This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.
2021-04-13 07:58:31 +02:00
|
|
|
ITS DNS Zone Managment
|
|
|
|
======================
|
|
|
|
|
|
|
|
This repo contains the primary copies of all our DNS zones.
|
|
|
|
|
|
|
|
If you have access to our primary DNS server (dns.parabox.it-syndikat.org),
|
|
|
|
deploy them using this command:
|
|
|
|
|
|
|
|
$ make sign upload
|
|
|
|
|
|
|
|
This will sign the zones using gpg using your default key and upload them
|
|
|
|
to the server using sftp. The server has incron running which will detect
|
|
|
|
the upload, verify the gpg signature, copy the zones into knot's zone
|
|
|
|
directory and reload the modified zones.
|
|
|
|
|
2021-11-11 15:00:04 +01:00
|
|
|
Beware, you should use an editor that supports auto-incrementing the zone
|
|
|
|
SOA for the update to be applied sucessfully on the server side. Emacs does
|
|
|
|
this by default, just say'in.
|
|
|
|
|
2021-04-13 07:58:31 +02:00
|
|
|
Note: Knot handles DNSSEC signing on the server side.
|
2022-02-08 23:23:17 +01:00
|
|
|
|
|
|
|
|
|
|
|
Using a non-default GPG key
|
|
|
|
---------------------------
|
|
|
|
|
|
|
|
Create a file `local.mk` and specify GPG_FLAGS as follows:
|
|
|
|
|
|
|
|
```
|
|
|
|
# local.mk
|
|
|
|
GPG_FLAGS=--default-key=<YOUR KEY FINGERPRINT>
|
|
|
|
```
|