From 3c0ebebc26fc1e57318f92c5702f65c31b68e312 Mon Sep 17 00:00:00 2001 From: creme Date: Mon, 19 Aug 2019 00:18:14 +0200 Subject: [PATCH] init --- .gitignore | 5 ++ README.md | 21 ++++++ db.0 | 12 +++ db.127 | 13 ++++ db.255 | 12 +++ db.empty | 14 ++++ db.local | 14 ++++ make_perms.sh | 36 +++++++++ named.conf | 13 ++++ named.conf.default-zones | 28 +++++++ named.conf.forward | 9 +++ named.conf.local | 65 ++++++++++++++++ named.conf.options | 64 ++++++++++++++++ named.conf.slaves | 6 ++ slave_tilde | 157 +++++++++++++++++++++++++++++++++++++++ zones.rfc1918 | 20 +++++ zones/db.envs.net | 76 +++++++++++++++++++ zones/db.envs.sh | 23 ++++++ zones/db.envs.tilde | 23 ++++++ 19 files changed, 611 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 db.0 create mode 100644 db.127 create mode 100644 db.255 create mode 100644 db.empty create mode 100644 db.local create mode 100755 make_perms.sh create mode 100644 named.conf create mode 100644 named.conf.default-zones create mode 100644 named.conf.forward create mode 100644 named.conf.local create mode 100644 named.conf.options create mode 100644 named.conf.slaves create mode 100644 slave_tilde create mode 100644 zones.rfc1918 create mode 100644 zones/db.envs.net create mode 100644 zones/db.envs.sh create mode 100644 zones/db.envs.tilde diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c0c6278 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +keys +slaves +*.key +*.keys +*.private diff --git a/README.md b/README.md new file mode 100644 index 0000000..b73c93d --- /dev/null +++ b/README.md @@ -0,0 +1,21 @@ +# envs.net | DNS - bind9 config files + +This is the envs.net DNS-Server. + +## NS list +| Name | Address | Location | Type | +| --- | --- | --- | --- | +| envs.net | 89.163.145.170 | Düsseldorf | master | +| | | | | +| ns1.tildeverse.net | 51.79.32.63 | Montréal | slave | +| ns1.tildeverse.net | 2607:5300:60:823f::63 | Montréal | slave | +| ns2.tildeverse.net | 167.114.154.31 | Montréal | slave | + +## master-zones: +- envs.net +- envs.sh +- envs.tilde + +## slave server for: +- tildeverse.org +- tilde.team diff --git a/db.0 b/db.0 new file mode 100644 index 0000000..e3aabdb --- /dev/null +++ b/db.0 @@ -0,0 +1,12 @@ +; +; BIND reverse data file for broadcast zone +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. diff --git a/db.127 b/db.127 new file mode 100644 index 0000000..cd05bef --- /dev/null +++ b/db.127 @@ -0,0 +1,13 @@ +; +; BIND reverse data file for local loopback interface +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. +1.0.0 IN PTR localhost. diff --git a/db.255 b/db.255 new file mode 100644 index 0000000..e3aabdb --- /dev/null +++ b/db.255 @@ -0,0 +1,12 @@ +; +; BIND reverse data file for broadcast zone +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. diff --git a/db.empty b/db.empty new file mode 100644 index 0000000..8a12858 --- /dev/null +++ b/db.empty @@ -0,0 +1,14 @@ +; BIND reverse data file for empty rfc1918 zone +; +; DO NOT EDIT THIS FILE - it is used for multiple zones. +; Instead, copy it, edit named.conf, and use that copy. +; +$TTL 86400 +@ IN SOA localhost. root.localhost. ( + 1 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 86400 ) ; Negative Cache TTL +; +@ IN NS localhost. diff --git a/db.local b/db.local new file mode 100644 index 0000000..2f272d4 --- /dev/null +++ b/db.local @@ -0,0 +1,14 @@ +; +; BIND data file for local loopback interface +; +$TTL 604800 +@ IN SOA localhost. root.localhost. ( + 2 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL +; +@ IN NS localhost. +@ IN A 127.0.0.1 +@ IN AAAA ::1 diff --git a/make_perms.sh b/make_perms.sh new file mode 100755 index 0000000..4effe92 --- /dev/null +++ b/make_perms.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env bash + +PREFIX='/etc' +BINDIR="$PREFIX/bind" + +chown root:bind "$BINDIR"/named.conf +chown root:bind "$BINDIR"/named.conf.default-zones +chown root:bind "$BINDIR"/named.conf.local +chown root:bind "$BINDIR"/named.conf.forward +chown root:bind "$BINDIR"/named.conf.slaves +chown root:bind "$BINDIR"/named.conf.options + +chown bind:bind rndc.key +chown bind:bind envs_msT.key tilde_msT.key letsencrypt_U.key +chmod 400 envs_msT.key tilde_msT.key letsencrypt_U.key +chmod 600 Kenvs_mst.* Ktilde_mst.* Kletsencrypt_u.* + +chown root:bind "$BINDIR"/slave_tilde + +test ! -d "$BINDIR"/keys && mkdir -p "$BINDIR"/keys +test ! -d "$BINDIR"/zones && mkdir -p "$BINDIR"/zones +test ! -d "$BINDIR"/slaves && mkdir -p "$BINDIR"/slaves +chown -R bind:bind "$BINDIR"/zones "$BINDIR"/slaves +chmod 755 "$BINDIR"/zones +chmod 755 "$BINDIR"/slaves + +chown -R root:bind "$BINDIR"/keys +chmod 755 "$BINDIR"/keys +chmod 644 "$BINDIR"/keys/*.key +chmod 640 "$BINDIR"/keys/*.private + +test ! -d /var/log/named && mkdir -p /var/log/named +chown -R bind:root /var/log/named + +# +exit 0 diff --git a/named.conf b/named.conf new file mode 100644 index 0000000..84c8c94 --- /dev/null +++ b/named.conf @@ -0,0 +1,13 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.slaves"; +include "/etc/bind/named.conf.forward"; +include "/etc/bind/named.conf.default-zones"; diff --git a/named.conf.default-zones b/named.conf.default-zones new file mode 100644 index 0000000..e5af8f6 --- /dev/null +++ b/named.conf.default-zones @@ -0,0 +1,28 @@ +// prime the server with knowledge of the root servers +zone "." { + type hint; + file "/usr/share/dns/root.hints"; +}; + +// be authoritative for the localhost forward and reverse zones, and for +// broadcast zones as per RFC 1912 + +zone "localhost" { + type master; + file "/etc/bind/db.local"; +}; + +zone "127.in-addr.arpa" { + type master; + file "/etc/bind/db.127"; +}; + +zone "0.in-addr.arpa" { + type master; + file "/etc/bind/db.0"; +}; + +zone "255.in-addr.arpa" { + type master; + file "/etc/bind/db.255"; +}; diff --git a/named.conf.forward b/named.conf.forward new file mode 100644 index 0000000..fd58aba --- /dev/null +++ b/named.conf.forward @@ -0,0 +1,9 @@ +// +// Forward Zones + + +zone "tilde." IN { + type forward; + forward only; + forwarders { 139.59.215.24; 149.56.184.112; }; +}; diff --git a/named.conf.local b/named.conf.local new file mode 100644 index 0000000..e6094db --- /dev/null +++ b/named.conf.local @@ -0,0 +1,65 @@ +// +// Do any local configuration here +// + +// Consider adding the 1918 zones here, if they are not used in your +// organization +//include "/etc/bind/zones.rfc1918"; + +// ACL + +acl internals { + 127.0.0.1; + 192.168.1.0/24; +}; + + +// KEY +include "/etc/bind/envs_msT.key"; +include "/etc/bind/tilde_msT.key"; + +include "/etc/bind/letsencrypt_U.key"; + + +// SERVER +server 51.79.32.63 { keys { tilde_msT; }; }; // ns1.tildeverse.net +//server 167.114.154.31 use "ownercheck"-record // ns2.tildeverse.net + +server 139.59.215.24 { keys { envs_msT; }; }; // ns1.tildenic.org +server 149.56.184.112 { keys { envs_msT; }; }; // ns2.tildenic.org + + +// ZONES + +zone "envs.net" { + type master; + file "/etc/bind/zones/db.envs.net"; + //auto-dnssec maintain; + //inline-signing yes; + notify explicit; + also-notify { 51.79.32.63; 167.114.154.31; }; + allow-transfer { 127.0.0.1; 167.114.154.31; key tilde_msT; }; + update-policy { grant letsencrypt_U name _acme-challenge.envs.net. txt; }; +}; + +zone "envs.sh" { + type master; + file "/etc/bind/zones/db.envs.sh"; + //auto-dnssec maintain; + //inline-signing yes; + notify explicit; + also-notify { 51.79.32.63; 167.114.154.31; }; + allow-transfer { 127.0.0.1; 167.114.154.31; key tilde_msT; }; + update-policy { grant letsencrypt_U name _acme-challenge.envs.sh. txt; }; +}; + +zone "envs.tilde" { + type master; + file "/etc/bind/zones/db.envs.tilde"; + //auto-dnssec maintain; + //inline-signing yes; + notify explicit; + also-notify { 51.79.32.63; 167.114.154.31; 139.59.215.24; 149.56.184.112; }; + allow-transfer { 127.0.0.1; key envs_msT; key tilde_msT; }; + update-policy { grant letsencrypt_U name _acme-challenge.envs.tilde. txt; }; +}; diff --git a/named.conf.options b/named.conf.options new file mode 100644 index 0000000..2543287 --- /dev/null +++ b/named.conf.options @@ -0,0 +1,64 @@ +options { + directory "/var/cache/bind"; + + managed-keys-directory "/var/cache/bind"; + dump-file "/var/cache/bind/cache_dump.db"; + statistics-file "/var/cache/bind/bind_stats.txt"; + memstatistics-file "/var/cache/bind/bind_mem_stats.txt"; + + // If there is a firewall between you and nameservers you want + // to talk to, you may need to fix the firewall to allow multiple + // ports to talk. See http://www.kb.cert.org/vuls/id/800113 + + // If your ISP provided one or more IP addresses for stable + // nameservers, you probably want to use them as forwarders. + // Uncomment the following block, and insert the addresses replacing + // the all-0's placeholder. + + // forwarders { + // 0.0.0.0; + // }; + + //======================================================================== + // If BIND logs error messages about the root key being expired, + // you will need to update your keys. See https://www.isc.org/bind-keys + //======================================================================== + dnssec-enable yes; + dnssec-validation auto; + + key-directory "/etc/bind/keys/"; + + // Do not make public version of BIND + version none; + + auth-nxdomain no; # conform to RFC1035 + + recursive-clients 4096; + +// edns-udp-size 4096; +// max-udp-size 512; + + listen-on-v6 { none; }; + listen-on { any; }; + + + allow-transfer { none; }; + allow-update { none; }; + + allow-query { any; }; + allow-query-cache { internals; }; + allow-recursion { internals; }; +}; + +logging{ + channel simple_log { + file "/var/log/named/bind.log" versions 3 size 5m; + severity warning; + print-time yes; + print-severity yes; + print-category yes; + }; + category default{ + simple_log; + }; +}; diff --git a/named.conf.slaves b/named.conf.slaves new file mode 100644 index 0000000..ae28cea --- /dev/null +++ b/named.conf.slaves @@ -0,0 +1,6 @@ +// +// Slave Zones + + +// Tilde Zones - ( ben@tilde.team ) +include "/etc/bind/slave_tilde"; diff --git a/slave_tilde b/slave_tilde new file mode 100644 index 0000000..6394729 --- /dev/null +++ b/slave_tilde @@ -0,0 +1,157 @@ +// Tilde Zones - ( ben@tilde.team ) + + +zone "tildeverse.org" { + type slave; + file "/etc/bind/slaves/db.tildeverse.org"; + masters { 51.79.32.63; }; +}; + +zone "tildeverse.net" { + type slave; + file "/etc/bind/slaves/db.tildeverse.net"; + masters { 51.79.32.63; }; +}; + + +zone "fuckup.club" { + type slave; + file "/etc/bind/slaves/db.fuckup.club"; + masters { 51.79.32.63; }; +}; + + +zone "nand.pub" { + type slave; + file "/etc/bind/slaves/db.nand.pub"; + masters { 51.79.32.63; }; +}; + +zone "nand.sh" { + type slave; + file "/etc/bind/slaves/db.nand.sh"; + masters { 51.79.32.63; }; +}; + +zone "nand.team" { + type slave; + file "/etc/bind/slaves/db.nand.team"; + masters { 51.79.32.63; }; +}; + +zone "nand.zone" { + type slave; + file "/etc/bind/slaves/db.nand.zone"; + masters { 51.79.32.63; }; +}; + + +zone "tild3.org" { + type slave; + file "/etc/bind/slaves/db.tild3.org"; + masters { 51.79.32.63; }; +}; + +zone "tild3.club" { + type slave; + file "/etc/bind/slaves/db.tild3.club"; + masters { 51.79.32.63; }; +}; + + +zone "tilde.chat" { + type slave; + file "/etc/bind/slaves/db.tilde.chat"; + masters { 51.79.32.63; }; +}; + +zone "tildegit.org" { + type slave; + file "/etc/bind/slaves/db.tildegit.org"; + masters { 51.79.32.63; }; +}; + +zone "tilde.life" { + type slave; + file "/etc/bind/slaves/db.tilde.life"; + masters { 51.79.32.63; }; +}; + +zone "tildenet.org" { + type slave; + file "/etc/bind/slaves/db.tildenet.org"; + masters { 51.79.32.63; }; +}; + +zone "tilde.news" { + type slave; + file "/etc/bind/slaves/db.tilde.news"; + masters { 51.79.32.63; }; +}; + +zone "tildenic.org" { + type slave; + file "/etc/bind/slaves/db.tildenic.org"; + masters { 51.79.32.63; }; +}; + +zone "tilde.ninja" { + type slave; + file "/etc/bind/slaves/db.tilde.ninja"; + masters { 51.79.32.63; }; +}; + +zone "tilde.pizza" { + type slave; + file "/etc/bind/slaves/db.tilde.pizza"; + masters { 51.79.32.63; }; +}; + +zone "tilderadio.org" { + type slave; + file "/etc/bind/slaves/db.tilderadio.org"; + masters { 51.79.32.63; }; +}; + +zone "tilde.site" { + type slave; + file "/etc/bind/slaves/db.tilde.site"; + masters { 51.79.32.63; }; +}; + +zone "tilde.team" { + type slave; + file "/etc/bind/slaves/db.tilde.team"; + masters { 51.79.32.63; }; +}; + +zone "tildeteam.org" { + type slave; + file "/etc/bind/slaves/db.tildeteam.org"; + masters { 51.79.32.63; }; +}; + +zone "tilde.wiki" { + type slave; + file "/etc/bind/slaves/db.tilde.wiki"; + masters { 51.79.32.63; }; +}; + +zone "tilde.wtf" { + type slave; + file "/etc/bind/slaves/db.tilde.wtf"; + masters { 51.79.32.63; }; +}; + +zone "tilde.zone" { + type slave; + file "/etc/bind/slaves/db.tilde.zone"; + masters { 51.79.32.63; }; +}; + + +zone "ttm.sh" { + type slave; + file "/etc/bind/slaves/db.ttm.sh"; + masters { 51.79.32.63; }; +}; diff --git a/zones.rfc1918 b/zones.rfc1918 new file mode 100644 index 0000000..284b932 --- /dev/null +++ b/zones.rfc1918 @@ -0,0 +1,20 @@ +zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; + +zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; +zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; + +zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; }; diff --git a/zones/db.envs.net b/zones/db.envs.net new file mode 100644 index 0000000..3e79403 --- /dev/null +++ b/zones/db.envs.net @@ -0,0 +1,76 @@ +$TTL 28800 ; 8 hours +envs.net. IN SOA envs.net. root.envs.net. ( + 2019081811 ; serial + 10800 ; refresh (3 hours) + 3600 ; retry (1 hour) + 604800 ; expire (1 week) + 28800 ) ; minimum (8 hours) + NS envs.net. + NS ns1.tildeverse.net. + NS ns2.tildeverse.net. + A 89.163.145.170 + MX 10 mail.envs.net. + TXT "v=spf1 a mx ip4:5.199.136.29 ip4:5.199.130.141 ~all" + CAA 128 issue "letsencrypt.org" + SSHFP 1 1 2a3dbba3587d58c0e5ca18538fb740d4d46a147f + SSHFP 1 2 edd078ef499fce5ca186daa68e75dc888c69fa358b002898282dc413f6749458 + SSHFP 3 1 a6af5e859aab4c5aefef799e0b5f4150bfca653a + SSHFP 3 2 5340ba48a19751f96f7b5ea6da5e0a58174b2c0456e8ef13886599b17014da2e + SSHFP 4 1 26c107e80a42c37290cf17e56571c5d0714da4ba + SSHFP 4 2 57e9974ec449fa37c9331c4f943ff6f1da56a2eba7b375aeab0a69bfaca4542f +$ORIGIN envs.net. +* A 89.163.145.170 +ownercheck TXT "4b87cebc" +_dmarc TXT "v=DMARC1; p=quarantine; pct=100" +$TTL 120 ; 2 minutes +_acme-challenge TXT "rS8IyqJqj0FAU7miHtgsyA7EpkLcA7gbXPOVDqrlIs4" +$TTL 28800 ; 8 hours +modoboa._domainkey TXT ( + "v=DKIM1;k=rsa;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArRQ52xvv9yjsC9" + "+Aj0PYGM30gZLemLl0AiFYRximpnjIJvQthtz3fb4V8chrKNMPQrgz30Bi0OMpoRu3YB57BhVk" + "pLDTHkVzyXD5EXuA9BbutjEvAiD3vvAi19RIL+NAc3sDYn+c2pHP648lnN2XLvhwKOAch8lYjC" + "4t+olYWv4mqm39rEWXLq5KxDHC3NaleKB3PLxe8GbX0QK5Ma/ZIsAT5vhxQwXcq4p7HgHC3CIB" + "+EToNYqAWjQ2OiRHKD91PyBTgpA89QQTAj8xJpGVpYxafv0haTfqXiBUubSXjDOSrQvz/vsm29" + "HLf+6abE28CmcKPXw79180zrVkeC/w5kiIgd/SCdMmVoDvtnmU0TrFHD9+kwNzCYT34p9Y35Sb" + "l/FwS96d96N3rqEY/lSZONR0+fFsVqwMzdcVxm+Kfkju7rLwPY/HlT50Oj9LV8eol0ZcIDLj0R" + "uTPpgW3DagoS20KN5xUkv+nF/KdASWsUhAIBBFWUk/YL737Cl8vi6CiMvCFfeuh9npnFyziKAr" + "vVH+I0OiX981QwDptkLcrhVqvmSdXxsjYJ2ApPEXs1D3hvCvhpiUKpLq9RMWTmvr2E7kmG5iJN" + "pgd+vVKhRR386URwy6NRhs9W5AadYEUALasxr5rOPabHjhv0nBQlTiG+I8PQ5i9AMyyif2UXf+" + "llsCAwEAAQ==") +autoconfig CNAME mail +autodiscover CNAME mail +imap CNAME mail +imaps CNAME mail +lists A 5.199.136.29 +mail A 5.199.136.28 +pop CNAME mail +pops CNAME mail +smtp CNAME mail +smtps CNAME mail +webmail CNAME mail +sync A 78.31.64.115 +ssh A 5.199.139.30 +ssh SSHFP 1 1 2a3dbba3587d58c0e5ca18538fb740d4d46a147f +ssh SSHFP 1 2 edd078ef499fce5ca186daa68e75dc888c69fa358b002898282dc413f6749458 +ssh SSHFP 3 1 a6af5e859aab4c5aefef799e0b5f4150bfca653a +ssh SSHFP 3 2 5340ba48a19751f96f7b5ea6da5e0a58174b2c0456e8ef13886599b17014da2e +ssh SSHFP 4 1 26c107e80a42c37290cf17e56571c5d0714da4ba +ssh SSHFP 4 2 57e9974ec449fa37c9331c4f943ff6f1da56a2eba7b375aeab0a69bfaca4542f +git A 5.199.130.141 +git SSHFP 1 1 425f8b1f3d006890b4121b315c6d0a5643699097 +git SSHFP 1 2 0436bd7ad8ddf3a928f95f5ed82ea83a60b1faf5a877d2ca186d34c4b5ea5dbc +git SSHFP 3 1 37b0ba28a88669fd9bbeabf26781045ac0ffa4c5 +git SSHFP 3 2 1b8ba4b54d8f29591ac4f1b8dab64412fe153eb5fe9641b7b6f56b101fd5cbd1 +git SSHFP 4 1 37f3b26188e406beefbdc70558545fb211326c2b +git SSHFP 4 2 974452767ec3332ab2431bae9569c64bede1d6c6af6c3eebb036ad2f9a2ba771 +_github-challenge-envs-net TXT "099ae75811" +$ORIGIN git.envs.net. +_github-challenge-envs-net TXT "a781f9d6d2" +$ORIGIN _tcp.envs.net. +_autodiscover SRV 0 10 443 mail.envs.net. +_imap SRV 0 10 143 mail.envs.net. +_imaps SRV 0 10 993 mail.envs.net. +_pop SRV 0 10 110 mail.envs.net. +_pops SRV 0 10 995 mail.envs.net. +_smtp SRV 0 10 25 mail.envs.net. +_smtps SRV 0 10 587 mail.envs.net. diff --git a/zones/db.envs.sh b/zones/db.envs.sh new file mode 100644 index 0000000..920da5a --- /dev/null +++ b/zones/db.envs.sh @@ -0,0 +1,23 @@ +$TTL 28800 ; 8 hours +envs.sh. IN SOA envs.net. root.envs.net. ( + 2019081810 ; Serial + 10800 ; Refresh + 3600 ; Retry + 604800 ; Expire + 28800 ) ; Negative Cache TTL + NS envs.net. + NS ns1.tildeverse.net. + NS ns2.tildeverse.net. + A 89.163.145.170 + CAA 128 issue "letsencrypt.org" + SSHFP 1 1 2a3dbba3587d58c0e5ca18538fb740d4d46a147f + SSHFP 1 2 edd078ef499fce5ca186daa68e75dc888c69fa358b002898282dc413f6749458 + SSHFP 3 1 a6af5e859aab4c5aefef799e0b5f4150bfca653a + SSHFP 3 2 5340ba48a19751f96f7b5ea6da5e0a58174b2c0456e8ef13886599b17014da2e + SSHFP 4 1 26c107e80a42c37290cf17e56571c5d0714da4ba + SSHFP 4 2 57e9974ec449fa37c9331c4f943ff6f1da56a2eba7b375aeab0a69bfaca4542f +$ORIGIN envs.sh. +* A 89.163.145.170 +ownercheck TXT "4b87cebc" +$TTL 120 ; 2 minutes +_acme-challenge TXT "nagXuRRPXr5qap349w8KtFHbSDOuhseozptmI3_yMG8" diff --git a/zones/db.envs.tilde b/zones/db.envs.tilde new file mode 100644 index 0000000..20a27db --- /dev/null +++ b/zones/db.envs.tilde @@ -0,0 +1,23 @@ +$TTL 28800 ; 8 hours +envs.tilde. IN SOA envs.net. root.envs.net. ( + 2019081805 ; Serial + 10800 ; Refresh + 3600 ; Retry + 604800 ; Expire + 28800 ) ; Negative Cache TTL + NS envs.net. + NS ns1.tildeverse.net. + NS ns2.tildeverse.net. + NS ns1.tildenic.org. + NS ns2.tildenic.org. + A 89.163.145.170 + CAA 128 issue "letsencrypt.org" + SSHFP 1 1 2a3dbba3587d58c0e5ca18538fb740d4d46a147f + SSHFP 1 2 edd078ef499fce5ca186daa68e75dc888c69fa358b002898282dc413f6749458 + SSHFP 3 1 a6af5e859aab4c5aefef799e0b5f4150bfca653a + SSHFP 3 2 5340ba48a19751f96f7b5ea6da5e0a58174b2c0456e8ef13886599b17014da2e + SSHFP 4 1 26c107e80a42c37290cf17e56571c5d0714da4ba + SSHFP 4 2 57e9974ec449fa37c9331c4f943ff6f1da56a2eba7b375aeab0a69bfaca4542f +$ORIGIN envs.tilde. +* A 89.163.145.170 +ownercheck TXT "4b87cebc"