diff options
author | Johannes Löthberg <johannes@kyriasis.com> | 2015-11-06 14:02:55 +0100 |
---|---|---|
committer | Johannes Löthberg <johannes@kyriasis.com> | 2015-11-06 14:02:55 +0100 |
commit | 0f34a46287b33ce39a86250880bc97542e67a558 (patch) | |
tree | a81b154b95a54490ed06e1b5acd68060f247a4fc | |
parent | a80a3f8c2801985a3dcc3f6c4c932e93c758e425 (diff) | |
download | dns-0f34a46287b33ce39a86250880bc97542e67a558.tar.xz |
Add initial hyperboria.se zone
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
-rw-r--r-- | hyperboria.se.zone | 65 | ||||
-rw-r--r-- | named.conf | 5 |
2 files changed, 70 insertions, 0 deletions
diff --git a/hyperboria.se.zone b/hyperboria.se.zone new file mode 100644 index 0000000..ffba34d --- /dev/null +++ b/hyperboria.se.zone @@ -0,0 +1,65 @@ +; vi: ft=bindzone:ts=8:sw=8:nowrap:noet +$ORIGIN hyperboria.se. +$TTL 2h + +@ IN SOA ns1.kyriasis.com. hostmaster.hyperboria.se ( + 01 ; serial + 4h ; refresh + 1h ; retry + 1w ; expire + 1h ; minttl + ) + NS ns1.kyriasis.com. + + A 212.71.254.33 + AAAA 2a01:7e00::f03c:91ff:fe6e:f996 +h AAAA fca1:fabb:7792:f28d:4623:139:10af:549 + +www CNAME hyperboria.se + +;;; DNSSEC + +; bind 9.9 and later supports "live signing" where the nameserver automatically signs the +; zone in memory. Due to this the live zone has a larger serial number than in this file + +;;; DANE (TLSA) - http://tools.ietf.org/html/rfc6698 +; "TLSA" <usage> <selector> <match> +; usage: +; [0] match certification path & require known CA or trust anchor +; [1] match end-entity certificate & require known CA or trust anchor +; [2] match certification path, using given cert as trust anchor +; [3] match end-entity certificate +; selector: +; [0] X.509 certificate +; [1] public key +; match: +; [0] exact match +; [1] SHA-256 hash +; [2] SHA-512 hash + +;;; Mail + +;; MX +@ MX 10 theos.kyriasis.com. +@ MX 5 h.theos.kyriasis.com. +h MX 5 h.theos.kyriasis.com. + +;; SPF <http://tools.ietf.org/html/rfc4408> +@ TXT "v=spf1 a mx ~all" +@ SPF "v=spf1 a mx ~all" +h SPF "v=spf1 a mx ~all" +h TXT "v=spf1 a mx ~all" + +;;; Users + +; CERT and _pka records are used by GnuPG for looking up recipient's public key. +; - See <http://www.gushi.org/make-dns-cert/HOWTO.html> for a guide. +; - See RFC 4398 § 2.2 for CERT IPGP. + +; OPENPGPKEY records are similar, but have the complete key. +; - See <http://tools.ietf.org/html/draft-wouters-dane-openpgp-02> + +johannes TXT "Johannes Löthberg <johannes@kyriasis.com>, +46739525259" + CERT IPGP 0 0 ( FFE0756vZflba7FgjlD7myc6nQu1aHR0cHM6Ly90aGVvcy + 5reXJpYXNpcy5jb20vfmt5cmlhcy9wZ3Ata2V5LnR4dA== ) +johannes._pka TXT "v=pka1;fpr=5134EF9EAF65F95B6BB1608E50FB9B273A9D0BB5;uri=https://theos.kyriasis.com/~kyrias/pgp-key.txt" @@ -54,6 +54,11 @@ zone "kyriasis.com" IN { inline-signing yes; }; +zone "hyperboria.se" { + type master; + file "/home/kyrias/dns/hyperboria.se.zone"; +}; + zone "the-tk.com" { type slave; file "the-tk.com.zone"; |