Compare commits
8 commits
34c0b9f166
...
ebb6fd3b46
Author | SHA1 | Date | |
---|---|---|---|
Daniel Gröber | ebb6fd3b46 | ||
Daniel Gröber | 903c5c89ec | ||
Daniel Gröber | 5d86df1230 | ||
Daniel Gröber | 25d4389e29 | ||
Daniel Gröber | 48fbd907f3 | ||
Daniel Gröber | bcc8f7c4bd | ||
Daniel Gröber | 8983b06494 | ||
Daniel Gröber | b8f7cdd997 |
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1 +1,2 @@
|
||||||
*.sig
|
*.sig
|
||||||
|
/local.mk
|
||||||
|
|
25
7.0.8.0.4.a.9.c.0.a.2.ip6.arpa.zone
Normal file
25
7.0.8.0.4.a.9.c.0.a.2.ip6.arpa.zone
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
; -*- tab-width: 16; indent-tabs-mode: t; -*-
|
||||||
|
|
||||||
|
$TTL 5m
|
||||||
|
|
||||||
|
7.0.8.0.4.a.9.c.0.a.2.ip6.arpa. SOA ( ns0.it-syndikat.org.
|
||||||
|
hostmaster.it-syndikat.org.
|
||||||
|
1642545954 ; serial
|
||||||
|
3h ; refresh
|
||||||
|
1h ; retry
|
||||||
|
4w ; expire
|
||||||
|
5m ; negcache ttl
|
||||||
|
)
|
||||||
|
|
||||||
|
$ORIGIN 7.0.8.0.4.a.9.c.0.a.2.ip6.arpa.
|
||||||
|
@ NS ns0.it-syndikat.org.
|
||||||
|
NS john.ns.dxld.at.
|
||||||
|
NS ns1.he.net.
|
||||||
|
|
||||||
|
|
||||||
|
; Note: `ipv6calc -a 1234::` returns ip6.arpa domain notation
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
d.1.a.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR hagrid.servers.dxld.at.
|
||||||
|
1.a.2.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR sozial.it-syndikat.org.
|
4
Makefile
4
Makefile
|
@ -6,7 +6,7 @@ check: $(patsubst %.zone,%.check,$(wildcard *.zone))
|
||||||
sign: $(patsubst %,%.sig,$(wildcard *.zone))
|
sign: $(patsubst %,%.sig,$(wildcard *.zone))
|
||||||
|
|
||||||
%.sig: %
|
%.sig: %
|
||||||
gpg -o $@ --batch --yes --detach-sign $<
|
gpg $(GPG_FLAGS) -o $@ --batch --yes --detach-sign $<
|
||||||
|
|
||||||
.PHONY: check-clean
|
.PHONY: check-clean
|
||||||
check-clean:
|
check-clean:
|
||||||
|
@ -23,3 +23,5 @@ clean:
|
||||||
|
|
||||||
FORCE:
|
FORCE:
|
||||||
.PHONY: FORCE
|
.PHONY: FORCE
|
||||||
|
|
||||||
|
-include local.mk
|
||||||
|
|
11
README
11
README
|
@ -18,3 +18,14 @@ SOA for the update to be applied sucessfully on the server side. Emacs does
|
||||||
this by default, just say'in.
|
this by default, just say'in.
|
||||||
|
|
||||||
Note: Knot handles DNSSEC signing on the server side.
|
Note: Knot handles DNSSEC signing on the server side.
|
||||||
|
|
||||||
|
|
||||||
|
Using a non-default GPG key
|
||||||
|
---------------------------
|
||||||
|
|
||||||
|
Create a file `local.mk` and specify GPG_FLAGS as follows:
|
||||||
|
|
||||||
|
```
|
||||||
|
# local.mk
|
||||||
|
GPG_FLAGS=--default-key=<YOUR KEY FINGERPRINT>
|
||||||
|
```
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
@ SOA ( ns0.it-syndikat.org.
|
@ SOA ( ns0.it-syndikat.org.
|
||||||
hostmaster.it-syndikat.org.
|
hostmaster.it-syndikat.org.
|
||||||
1637512779 ; serial
|
1644353314 ; serial
|
||||||
3h ; refresh
|
3h ; refresh
|
||||||
1h ; retry
|
1h ; retry
|
||||||
4w ; expire
|
4w ; expire
|
||||||
|
@ -56,5 +56,9 @@ mailtrain MX 10 mailtrain.it-syndikat.org.
|
||||||
AAAA 2a01:4f8:10b:331f:0:ff:fe00:5
|
AAAA 2a01:4f8:10b:331f:0:ff:fe00:5
|
||||||
|
|
||||||
|
|
||||||
paracube NS ns0.it-syndikat.org
|
sozial TXT "Router at the space"
|
||||||
NS ns1.he.net.
|
APL 2:2a0c:9a40:8070::/56
|
||||||
|
AAAA 2a0c:9a40:8070::1
|
||||||
|
|
||||||
|
ldap TXT "LDAP server at the space"
|
||||||
|
AAAA 2a0c:9a40:8070:80:2a7f:b595:6f90:1d12
|
||||||
|
|
|
@ -17,3 +17,10 @@ As the user:
|
||||||
# Paste your gpg public key + Ctrl-D
|
# Paste your gpg public key + Ctrl-D
|
||||||
$ gpg --no-default-keyring --keyring $HOME/trustedkeys.kbx -a --import
|
$ gpg --no-default-keyring --keyring $HOME/trustedkeys.kbx -a --import
|
||||||
|
|
||||||
|
|
||||||
|
Enrolling a new zone on server
|
||||||
|
------------------------------
|
||||||
|
|
||||||
|
$ touch /var/lib/knot/$ZONE.zone
|
||||||
|
$ chown root:zone-admin /var/lib/knot/$ZONE.zone
|
||||||
|
$ chmod 775 /var/lib/knot/$ZONE.zone
|
||||||
|
|
Reference in a new issue