diff --git a/deployment/modules/dns.nix b/deployment/modules/dns.nix
new file mode 100644
index 0000000..f67e6d4
--- /dev/null
+++ b/deployment/modules/dns.nix
@@ -0,0 +1,23 @@
+{config, pkgs, nixpkgs, system, dns, ...}:
+let
+   util = dns.util.${system};
+in
+{
+  networking.domain = "beherbergung.mission-lifeline.de";
+
+  services.bind = {
+    enable = true;
+    zones = {
+      "${config.networking.domain}" = {
+        master = true;
+        file = util.writeZone "${config.networking.domain}" (import (./dns + "/${config.networking.domain}.nix") {inherit dns;});
+      };
+      "beherbergung.broenradio.org" = {  ## not required in future (but till the NS-record of beherbergung.mission-lifeline.de is configured)
+        master = true;
+        file = util.writeZone "beherbergung.broenradio.org" (import (./dns + "/${config.networking.domain}.nix") {inherit dns;});
+      };
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ 53 ];
+  networking.firewall.allowedUDPPorts = [ 53 ];
+}
diff --git a/deployment/modules/dns/beherbergung.mission-lifeline.de.nix b/deployment/modules/dns/beherbergung.mission-lifeline.de.nix
new file mode 100644
index 0000000..e6d606b
--- /dev/null
+++ b/deployment/modules/dns/beherbergung.mission-lifeline.de.nix
@@ -0,0 +1,38 @@
+{ dns, ... }:
+
+with dns.lib.combinators; {
+  SOA = {
+    nameServer = #"ns1";
+                 "ns1.broenradio.org.";
+
+    adminEmail = "dns-admin@mission-lifeline.de";
+    serial = 2022031001;
+  };
+
+  NS = [
+    #"ns1"
+    #"ns2"
+    "ns1.broenradio.org."
+    "ns2.broenradio.org."
+  ];
+
+  A = [ "88.198.203.104"  ];
+  AAAA = [ "2a01:4f8:c0c:cf13::1" ];
+
+  subdomains = rec {
+    server1 = host "88.198.203.104" "2a01:4f8:c0c:cf13::1";
+
+    ns1 = server1;
+    ns2 = server1;  ## TODO
+
+    backend = server1;
+    search = server1;
+    submission = server1;
+
+    binarycache = server1;
+    grafana = server1;
+
+    prometheus-server1 = server1;
+    loki-server1 = server1;
+  };
+}
diff --git a/flake.nix b/flake.nix
index d857ff3..edef8c7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -33,7 +33,7 @@
       ./deployment/modules/default.nix
       #sops-nix.nixosModules.sops
       #./deployment/modules/sops.nix
-      #./deployment/modules/dns.nix
+      ./deployment/modules/dns.nix
       #./deployment/modules/monitoring/client.nix
       #./deployment/modules/nginx/timmi.nix
       #nix-deploy-git.nixosModule