IT-Syndikat
/
its-zones
Archived
13
0
Fork 0
Code Issues Pull Requests Releases Activity
Our DNS Zones
This repository has been archived on 2024-02-16. You can view files and clone it, but cannot push or open issues or pull requests.
19 Commits 1 Branch 0 Tags 600 KiB
Makefile 77.4%
Shell 22.6%
Go to file
Daniel Gröber caf82fcb0d Give www it's own address records. 
Previously MX www.it-syndikat.org was valid :)
 		2021-11-12 15:59:19 +01:00
server server: Fix gpgv script 2021-10-28 04:09:19 +02:00
.gitignore Initial commit 2021-04-13 08:06:05 +02:00
Makefile mk: Use canonical DNS primary domain as sftp target 2021-11-08 09:23:11 +01:00
README README: Add warning about SOA incrementing 2021-11-11 15:00:04 +01:00
it-syndik.at.zone Matrix TLS is now terminated inside respective VM 2021-11-10 23:39:24 +01:00
it-syndikat.org.zone Give www it's own address records. 2021-11-12 15:59:19 +01:00

README 

ITS DNS Zone Managment
======================

This repo contains the primary copies of all our DNS zones.

If you have access to our primary DNS server (dns.parabox.it-syndikat.org),
deploy them using this command:

    $ make sign upload

This will sign the zones using gpg using your default key and upload them
to the server using sftp. The server has incron running which will detect
the upload, verify the gpg signature, copy the zones into knot's zone
directory and reload the modified zones.

Beware, you should use an editor that supports auto-incrementing the zone
SOA for the update to be applied sucessfully on the server side. Emacs does
this by default, just say'in.

Note: Knot handles DNSSEC signing on the server side.