Write an example DNS layout
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
655c658adf
commit
2d765994f3
GPG key ID:
0E496D15096376BE
1 changed files with 25 additions and 0 deletions
25
README.md
25
README.md
|
|
@ -65,3 +65,28 @@ Here is the relevant Nix configuration snippet that sets up these metadata value
|
|||
### ... later ...
|
||||
services.consul.extraConfig.node_meta = node_meta;
|
||||
```
|
||||
|
||||
### Example DNS layout for a Deuxfleurs cluster (see nixcfg repo for global setup)
|
||||
|
||||
- All IPv4 and IPv6 addresses of running Tricot nodes are registered using D53
|
||||
for the root domain, e.g. `deuxfleurs.fr`
|
||||
|
||||
- The IPv6 and IPv6 addresses of running Tricot nodes in each site are
|
||||
registered using D53 for the subdomain `<site_name>.site.<domain_name>`, e.g.
|
||||
`neptune.site.deuxfleurs.fr`
|
||||
|
||||
- For subdomains of global HTTP services (e.g. Garage), a CNAME entry is made
|
||||
by hand to the root domain , e.g. `garage.deuxfleurs.fr IN CNAME
|
||||
deuxfleurs.fr`
|
||||
|
||||
- For subdomains of HTTP services that run only at one place at once (e.g.
|
||||
Guichet, Grafana, Synapse, ...), a CNAME entry is registered automatically
|
||||
using D53 to the subdomain of the site on where it is running.
|
||||
In this case, users will be routed to any Tricot daemon running on one of
|
||||
the nodes of the site, which will then proxy the request to the final
|
||||
destination node through Wireguard.
|
||||
|
||||
- For non-HTTP services such as e-mail, a specific subdomain such as
|
||||
`smtp.deuxfleurs.fr` is created and populated with the correct IPv4 and IPv6
|
||||
addresses by D53 tags on the SMTP server's Consul service. Then, the `MX`
|
||||
entry is made to point to this dedicated subdomain.
|
||||
|
|
|
|||
Loading…
Reference in a new issue