summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2014-08-17 18:02:30 +0100
committerJohannes Löthberg <johannes@kyriasis.com>2014-08-18 12:53:53 +0100
commit9796c8bcb686c6bf0aaa8052ee91c98c81df5ad3 (patch)
treef7ebbc58ad01ba72e7d7e56ac9f87e7375c3c16b
parentd908c785dfd93e87bebb6dd6194e8746c2249685 (diff)
downloaddns-9796c8bcb686c6bf0aaa8052ee91c98c81df5ad3.tar.xz
Dump with a bunch of reorganizing
Merged in theos.kyriasis.com.zone again, only keep lucifer separate
-rw-r--r--kyriasis.com.zone129
-rw-r--r--lucifer.kyriasis.com.zone23
-rw-r--r--theos.kyriasis.com.zone18
3 files changed, 115 insertions, 55 deletions
diff --git a/kyriasis.com.zone b/kyriasis.com.zone
index 5555518..5afbea1 100644
--- a/kyriasis.com.zone
+++ b/kyriasis.com.zone
@@ -1,10 +1,9 @@
; vi: ft=bindzone:ts=8:sw=8:nowrap:noet
$ORIGIN kyriasis.com.
$TTL 2h
-; kyriasis.com
@ IN SOA theos.kyriasis.com. hostmaster (
- 19 ; serial
+ 28 ; serial
4h ; refresh
1h ; retry
1w ; expire
@@ -17,60 +16,130 @@ $TTL 2h
A 178.79.157.58
AAAA 2a01:7e00::f03c:91ff:fe69:1787
+theos A 212.71.254.33
+theos AAAA 2a01:7e00::f03c:91ff:fe6e:f996
+
NS1 A 212.71.254.33
NS1 AAAA 2a01:7e00::f03c:91ff:fe6e:f996
NS2 A 178.79.157.58
NS2 AAAA 2a01:7e00::f03c:91ff:fe69:1787
www CNAME kyriasis.com.
+git CNAME theos.kyriasis.com.
+ldap CNAME theos.kyriasis.com.
+
+;;; Keybase verification
+@ TXT "keybase-site-verification=ps0bAlsiJPIhNZy3mN-xDArc8f9A-AEoVhgsC6NDLDk"
+theos TXT "keybase-site-verification=_bApRga8QdQm0OpTxOZLeBFAPDB1_VV_BGbB8X-jw-M"
+
+;;; DNSSEC
+
+; bind 9.9 and later supports "live signing" where the nameserver automatically signs the
+; zone in memory. Due to this the live zone has a larger serial number than in this file
+
+;;; DANE (TLSA) - http://tools.ietf.org/html/rfc6698
+; "TLSA" <usage> <selector> <match>
+; usage:
+; [0] match certification path & require known CA or trust anchor
+; [1] match end-entity certificate & require known CA or trust anchor
+; [2] match certification path, using given cert as trust anchor
+; [3] match end-entity certificate
+; selector:
+; [0] X.509 certificate
+; [1] public key
+; match:
+; [0] exact match
+; [1] SHA-256 hash
+; [2] SHA-512 hash
+
+;; theos
+; https; StartSSL
+_443._tcp.theos TLSA 3 0 1 35da01bd9fed5e538baae2cb423dd6923f8d313c774f2da1b40e64d418e3f271
-; Mail
+
+;;; Mail
+
+;; MX
@ MX 5 theos.kyriasis.com.
@ MX 20 lucifer.kyriasis.com.
+theos MX 5 theos.kyriasis.com.
+;; SPF <http://tools.ietf.org/html/rfc4408>
@ TXT "v=spf1 a mx ~all"
- SPF "v=spf1 a mx ~all"
+@ SPF "v=spf1 a mx ~all"
+theos SPF "v=spf1 a mx ~all"
+theos TXT "v=spf1 a mx ~all"
+;; DKIM <http://tools.ietf.org/html/rfc6376>
theos._domainkey TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDp4YIk0oJEW1PbPBwCEr8o/e7koQ57jHLmBml1nRKwcBSH/TIkuqz85YYT72s88LaXVlaz2JDygT43edcD/kBxPPDXAqfME8PRGxXi5X2nmyhbCBT+Q5w0kiPkbGOta8pes1Ger1tUIcvRWhuiqX5QHB0pY/cJ+rBBPb7VGqjHLwIDAQABoQ57jHLmBml1nRKwcBSH/TIku"
lucifer._domainkey TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCurY0mrJZT5KKUYDfXkceauC2lLGk0E6z75bq0IcPcoNNrXbHIYQMuN5VMulrXv3qF6lbcJwA87XnvE7uS7471fmEYXluOZ2A+HdPm/W/LL1Z9De4LTgt45AWzanczDGxekh5hdy/VCwkxw1Kq6TA9G1fPJTF2sVvqo8JHNoI5swIDAQAB"
+theos._domainkey.theos TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDp4YIk0oJEW1PbPBwCEr8o/e7koQ57jHLmBml1nRKwcBSH/TIkuqz85YYT72s88LaXVlaz2JDygT43edcD/kBxPPDXAqfME8PRGxXi5X2nmyhbCBT+Q5w0kiPkbGOta8pes1Ger1tUIcvRWhuiqX5QHB0pY/cJ+rBBPb7VGqjHLwIDAQABoQ57jHLmBml1nRKwcBSH/TIku"
-; Kerberos
-_kerberos TXT "KYRIASIS.COM"
+;; SRV for email discovery <https://tools.ietf.org/html/rfc6186>
+;; (not sure if anything useful uses them?)
+_submission._tcp SRV 0 0 587 theos.kyriasis.com.
+_imap._tcp SRV 0 0 143 theos.kyriasis.com.
+_imaps._tcp SRV 0 0 993 theos.kyriasis.com.
-_kerberos._udp SRV 0 0 88 theos.kyriasis.com.
+;;; Kerberos <http://web.mit.edu/Kerberos/krb5-latest/doc/admin/realm_config.html>
+_kerberos TXT "KYRIASIS.COM"
+_kerberos._udp SRV 0 0 88 theos.kyriasis.com.
_kerberos._tcp SRV 0 0 88 theos.kyriasis.com.
+_kerberos-master._udp SRV 0 0 88 theos.kyriasis.com.
+_kerberos-adm._tcp SRV 0 0 749 theos.kyriasis.com.
+_kpasswd._udp SRV 0 0 464 theos.kyriasis.com.
-_kerberos-master._tcp SRV 0 0 88 theos.kyriasis.com.
-_kerberos-adm._tcp SRV 0 0 749 theos.kyriasis.com.
+;;; LDAP
+_ldap._tcp SRV 0 0 389 theos.kyriasis.com.
+_ldaps._tcp SRV 0 0 636 theos.kyriasis.com.
-_kpasswd._udp SRV 0 0 464 theos.kyriasis.com.
-_kpasswd._tcp SRV 0 0 464 theos.kyriasis.com.
+;;; SSH hostkeys <http://tools.ietf.org/html/rfc4255>
+; <http://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xhtml>
+; "SSHFP" <algorithm> <fingerprint type> <fingerpint>
+; algorithm:
+; [1] RSA
+; [2] DSA
+; [3] ECDSA
+; [4] ED25519
+; fingerprint type:
+; [1] SHA-1
+; [2] SHA-256
+
+;; theos
+; RSA
+theos SSHFP 1 1 35fb44db05be6c6b6867663021c1375c78ebdf33
+theos SSHFP 1 2 74befd1f190727fd27ab0f20338a352264d7da1cafe14dd7315a25d6
+; Ed25519
+theos SSHFP 4 1 50a1c85a3c98ca1bbc44a6b602b6be662a51b433
+theos SSHFP 4 2 bc7d361c8576cc7e6ddfc12b9d826074d2201a521233b94896c1cb6c06a87e41
-$INCLUDE "/home/kyrias/dns/theos.kyriasis.com.zone"
-$INCLUDE "/home/kyrias/dns/lucifer.kyriasis.com.zone"
+;;; Users
-zeth A 213.141.70.53
-arch NS ns1.he.net.
- NS ns2.he.net.
- NS ns3.he.net.
- NS ns4.he.net.
- NS ns5.he.net.
+; CERT and _pka records are used by GnuPG for looking up recipient's public key.
+; - See <http://www.gushi.org/make-dns-cert/HOWTO.html> for a guide.
+; - See RFC 4398 § 2.2 for CERT IPGP.
-@ TXT "keybase-site-verification=ps0bAlsiJPIhNZy3mN-xDArc8f9A-AEoVhgsC6NDLDk"
+; OPENPGPKEY records are similar, but have the complete key.
+; - See <http://tools.ietf.org/html/draft-wouters-dane-openpgp-02>
+
+johannes TXT "Johannes Löthberg <johannes@kyriasis.com>, +46739525259"
+ CERT IPGP 0 0 ( FFE0756vZflba7FgjlD7myc6nQu1aHR0cHM6Ly90aGVvcy
+ 5reXJpYXNpcy5jb20vfmt5cmlhcy9wZ3Ata2V5LnR4dA== )
johannes._pka TXT "v=pka1;fpr=5134EF9EAF65F95B6BB1608E50FB9B273A9D0BB5;uri=https://theos.kyriasis.com/~kyrias/pgp-key.txt"
-@ NAPTR 10 100 "s" "SIPS+D2T" "" _sips._tcp.kyriasis.com.
- NAPTR 20 100 "s" "SIP+D2T" "" _sip._tcp.kyriasis.com.
- NAPTR 30 100 "s" "SIP+D2U" "" _sip._udp.kyriasis.com.
-_sips._tcp SRV 100 100 443 proxy.sipthor.net.
-_sip._tcp SRV 100 100 5060 proxy.sipthor.net.
-_sip_.udp SRV 100 100 5060 proxy.sipthor.net.
-_msrps._tcp SRV 0 0 2855 msrprelay.sipthor.net.
-_stun._udp SRV 0 0 3478 stun1.dns-hosting.info.
-_stun._udp SRV 0 0 3478 stun2.dns-hosting.info.
-xcap TXT "https://xcap.sipthor.net/xcap-root/"
+;;; Delegated subdomains
+
+;; Arch-TkK
+arch NS ns1.he.net.
+ NS ns2.he.net.
+ NS ns3.he.net.
+ NS ns4.he.net.
+ NS ns5.he.net.
+
+
+$INCLUDE "/home/kyrias/dns/lucifer.kyriasis.com.zone"
diff --git a/lucifer.kyriasis.com.zone b/lucifer.kyriasis.com.zone
index 2a6a32c..4d8b8a8 100644
--- a/lucifer.kyriasis.com.zone
+++ b/lucifer.kyriasis.com.zone
@@ -3,13 +3,22 @@ $ORIGIN lucifer.kyriasis.com.
@ A 178.79.157.58
AAAA 2a01:7e00::f03c:91ff:fe69:1787
-; Mail
+;;; Mail
+
+;; MX
MX 5 lucifer.kyriasis.com.
+
+;; SPF
SPF "v=spf1 a mx ~all"
TXT "v=spf1 a mx ~all"
- SSHFP 1 1 06d9f22983ac5469e60f0e214546981d1d67f801
- SSHFP 1 2 2f9f884c8b05d1c39fb81b75ffcdb895efccf55c93c94d679bbcd3044be0c4a0
- SSHFP 2 1 bed6131495ce22c022bd0424abb28d932a63083a
- SSHFP 2 2 16780fba314356063637685f58a769ab1cd2f7ede4f2668d603a6f5530c4a4e5
- SSHFP 3 1 7d7fc4b56b7a31a90b1ffc8a4b6842335474f7ae
- SSHFP 3 2 bcf5f7c730a7aae19b5743d09003f80a590f179c4537590227b543cd9760575d
+
+;;; SSH hostkeys
+; RSA
+ SSHFP 1 1 06d9f22983ac5469e60f0e214546981d1d67f801
+ SSHFP 1 2 2f9f884c8b05d1c39fb81b75ffcdb895efccf55c93c94d679bbcd3044be0c4a0
+; DSA
+ SSHFP 2 1 bed6131495ce22c022bd0424abb28d932a63083a
+ SSHFP 2 2 16780fba314356063637685f58a769ab1cd2f7ede4f2668d603a6f5530c4a4e5
+; ECDSA
+ SSHFP 3 1 7d7fc4b56b7a31a90b1ffc8a4b6842335474f7ae
+ SSHFP 3 2 bcf5f7c730a7aae19b5743d09003f80a590f179c4537590227b543cd9760575d
diff --git a/theos.kyriasis.com.zone b/theos.kyriasis.com.zone
deleted file mode 100644
index 503f884..0000000
--- a/theos.kyriasis.com.zone
+++ /dev/null
@@ -1,18 +0,0 @@
-; vi: ft=bindzone:ts=8:sw=8:nowrap:noet
-$ORIGIN theos.kyriasis.com.
-
-@ A 212.71.254.33
- AAAA 2a01:7e00::f03c:91ff:fe6e:f996
-
-; Mail
-@ MX 5 theos.kyriasis.com.
- SPF "v=spf1 a mx ~all"
- TXT "v=spf1 a mx ~all"
-theos._domainkey TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDp4YIk0oJEW1PbPBwCEr8o/e7koQ57jHLmBml1nRKwcBSH/TIkuqz85YYT72s88LaXVlaz2JDygT43edcD/kBxPPDXAqfME8PRGxXi5X2nmyhbCBT+Q5w0kiPkbGOta8pes1Ger1tUIcvRWhuiqX5QHB0pY/cJ+rBBPb7VGqjHLwIDAQABoQ57jHLmBml1nRKwcBSH/TIku"
-
-@ SSHFP 1 1 35fb44db05be6c6b6867663021c1375c78ebdf33
-@ SSHFP 1 2 74befd1f190727fd27ab0f20338a352264d7da1cafe14dd7315a25d6b96ffcd2
-@ SSHFP 2 1 3885ac981b57edf6fb075361f8392aaae6089864
-@ SSHFP 2 2 ac837ca3986959534db02c9a5f4c607d23a314a297375673934fb4cfa00185a1
-@ SSHFP 3 1 5994563a3ecd488970a31b6cc6467f053323ed5b
-@ SSHFP 3 2 fa7ce1e7f830b3e1f296858dd596684fec1088dc16097a5729c1073a027d2386