Write an example DNS layout

1 files changed, 25 insertions, 0 deletions

diff --git a/README.md b/README.md
index dcf6ed9..d22e853 100644
--- a/README.md
+++ b/README.md
@@ -65,3 +65,28 @@ Here is the relevant Nix configuration snippet that sets up these metadata value
     ### ... later ...
     services.consul.extraConfig.node_meta = node_meta;
 ```
+
+### Example DNS layout for a Deuxfleurs cluster (see nixcfg repo for global setup)
+
+- All IPv4 and IPv6 addresses of running Tricot nodes are registered using D53
+  for the root domain, e.g. `deuxfleurs.fr`
+
+- The IPv6 and IPv6 addresses of running Tricot nodes in each site are
+  registered using D53 for the subdomain `<site_name>.site.<domain_name>`, e.g.
+  `neptune.site.deuxfleurs.fr`
+
+- For subdomains of global HTTP services (e.g. Garage), a CNAME entry is made
+  by hand to the root domain , e.g. `garage.deuxfleurs.fr IN CNAME
+  deuxfleurs.fr`
+
+- For subdomains of HTTP services that run only at one place at once (e.g.
+  Guichet, Grafana, Synapse, ...), a CNAME entry is registered automatically
+  using D53 to the subdomain of the site on where it is running.
+  In this case, users will be routed to any Tricot daemon running on one of
+  the nodes of the site, which will then proxy the request to the final
+  destination node through Wireguard.
+
+- For non-HTTP services such as e-mail, a specific subdomain such as
+  `smtp.deuxfleurs.fr` is created and populated with the correct IPv4 and IPv6
+  addresses by D53 tags on the SMTP server's Consul service. Then, the `MX`
+  entry is made to point to this dedicated subdomain.