diff options
author | Johannes Löthberg <johannes@kyriasis.com> | 2020-10-10 17:47:00 +0000 |
---|---|---|
committer | Johannes Löthberg <johannes@kyriasis.com> | 2020-10-10 17:47:00 +0000 |
commit | 95ef6cb2a0284c42a6f0b8e5c0e4adff6cde9985 (patch) | |
tree | 5a02292ecf6a29dc1be1e8fcb2250832f77209e4 | |
parent | 4858e3b1982da983bac1a9f53d0f657d975bd801 (diff) | |
download | dns-95ef6cb2a0284c42a6f0b8e5c0e4adff6cde9985.tar.xz |
Split Lets Encrypt TLSA records out into separate zone file
This removes a bunch of duplication, and leads to easier updates in the
future.
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
-rw-r--r-- | kyriasis.com.zone | 82 | ||||
-rw-r--r-- | letsencrypt-tlsa.zone | 16 |
2 files changed, 24 insertions, 74 deletions
diff --git a/kyriasis.com.zone b/kyriasis.com.zone index 5cf59a0..ec41d2d 100644 --- a/kyriasis.com.zone +++ b/kyriasis.com.zone @@ -3,7 +3,7 @@ $ORIGIN kyriasis.com. $TTL 24h @ IN SOA theos.kyriasis.com. hostmaster ( - 2011 ; serial + 2013 ; serial 24h ; refresh 2h ; retry 1w ; expire @@ -16,33 +16,8 @@ $TTL 24h A 212.71.254.33 AAAA 2a01:7e00:e000:136::1 - ; X3 -_443._tcp TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 - ; X4 - TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b - ; E1 - TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 - ; E2 - TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 - ; R3 - TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d - ; R4 - TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 - theos A 212.71.254.33 theos AAAA 2a01:7e00:e000:136::1 - ; X3 -_443._tcp.theos TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 - ; X4 - TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b - ; E1 - TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 - ; E2 - TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 - ; R3 - TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d - ; R4 - TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 direct.theos AAAA 2a01:7e00::f03c:91ff:fe6e:f996 v4.theos A 212.71.254.33 v6.theos AAAA 2a01:7e00:e000:136::1 @@ -144,54 +119,13 @@ _imap._tcp SRV 0 0 143 theos _imaps._tcp SRV 0 0 993 theos ;; TLSA - ; X3 -_25._tcp.theos TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 - ; X4 - TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b - ; E1 - TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 - ; E2 - TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 - ; R3 - TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d - ; R4 - TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 - ; X3 -_587._tcp.theos TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 - ; X4 - TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b - ; E1 - TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 - ; E2 - TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 - ; R3 - TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d - ; R4 - TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 - ; X3 -_143._tcp.theos TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 - ; X4 - TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b - ; E1 - TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 - ; E2 - TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 - ; R3 - TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d - ; R4 - TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 - ; X3 -_993._tcp.theos TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 - ; X4 - TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b - ; E1 - TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 - ; E2 - TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 - ; R3 - TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d - ; R4 - TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 +$INCLUDE "/home/kyrias/dns/letsencrypt-tlsa.zone" _443._tcp.kyriasis.com. +$INCLUDE "/home/kyrias/dns/letsencrypt-tlsa.zone" _443._tcp.theos.kyriasis.com. + +$INCLUDE "/home/kyrias/dns/letsencrypt-tlsa.zone" _25._tcp.theos.kyriasis.com. +$INCLUDE "/home/kyrias/dns/letsencrypt-tlsa.zone" _587._tcp.theos.kyriasis.com. +$INCLUDE "/home/kyrias/dns/letsencrypt-tlsa.zone" _143._tcp.theos.kyriasis.com. +$INCLUDE "/home/kyrias/dns/letsencrypt-tlsa.zone" _993._tcp.theos.kyriasis.com. ;; Google Postmaster Tools @ TXT "google-site-verification=Fj3Hc-7_JPc6WlEF_TMwYTGStln3kuz8vTJsMgoyKA8" diff --git a/letsencrypt-tlsa.zone b/letsencrypt-tlsa.zone new file mode 100644 index 0000000..4bfdf26 --- /dev/null +++ b/letsencrypt-tlsa.zone @@ -0,0 +1,16 @@ +; vim: ft=bindzone + + ; X3 +@ TLSA 2 1 1 60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18 + ; X4 + TLSA 2 1 1 b111dd8a1c2091a89bd4fd60c57f0716cce50feeff8137cdbee0326e02cf362b + ; E1 + TLSA 2 1 1 276fe8a8c4ec7611565bf9fce6dcace9be320c1b5bea27596b2204071ed04f10 + ; E2 + TLSA 2 1 1 bd936e72b212ef6f773102c6b77d38f94297322efc25396bc3279422e0c89270 + ; R3 + TLSA 2 1 1 8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d + ; R4 + TLSA 2 1 1 e5545e211347241891c554a03934cde9b749664a59d26d615fe58f77990f2d03 + + |