IT-Syndikat
/
its-zones
10
0
Fork 0
Code Issues Pull Requests Releases Activity
Our DNS Zones
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
47 Commits
1 Branch
0 Tags
600 KiB
Makefile 77.4%
Shell 22.6%
 
 
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Go to file
Xiretza 805850ae36 Add infectedmushroom 11 months ago
server Add zone enrollment instructions to README 1 year ago
.gitignore Support non-default gpg key 1 year ago
7.0.8.0.4.a.9.c.0.a.2.ip6.arpa.zone Add sozial.its PTR 1 year ago
Makefile Add more checks to makefile 1 year ago
README Add non-default ssh key instructions to README 1 year ago
it-syndik.at.zone Migrate yxorp VM 2 years ago
it-syndikat.org.zone Add infectedmushroom 11 months ago

README 

ITS DNS Zone Managment
======================

This repo contains the primary copies of all our DNS zones.

If you have access to our primary DNS server (dns.parabox.it-syndikat.org),
deploy them using this command:

    $ make sign upload

This will sign the zones using gpg using your default key and upload them
to the server using sftp. The server has incron running which will detect
the upload, verify the gpg signature, copy the zones into knot's zone
directory and reload the modified zones.

Beware, you should use an editor that supports auto-incrementing the zone
SOA for the update to be applied sucessfully on the server side. Emacs does
this by default, just say'in.

Note: Knot handles DNSSEC signing on the server side.


Using a non-default GPG/ssh key
-------------------------------

Create a file `local.mk` and specify GPG_FLAGS and/or SFTP_FLAGS as follows:

```
# local.mk
GPG_FLAGS=--default-key=<YOUR KEY FINGERPRINT>
SFTP_FLAGS=~/.ssh/id_non_default
```