odin.lisp: Provide a TLSA record for the `odin' webserver.

diff --git a/odin.lisp b/odin.lisp
index c84fd22961e3372f977d5a402ccb508ab0bcf55e..762532278fac9c851159550e3a5c6f5f29f3196f 100644 (file)
--- a/odin.lisp
+++ b/odin.lisp
@@ -15,7 +15,9 @@ (defzone odin.gg
        (gandi6-ns :ip gandi-ns6))
 
   ;; Web service.
-  ((@ www) :svc stratocaster)
+  ((@ www) :svc stratocaster
+          :tlsa (:https (:service-certificate-constraint
+                         :public-key :sha-256 #p"https-stratocaster")))
 
   ;; Mail servers
   :mx ((mail :ip stratocaster))