its-zones

Archived

This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.

History

Daniel Gröber 5d86df1230 Add zone enrollment instructions to README		2022-02-08 21:50:35 +01:00
..
README	Add zone enrollment instructions to README	2022-02-08 21:50:35 +01:00
incrontab	Initial commit	2021-04-13 08:06:05 +02:00
knot-gpgv-import	server: Fix gpgv script	2021-10-28 04:09:19 +02:00
zone-admin.sshd_config	Initial commit	2021-04-13 08:06:05 +02:00
zone-admin.sudoers	Initial commit	2021-04-13 08:06:05 +02:00

README

Server side setup
-----------------

As root:

    $ apt-get install incron
    $ echo <the user on the server>  > /etc/incron.allow
    $ cp zone-admin.sshd_config /etc/ssh/sshd_config.d/zone-admin.conf
    $ cp zone-admin.sudoers /etc/sudoers.d/zone-admin

As the user:

    $ sed 's/$USER/<the user on the server>/g' ./incrontab | incrontab -
    # install knot-gpgv-import into ~/
    $ mkdir zones/

    # Paste your gpg public key + Ctrl-D
    $ gpg --no-default-keyring --keyring $HOME/trustedkeys.kbx -a --import


Enrolling a new zone on server
------------------------------

    $ touch /var/lib/knot/$ZONE.zone
    $ chown root:zone-admin /var/lib/knot/$ZONE.zone
    $ chmod 775 /var/lib/knot/$ZONE.zone