distorted.lisp: Include the correct TLSA record details for SMTP.

[zones] / odin.lisp

diff --git a/odin.lisp b/odin.lisp
index 762532278fac9c851159550e3a5c6f5f29f3196f..f17fc24b98702361cdb04d59b6bb35e791433f21 100644 (file)
--- a/odin.lisp
+++ b/odin.lisp
@@ -12,13 +12,17 @@ (defzone odin.gg
   :ns ((radius-ns :ip radius)
        (precision-ns :ip precision)
        (telecaster-ns :ip telecaster)
-       (gandi6-ns :ip gandi-ns6))
+       (national-ns :ip national))
 
   ;; Web service.
   ((@ www) :svc stratocaster
           :tlsa (:https (:service-certificate-constraint
                          :public-key :sha-256 #p"https-stratocaster")))
 
+  ;; Certification.
+  :caa ((:issue "letsencrypt.org")
+       (:issue "distorted.org.uk"))
+
   ;; Mail servers
   :mx ((mail :ip stratocaster))
   :srv ((:smtp mail))