escape special characters

README.md

@@ -0,0 +1,8 @@
+# Central DNS management
+
+## Overview
+This repository contains the configuration for managing the DNS records for `moll.re` and other domains.
+
+It uses [octodns](https://github.com/octodns/octodns/) along with submodules for cloudflare and ddns.
+
+This configuration is applied through a cron job on the k8s cluster, configured under [https://git.kluster.moll.re/remoll/k3s-infra](https://git.kluster.moll.re/remoll/k3s-infra).

config.yaml

@@ -7,24 +7,18 @@ providers:
   
   kluster:
     class: octodns_ddns.DdnsSource
+    types:
+      - A # server has no AAAA
 
   cloudflare:
     class: octodns_cloudflare.CloudflareProvider
-    # Your Cloudflare account email address (required, optional if using token)
-    email: env/CLOUDFLARE_EMAIL
-    # The API Token or API Key.
-    # Required permissions for API Tokens are Zone:Read, DNS:Read and DNS:Key.
     token: env/CLOUDFLARE_TOKEN
-    # Optional. Filter by account ID in environments where a token has access
-    # across more than the permitted number of accounts allowed by Cloudflare.
-    account_id: env/CLOUDFLARE_ACCOUNT_ID
-
 
 
 zones:
-  'moll.re':
+  'moll.re.':
     sources:
       - config # sets all other records
       - kluster # sets kluster.moll.re
     targets:
-      - cloudlfare
+      - cloudflare

config/moll.re.yaml

@@ -1,51 +1,72 @@
 '':
-  ttl: 60
+  - type: ALIAS
-  type: CNAME
+    value: homepage.kluster.moll.re.
-  values:
+  # mail forwarding by cloudflare set the auto-ttl to the same value as prescribed by cloudflare
-    - homepage.kluster.moll.re
+  - octodns:
+      cloudflare:
+        auto-ttl: true
+    ttl: 300
+    type: MX
+    values:
+      - exchange: route1.mx.cloudflare.net.
+        preference: 62
+      - exchange: route2.mx.cloudflare.net.
+        preference: 77
+      - exchange: route3.mx.cloudflare.net.
+        preference: 27
+  - octodns:
+      cloudflare:
+        auto-ttl: true
+    ttl: 300
+    type: TXT
+    value: v=spf1 include:_spf.mx.cloudflare.net ~all
+
 
 '*.kluster':
   ttl: 60
   type: CNAME
+  value: kluster.moll.re.
+
+
+# gitea SSH advertised on port 2222
+'_ssh._tcp':
+  type: SRV
   values:
-    - kluster.moll.re 
+    - port: 2222
+      priority: 0
+      target: git.kluster.moll.re.
+      weight: 500
+
+
+# cloudflare DKIM for cloudflare email routing
+'cf2024-1._domainkey':
+  octodns:
+    cloudflare:
+      auto-ttl: true
+  ttl: 300
+  type: TXT
+  value: '"v=DKIM1\; h=sha256\; k=rsa\; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiweykoi+o48IOGuP7GR3X0MOExCUDY/BCRHoWBnh3rChl7WhdyCxW3jgq1daEjPPqoi7sJvdg5hEQVsgVRQP4DcnQDVjGMbASQtrY4WmB1VebF+RPJB2ECPsEDTpeiI5ZyUAwJaVX7r6bznU67g7LvFq35yIo4sdlmtZGV+i0H4cpYH9+3JJ78k" "m4KXwaf9xUJCWF6nxeD+qG6Fyruw1Qlbds2r85U9dkNDVAS3gioCvELryh1TxKGiVTkg4wqHTyHfWsp7KD3WQHYJn0RyfJJu6YEmL77zonn7p2SRMvTMP3ZEXibnC9gz3nnhR6wcYL8Q7zXypKTMD58bTixDSJwIDAQAB"'
+
+
+# SMTP by smtp2go
+'em604688':
+  type: CNAME
+  value: return.smtp2go.net.
+
+
+# SMTP by smtp2go
+'link':
+  type: CNAME
+  value: track.smtp2go.net.
+
+
+# DKIM by smtp2go
+'s604688._domainkey':
+  type: CNAME
+  value: dkim.smtp2go.net.
+
 
 'short':
   ttl: 60
   type: CNAME
-  values:
+  value: shlink.kluster.moll.re.
-    - shlink.kluster.moll.re
-
-
-'skiff1._domainkey':
-  type: CNAME
-  values:
-    - skiff1.tlfind3ul99o2wi.dkim.skiff.com
-
-
-'skiff2._domainkey':
-  type: CNAME
-  values:
-    - skiff2.tlfind3ul99o2wi.dkim.skiff.com
-
-
-'moll.re':
-  - type: MX
-    values:
-      - inbound-smtp.skiff.com
-  - type: TXT
-    values:
-      - v=spf1 include:tlfind3ul99o2wi.spf.skiff.com -all
-  
-
-
-'_ssh._tcp':
-  type: SRV
-  values:
-    - 0 500 2222 git.kluster.moll.re
-
-
-'_dmarc':
-  type: TXT
-  values:
-    - v=DMARC1; p=reject; pct=100; adkim=s; aspf=s

requirements.txt

@@ -0,0 +1 @@
+octodns-ddns==0.2.1