbatm commented Dec 19, 2018 

name    ttl IN  type    prio    content
losser.nixos.org.   3600    IN  A       255.255.255.255
*.losser.nixos.org. 3600    IN  A       255.255.255.255
stan.nixos.org. 3600    IN  A       255.255.255.255
*.stan.nixos.org.   3600    IN  A       255.255.255.255
lucifer.nixos.org.  3600    IN  A       255.255.255.255
*.lucifer.nixos.org.    3600    IN  A       255.255.255.255
mturk.nixos.org.    3600    IN  A       130.161.158.181
*.mturk.nixos.org.  3600    IN  A       130.161.158.181
ts.nixos.org.   3600    IN  A       255.255.255.255
*.ts.nixos.org. 3600    IN  A       255.255.255.255
svn.nixos.org.  3600    IN  A       54.217.220.47
planet.nixos.org.   3600    IN  A       54.217.220.47
hydra-test.nixos.org.   3600    IN  A       131.180.119.77
barbrady.nixos.org. 3600    IN  A       144.76.106.45
monitor.nixos.org.  3600    IN  A       144.76.106.45
nixos.org.  3600    IN  A       54.217.220.47
*.nixos.org.    3600    IN  A       54.217.220.47
hydra.nixos.org.    3600    IN  A       46.4.67.10
bastion.nixos.org.  600 IN  A       34.254.208.229
status.nixos.org.   600 IN  A       138.201.32.77
losser.nixos.org.   86400   IN  AAAA        2001:610:685:1:216:3eff:fe00:4
*.losser.nixos.org. 86400   IN  AAAA        2001:610:685:1:216:3eff:fe00:4
stan.nixos.org. 86400   IN  AAAA        2001:610:685:1:222:19ff:fe55:bf2e
*.stan.nixos.org.   86400   IN  AAAA        2001:610:685:1:222:19ff:fe55:bf2e
lucifer.nixos.org.  86400   IN  AAAA        2001:610:685:1:862b:2bff:fe0b:98f0
*.lucifer.nixos.org.    86400   IN  AAAA        2001:610:685:1:862b:2bff:fe0b:98f0
ts.nixos.org.   86400   IN  AAAA        2001:610:685:1:216:3eff:fe01:ee
*.ts.nixos.org. 86400   IN  AAAA        2001:610:685:1:216:3eff:fe01:ee
hydra-test.nixos.org.   86400   IN  AAAA        2001:610:685:1:0:0:0:1
hydra.nixos.org.    3600    IN  AAAA        2a01:4f8:140:248f::
cache.nixos.org.    3600    IN  CNAME       dualstack.v2.shared.global.fastly.net.
releases.nixos.org. 3600    IN  CNAME       d3g5gsiof5omrk.cloudfront.net.
tarballs.nixos.org. 3600    IN  CNAME       d3am6xf9zisc71.cloudfront.net.
*.conf.nixos.org.   3600    IN  CNAME       nixconberlin.github.io.
conf.nixos.org. 3600    IN  CNAME       nixconberlin.github.io.
*.weekly.nixos.org. 3600    IN  CNAME       nixos.github.io.
weekly.nixos.org.   3600    IN  CNAME       nixos.github.io.
discourse.nixos.org.    600 IN  CNAME       nixos1.hosted-by-discourse.com.
_ea68264b3470fb78960575f8dda9b40b.tarballs.nixos.org.   600 IN  CNAME       _d7407b1e66c162385ea6816b6da86f00.acm-validations.aws.
_d8f6310f3e219676be295c56e7084ed2.releases.nixos.org.   600 IN  CNAME       _f66cc632b3b03a0f5493a406c535ad7d.acm-validations.aws.
_d47a77b375708cea087182ee599174c0.cache.nixos.org.  600 IN  CNAME       _f437d0ffb520b017f4d72beb71afedf8.acm-validations.aws.
cache-fastly.nixos.org. 3600    IN  CNAME       v2.shared.global.fastly.net.
nixos.org.  14400   IN  MX  10  mx00.udag.de.
nixos.org.  14400   IN  MX  20  mx01.udag.de.
nixos.org.  86400   IN  NS      ns.udag.org.
nixos.org.  86400   IN  NS      ns.udag.de.
nixos.org.  86400   IN  NS      ns.udag.net.
nixos.org.  86400   IN  SOA     ns.udag.net. hostmaster.united-domains.de 2015072401

eelco> "losser", "stan", "barbrady", "ts", and "mturk" can be removed

@zimbatm
Copy link
Member Author

zimbatm commented Dec 19, 2018

aws_route53_zone.nixos: AccessDenied: User: arn:aws:iam::080433136561:user/jonas.chevalier is not authorized to perform: route53:CreateHostedZone

edolstra
edolstra reviewed Dec 19, 2018
View reviewed changes
terraform/route53.tf
name = "_d47a77b375708cea087182ee599174c0.cache"
type = "CNAME"
ttl = "600"
records = ["_f437d0ffb520b017f4d72beb71afedf8.acm-validations.aws"]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we actually need to keep these after validation has succeeded?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think they re-validate every time they re-issue the certificate.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure. It's better to keep them around for now.

edolstra
edolstra reviewed Dec 19, 2018
View reviewed changes
terraform/route53.tf Outdated Show resolved Hide resolved
@grahamc
Copy link
Member

grahamc commented Dec 19, 2018

Awesome, assuming it is correct, lgtm :) ;)

@zimbatm zimbatm merged commit 8d7b0b6 into master Dec 20, 2018
@zimbatm zimbatm deleted the zimbatm/route53-zone branch December 20, 2018 18:14
@zimbatm zimbatm mentioned this pull request Dec 20, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edolstra edolstra edolstra left review comments

@AmineChikhaoui AmineChikhaoui AmineChikhaoui approved these changes

@grahamc grahamc Awaiting requested review from grahamc

@rbvermaa rbvermaa Awaiting requested review from rbvermaa

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@zimbatm @grahamc @edolstra @AmineChikhaoui