odin.lisp: Provide a TLSA record for the `odin' webserver.

diff --git a/odin.lisp b/odin.lisp
index c84fd22..7625322 100644 (file)
--- a/odin.lisp
+++ b/odin.lisp
@@ -15,7 +15,9 @@
        (gandi6-ns :ip gandi-ns6))
 
   ;; Web service.
-  ((@ www) :svc stratocaster)
+  ((@ www) :svc stratocaster
+          :tlsa (:https (:service-certificate-constraint
+                         :public-key :sha-256 #p"https-stratocaster")))
 
   ;; Mail servers
   :mx ((mail :ip stratocaster))