From 59cc9599bd8ce7982eef79b15084427e297bdfa7 Mon Sep 17 00:00:00 2001 From: Ben Harris Date: Wed, 19 May 2021 16:34:56 -0400 Subject: [PATCH] big cleanup - add webster.st - remove irctokens.org - remove benharri.com - tidy up dkim/dmarc/spf for my domains --- named.conf.mydomains | 30 ++++++---------- zones/db.nand.sh | 2 +- zones/mydomains/db.benharr.is | 3 +- zones/mydomains/db.benharri.com | 35 ------------------- zones/mydomains/db.bhh.sh | 22 +++++++----- zones/mydomains/db.dobis.org | 4 ++- zones/mydomains/db.harris.team | 15 +------- zones/mydomains/db.harriswoodworks.net | 8 +++-- zones/mydomains/db.hmm.st | 8 ++--- zones/mydomains/db.irctokens.org | 19 ---------- .../db.jacksonconstructionservices.net | 4 +++ zones/mydomains/db.webster.st | 19 ++++++++++ 12 files changed, 61 insertions(+), 108 deletions(-) delete mode 100644 zones/mydomains/db.benharri.com delete mode 100644 zones/mydomains/db.irctokens.org create mode 100644 zones/mydomains/db.webster.st diff --git a/named.conf.mydomains b/named.conf.mydomains index f8561f4..ae83d38 100644 --- a/named.conf.mydomains +++ b/named.conf.mydomains @@ -4,16 +4,6 @@ include "/etc/bind/pi.key"; acl ns2 { 167.114.154.31; }; masters ns2 { 167.114.154.31; }; -zone "benharri.com" { - type master; - file "/etc/bind/zones/mydomains/db.benharri.com"; - allow-transfer { ns2; }; - also-notify { ns2; }; - update-policy { - grant certbot name _acme-challenge.benharri.com. txt; - }; -}; - zone "benharri.org" { type master; file "/etc/bind/zones/mydomains/db.benharri.org"; @@ -106,16 +96,6 @@ zone "hmm.st" { }; }; -zone "irctokens.org" { - type master; - file "/etc/bind/zones/mydomains/db.irctokens.org"; - allow-transfer { ns2; }; - also-notify { ns2; }; - update-policy { - grant certbot name _acme-challenge.irctokens.org. txt; - }; -}; - zone "jacksonconstructionservices.net" { type master; file "/etc/bind/zones/mydomains/db.jacksonconstructionservices.net"; @@ -136,3 +116,13 @@ zone "platformpersonalities.com" { }; }; +zone "webster.st" { + type master; + file "/etc/bind/zones/mydomains/db.webster.st"; + allow-transfer { ns2; }; + also-notify { ns2; }; + update-policy { + grant certbot name _acme-challenge.webster.st. txt; + }; +}; + diff --git a/zones/db.nand.sh b/zones/db.nand.sh index 549f5c8..fd7b879 100644 --- a/zones/db.nand.sh +++ b/zones/db.nand.sh @@ -1,7 +1,7 @@ $ORIGIN . $TTL 3600 ; 1 hour nand.sh IN SOA ns1.tildeverset.net. root.nand.sh. ( - 2021041101 ; serial + 2021041105 ; serial 86400 ; refresh (1 day) 7200 ; retry (2 hours) 3600000 ; expire (5 weeks 6 days 16 hours) diff --git a/zones/mydomains/db.benharr.is b/zones/mydomains/db.benharr.is index 0fbafe3..dba2636 100644 --- a/zones/mydomains/db.benharr.is +++ b/zones/mydomains/db.benharr.is @@ -1,7 +1,7 @@ $ORIGIN . $TTL 86400 ; 1 day benharr.is IN SOA ns1.bhh.sh. root.benharr.is. ( - 2021041000 ; serial + 2021051900 ; serial 86400 ; refresh (1 day) 7200 ; retry (2 hours) 3600000 ; expire (5 weeks 6 days 16 hours) @@ -13,7 +13,6 @@ $TTL 3600 ; 1 hour A 198.108.76.81 MX 10 mail.bhh.sh. TXT "v=spf1 a mx -all" - TXT "keybase-site-verification=vl-YnJkL7JADjyXWa1zDBGdmAyYuy8O1aMC4SlQFj2w" $ORIGIN benharr.is. * A 198.108.76.81 _dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@benharr.is; sp=none; ri=86400" diff --git a/zones/mydomains/db.benharri.com b/zones/mydomains/db.benharri.com deleted file mode 100644 index f369b9e..0000000 --- a/zones/mydomains/db.benharri.com +++ /dev/null @@ -1,35 +0,0 @@ -$ORIGIN benharri.com. -$TTL 3600 - -;; SOA Record -benharri.com. 3600 IN SOA ns1.bhh.sh. root.benharri.com. ( - 2021020300 ; serial - 86400 ; refresh (24 hours) - 7200 ; retry (2 hour) - 3600000 ; expire (1000 hours) - 172800 ; minimum (2 days) - ) - -;; NS records - IN NS ns1.bhh.sh. - IN NS ns2.bhh.sh. - -;; A Records -* IN A 198.108.76.81 -@ IN A 198.108.76.81 - -;; MX Records -@ IN MX 1 mail.bhh.sh. - -;; TXT Records -@ IN TXT "v=spf1 a mx -all" -_dmarc IN TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@benharri.com; sp=none; ri=86400" -mail._domainkey IN TXT ( - "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" - "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" - "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" - "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" - "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" - "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" ) -ownercheck IN TXT "6133a134" - diff --git a/zones/mydomains/db.bhh.sh b/zones/mydomains/db.bhh.sh index fc9ab23..32f2ef8 100644 --- a/zones/mydomains/db.bhh.sh +++ b/zones/mydomains/db.bhh.sh @@ -1,7 +1,7 @@ $ORIGIN . $TTL 3600 ; 1 hour bhh.sh IN SOA ns1.bhh.sh. root.bhh.sh. ( - 2021051401 ; serial + 2021051405 ; serial 7200 ; refresh (2 hours) 3600 ; retry (1 hour) 86400 ; expire (1 day) @@ -53,7 +53,9 @@ _imap SRV 0 1 143 mail.bhh.sh. _submission SRV 0 1 587 mail.bhh.sh. $ORIGIN bhh.sh. ax101 A 157.90.92.151 -status.ax101 CNAME qs2l.status.updown.io. +$ORIGIN ax101.bhh.sh. +status CNAME qs2l.status.updown.io. +$ORIGIN bhh.sh. ca1 CNAME de2 de2 A 157.90.196.61 AAAA 2a01:4f8:252:3e22::61 @@ -65,14 +67,16 @@ $TTL 3600 ; 1 hour gtlug A 157.90.196.54 AAAA 2a01:4f8:252:3e22::54 hashbang CNAME de2 -hns1 A 213.239.242.238 - AAAA 2a01:4f8:0:a101::a:1 -hns2 A 213.133.105.6 - AAAA 2a01:4f8:d0a:2004::2 -hns3 A 193.47.99.3 - AAAA 2001:67c:192c::add:a3 +hns1 A 213.239.242.238 + AAAA 2a01:4f8:0:a101::a:1 +hns2 A 213.133.105.6 + AAAA 2a01:4f8:d0a:2004::2 +hns3 A 193.47.99.3 + AAAA 2001:67c:192c::add:a3 hopey A 192.99.44.88 -status.hopey CNAME 1xjo.status.updown.io. +$ORIGIN hopey.bhh.sh. +status CNAME 1xjo.status.updown.io. +$ORIGIN bhh.sh. infra A 51.79.77.213 $ORIGIN infra.bhh.sh. status CNAME cbnj.status.updown.io. diff --git a/zones/mydomains/db.dobis.org b/zones/mydomains/db.dobis.org index 74461e8..889eefc 100644 --- a/zones/mydomains/db.dobis.org +++ b/zones/mydomains/db.dobis.org @@ -1,7 +1,7 @@ $ORIGIN . $TTL 3600 ; 1 hour dobis.org IN SOA ns1.bhh.sh. root.dobis.org. ( - 2021020308 ; serial + 2021051900 ; serial 86400 ; refresh (1 day) 7200 ; retry (2 hours) 3600000 ; expire (5 weeks 6 days 16 hours) @@ -14,4 +14,6 @@ dobis.org IN SOA ns1.bhh.sh. root.dobis.org. ( TXT "v=spf1 a mx -all" $ORIGIN dobis.org. * A 198.108.76.81 +_dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@dobis.org; sp=none; ri=86400" +mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" ownercheck TXT "6133a134" diff --git a/zones/mydomains/db.harris.team b/zones/mydomains/db.harris.team index 0ae0aa5..76e22e2 100644 --- a/zones/mydomains/db.harris.team +++ b/zones/mydomains/db.harris.team @@ -1,7 +1,7 @@ $ORIGIN . $TTL 3600 ; 1 hour harris.team IN SOA ns1.bhh.sh. root.harris.team. ( - 2021030304 ; serial + 2021051900 ; serial 86400 ; refresh (1 day) 7200 ; retry (2 hours) 3600000 ; expire (5 weeks 6 days 16 hours) @@ -16,17 +16,4 @@ $ORIGIN harris.team. * A 198.108.76.81 _dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@harris.team; sp=none; ri=86400" mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" -$ORIGIN _tcp.harris.team. -_stun SRV 0 0 3478 hmm.st. -_stuns SRV 0 0 5349 hmm.st. -_turn SRV 0 0 3478 hmm.st. -_turns SRV 0 0 5349 hmm.st. -_xmpp-client SRV 5 0 5222 hmm.st. -_xmpp-server SRV 5 0 5269 hmm.st. -_xmpps-client SRV 5 0 5223 hmm.st. -_xmpps-server SRV 5 0 5270 hmm.st. -$ORIGIN _udp.harris.team. -_stun SRV 0 0 3478 hmm.st. -_turn SRV 0 0 3478 hmm.st. -$ORIGIN harris.team. ownercheck TXT "6133a134" diff --git a/zones/mydomains/db.harriswoodworks.net b/zones/mydomains/db.harriswoodworks.net index 6b5447f..deeb05f 100644 --- a/zones/mydomains/db.harriswoodworks.net +++ b/zones/mydomains/db.harriswoodworks.net @@ -3,7 +3,7 @@ $TTL 3600 ;; SOA Record harriswoodworks.net. 3600 IN SOA ns1.bhh.sh. root.harriswoodworks.net. ( - 2021020300 ; serial + 2021051900 ; serial 86400 ; refresh (24 hours) 7200 ; retry (2 hour) 3600000 ; expire (1000 hours) @@ -12,12 +12,14 @@ harriswoodworks.net. 3600 IN SOA ns1.bhh.sh. root.harriswoodworks.net. ( IN NS ns1.bhh.sh. IN NS ns2.bhh.sh. + TXT "v=spf1 a mx -all" -;; A Records * IN A 198.108.76.81 @ IN A 198.108.76.81 -;; MX Records @ IN MX 1 mail.bhh.sh. +_dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@harriswoodworks.net; sp=none; ri=86400" +mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" + ownercheck IN TXT "6133a134" diff --git a/zones/mydomains/db.hmm.st b/zones/mydomains/db.hmm.st index f3b13fb..596f958 100644 --- a/zones/mydomains/db.hmm.st +++ b/zones/mydomains/db.hmm.st @@ -1,7 +1,7 @@ $ORIGIN . $TTL 3600 ; 1 hour hmm.st IN SOA ns1.bhh.sh. root.hmm.st. ( - 2021050902 ; serial + 2021050910 ; serial 86400 ; refresh (1 day) 7200 ; retry (2 hours) 3600000 ; expire (5 weeks 6 days 16 hours) @@ -17,7 +17,6 @@ hmm.st IN SOA ns1.bhh.sh. root.hmm.st. ( NAPTR 30 0 "s" "SIP+D2U" "" _sip.udp.hmm.st. $ORIGIN hmm.st. * A 198.108.76.81 -anon CNAME mc.bhh.sh. _dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@hmm.st; sp=none; ri=86400" mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" $ORIGIN _tcp.hmm.st. @@ -27,13 +26,14 @@ _stun SRV 0 0 3478 hmm.st. _stuns SRV 0 0 5349 hmm.st. _turn SRV 0 0 3478 hmm.st. _turns SRV 0 0 5349 hmm.st. -_xmpps-client SRV 5 0 5223 hmm.st. _xmpp-client SRV 10 0 5222 hmm.st. -_xmpps-server SRV 5 0 5270 hmm.st. _xmpp-server SRV 5 0 5269 hmm.st. +_xmpps-client SRV 5 0 5223 hmm.st. +_xmpps-server SRV 5 0 5270 hmm.st. $ORIGIN _udp.hmm.st. _sip SRV 0 0 5060 hmm.st. _stun SRV 0 0 3478 hmm.st. _turn SRV 0 0 3478 hmm.st. $ORIGIN hmm.st. +anon CNAME mc.bhh.sh. ownercheck TXT "6133a134" diff --git a/zones/mydomains/db.irctokens.org b/zones/mydomains/db.irctokens.org deleted file mode 100644 index 34ac505..0000000 --- a/zones/mydomains/db.irctokens.org +++ /dev/null @@ -1,19 +0,0 @@ -$ORIGIN . -$TTL 3600 ; 1 hour -irctokens.org IN SOA ns1.bhh.sh. root.irctokens.org. ( - 2021020304 ; serial - 86400 ; refresh (1 day) - 7200 ; retry (2 hours) - 3600000 ; expire (5 weeks 6 days 16 hours) - 172800 ; minimum (2 days) - ) - NS ns1.bhh.sh. - NS ns2.bhh.sh. - A 198.108.76.81 - MX 1 mail.bhh.sh. - TXT "v=spf1 a mx -all" -$ORIGIN irctokens.org. -* A 198.108.76.81 -_dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@irctokens.org; sp=none; ri=86400" -mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" -ownercheck TXT "6133a134" diff --git a/zones/mydomains/db.jacksonconstructionservices.net b/zones/mydomains/db.jacksonconstructionservices.net index 36a3233..1bdeee3 100644 --- a/zones/mydomains/db.jacksonconstructionservices.net +++ b/zones/mydomains/db.jacksonconstructionservices.net @@ -11,7 +11,11 @@ jacksonconstructionservices.net IN SOA ns1.bhh.sh. root.jacksonconstructionservi NS ns2.bhh.sh. A 198.108.76.81 MX 1 mail.bhh.sh. + TXT "v=spf1 a mx -all" $ORIGIN jacksonconstructionservices.net. * A 198.108.76.81 +_dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@jacksonconstructionservices.net; sp=none; ri=86400" +mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" + ownercheck TXT "6133a134" status CNAME 343t.status.updown.io. diff --git a/zones/mydomains/db.webster.st b/zones/mydomains/db.webster.st new file mode 100644 index 0000000..7324453 --- /dev/null +++ b/zones/mydomains/db.webster.st @@ -0,0 +1,19 @@ +$ORIGIN . +$TTL 3600 ; 1 hour +webster.st IN SOA ns1.bhh.sh. root.webster.st. ( + 2021051905 ; serial + 86400 ; refresh (1 day) + 7200 ; retry (2 hours) + 3600000 ; expire (5 weeks 6 days 16 hours) + 172800 ; minimum (2 days) + ) + NS ns1.bhh.sh. + NS ns2.bhh.sh. + A 198.108.76.81 + MX 1 mail.bhh.sh. + TXT "v=spf1 a mx -all" +$ORIGIN webster.st. +* A 198.108.76.81 +_dmarc TXT "v=DMARC1; p=reject; ruf=mailto:postmaster@webster.st; sp=none; ri=86400" +mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE" "AnfLQMJIQjmt/PSkb1rz3z9z3bwvKlJdounLI0pHUleUNuvm3GjFMMMPAcZzQHroakx4Et" "jgS5tpRI1T5u7IYxXLRTGKIIlY6IwEC3EFRZ0+z0PSwSoNuhagESI5F5pUXBYCAQtIpCFu" "5hJE3IaYLbnAkrVgISp5MOSdZ+/GWI1Hpac0xVQhni/2s\" \"ZJl88hF6srUMyXZa89L5" "k/D24nehl+TArkf6fv0vyh3fcfSuri/aqAqCWKaVwgmPbHUht6Fjyqd3uhX14ZF5JJc2oF" "7en2QaVs97FAbSZVCl1pDozJWHytJnhZYI7k0C2TA9mkizFGxBP135mTFjDFGr7IXt8QIDAQAB" +ownercheck TXT "6133a134"