use fly for TLS termination

1 files changed, 13 insertions, 8 deletions

diff --git a/dnsconfig.js b/dnsconfig.js
index aafd6d0..be267ef 100644
--- a/dnsconfig.js
+++ b/dnsconfig.js
@@ -1,6 +1,8 @@
 // @ts-check
 /// <reference path="types-dnscontrol.d.ts" />
 
+var FLY_ACME_DOMAIN = 'l5o85r.flydns.net.'
+
 // Helpers
 
 /**
@@ -24,7 +26,9 @@ function fly(name) {
   // prettier-ignore
   return [
     ALIAS(name, 'alanpearce-eu.fly.dev.'),
-    HTTPS(name, 1, '.', https({ alpn: ['h2'] }))
+    HTTPS(name, 1, '.', https({
+      alpn: ['h2']
+    })),
   ]
 }
 
@@ -74,8 +78,6 @@ var acmeLetsEncrypt = [
   }),
 ]
 
-var websiteHosting = [fly('@')]
-
 // Providers:
 
 var RegistrarNone = NewRegistrar('none')
@@ -94,8 +96,10 @@ D(
   nameserversHE,
 
   acmeLetsEncrypt,
-  websiteHosting,
+  fly('@'),
   fly('www'),
+  CNAME('_acme-challenge', 'alanpearce.eu.' + FLY_ACME_DOMAIN),
+  CNAME('_acme_challenge.www', 'www.alanpearce.eu.' + FLY_ACME_DOMAIN),
 
   // prettier-ignore
   bulkCNAME([
@@ -157,8 +161,10 @@ D(
   DnsProvider(PowerDNS),
 
   acmeLetsEncrypt,
-  websiteHosting,
+  fly('@'),
   fly('www'),
+  CNAME('_acme-challenge', 'alanpearce.uk.' + FLY_ACME_DOMAIN),
+  CNAME('_acme_challenge.www', 'www.alanpearce.uk.' + FLY_ACME_DOMAIN),
 
   iCloudMail('alanpearce.uk', 'BNdyqalwDX8kwF6k'),
   DMARC_BUILDER({
@@ -180,14 +186,13 @@ D(
   NAMESERVER_TTL(86400),
 
   acmeLetsEncrypt,
-  websiteHosting,
+  fly('@'),
 
   SPF_BUILDER({
     parts: ['v=spf1', '-all'],
   }),
 
-  ALIAS('_acme-challenge', 'linde.alanpearce.eu.'),
-  IGNORE('_acme-challenge', 'TXT'),
+  CNAME('_acme-challenge', 'aln.pe.' + FLY_ACME_DOMAIN),
   CNAME('*', 'alanpearce.eu.'),
 
   nameserversHE