Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dns: prepare Gandi migration #616

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

dns: prepare Gandi migration #616

wants to merge 2 commits into from
+13 −1

Conversation

mweinelt
Copy link
Member

@mweinelt mweinelt commented Apr 6, 2025

ALIAS at the domain apex, CNAME for everything else.

@mweinelt mweinelt changed the title dns: add remaining web hosts dns: prepare Gandi migration Apr 6, 2025
@mweinelt
dns: add remaining web hosts
0a5aab8 
ALIAS at the domain apex, CNAME for everything else.
@mweinelt mweinelt force-pushed the gandi-dns branch 2 times, most recently from fdfd01c to a4a6451 Compare April 6, 2025 23:49
@mweinelt
Copy link
Member Author

mweinelt commented Apr 7, 2025

Looks like it needs more changes on the Gandi end:

ERROR: ERROR: error while getting Nameservers for zone="nixos.org" with provider="gandi": StatusCode: 404 ; Err: 404: Unknown domain

@mweinelt
Copy link
Member Author

mweinelt commented Apr 7, 2025
edited
Loading

Looks like we cannot sync the zone until we update the delegation. Meh!

image

But we can import a zone before switching nameservers apparently.

image

jfly
jfly reviewed Apr 10, 2025
View reviewed changes
.github/workflows/dns-apply.yml
@@ -23,6 +23,7 @@ jobs:
- uses: cachix/install-nix-action@d1ca217b388ee87b2507a9a93bf01368bde7cec2 # v31
- name: dnscontrol push
env:
GANDI_TOKEN: "${{ secrets.GANDI_TOKEN }}" # Expires 2026-04-07
NETLIFY_TOKEN: "${{ secrets.NETLIFY_TOKEN }}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(I'm assuming it'll work find to deploy to netlify and gandi in parallel). Suggestion: consider adding a TODO/issue to remind us to clean up netlify (not just this code, but the old dns entries in netlify to avoid confusion).

dns/nixos.org.js
@@ -171,7 +172,11 @@ D("nixos.org",
TXT("_github-pages-challenge-nixos", "f3a423ba6916e972cfb1e74f82f601"),

// netlify pages
ALIAS("@", "nixos-homepage.netlify.app."),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apologies if you explained this elsewhere: is this violating the advice from https://answers.netlify.com/t/support-guide-which-are-some-good-dns-providers-for-alias-aname-support/211?

Some providers we cannot recommend after last review (which is well over 2 years ago at this point) are ALIAS or ANAME records provided by folks like Hover, DNS Made Easy, and even NS1 when not used as a service we provide: those “fancy” record types as implemented at those providers hosting was at last review incompatible with the way we do GeoIP routing for our CDN.

Granted, this post from 2019 sounds a bit hand wavy about a "review" they did in 2017.

dns/nixos.org.js
@@ -171,7 +172,11 @@ D("nixos.org",
TXT("_github-pages-challenge-nixos", "f3a423ba6916e972cfb1e74f82f601"),

// netlify pages
ALIAS("@", "nixos-homepage.netlify.app."),
CNAME("common-styles", "nixos-common-styles.netlify.app."),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are these CNAMEs (and the ALAIAS record above) going to apply cleanly to netlify (which, IIUC, we're still deploying to with the changes in this PR)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mic92 Mic92 Mic92 left review comments

@jfly jfly jfly left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mweinelt @Mic92 @jfly