Write an example DNS layout

2022-12-07 16:54:38 +01:00 · 2022-12-07 16:54:38 +01:00 · 2d765994f3
parent 655c658adf
commit 2d765994f3
1 changed files with 25 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -65,3 +65,28 @@ Here is the relevant Nix configuration snippet that sets up these metadata value
    ### ... later ...
    services.consul.extraConfig.node_meta = node_meta;
 ```
+
+### Example DNS layout for a Deuxfleurs cluster (see nixcfg repo for global setup)
+
+- All IPv4 and IPv6 addresses of running Tricot nodes are registered using D53
+  for the root domain, e.g. `deuxfleurs.fr`
+
+- The IPv6 and IPv6 addresses of running Tricot nodes in each site are
+  registered using D53 for the subdomain `<site_name>.site.<domain_name>`, e.g.
+  `neptune.site.deuxfleurs.fr`
+
+- For subdomains of global HTTP services (e.g. Garage), a CNAME entry is made
+  by hand to the root domain , e.g. `garage.deuxfleurs.fr IN CNAME
+  deuxfleurs.fr`
+
+- For subdomains of HTTP services that run only at one place at once (e.g.
+  Guichet, Grafana, Synapse, ...), a CNAME entry is registered automatically
+  using D53 to the subdomain of the site on where it is running.
+  In this case, users will be routed to any Tricot daemon running on one of
+  the nodes of the site, which will then proxy the request to the final
+  destination node through Wireguard.
+
+- For non-HTTP services such as e-mail, a specific subdomain such as
+  `smtp.deuxfleurs.fr` is created and populated with the correct IPv4 and IPv6
+  addresses by D53 tags on the SMTP server's Consul service. Then, the `MX`
+  entry is made to point to this dedicated subdomain.