summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2024-06-02Add CAA record for luciferJohannes Löthberg2-1/+3
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-30Bump kyriasis.com serialJohannes Löthberg1-1/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-30Reduce -safety values to 1 dayJohannes Löthberg1-2/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-27Drop Matrix SRV recordJohannes Löthberg1-6/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-27Add pie-in-the-sky.kitchenJohannes Löthberg3-0/+75
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-26Set publish-safety and retire-safety to 7dJohannes Löthberg1-0/+2
This gives more leeway when keys are rotated. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-26Add remmy.foo domainJohannes Löthberg3-0/+82
Replacement for remmy.io Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-16Add vault. cnameJohannes Löthberg1-1/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-05-16Sort cname listJohannes Löthberg1-8/+9
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-04-20Make XMPPS SRV records preferedJohannes Löthberg1-3/+3
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2024-04-20Add XMPP over TLS SRV recordsJohannes Löthberg1-1/+3
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2023-11-06Drop food.actualJohannes Löthberg1-2/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2023-11-06Drop matrix recordsJohannes Löthberg1-5/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2023-07-15Add food.actual.Johannes Löthberg1-1/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2023-07-12Add actual.Johannes Löthberg1-1/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-11-02Add inline-signingJohannes Löthberg1-0/+2
https://kb.isc.org/docs/dnssec-policy-requires-dynamic-dns-or-inline-signing Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-31Add tailscale hostsJohannes Löthberg1-1/+5
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-31Drop the-tk.com zone from slave configJohannes Löthberg1-9/+0
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-31Drop _openpgpkey DANE recordsJohannes Löthberg2-36/+0
They're sort of useless since they're big and not used. WKD is more widely used. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-31Fix modelinesJohannes Löthberg4-7/+8
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-28Add dnssec log fileJohannes Löthberg1-0/+10
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-28Move xfer log to /var/named/logJohannes Löthberg1-2/+3
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-28Fix email in SOAJohannes Löthberg2-4/+4
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-28Add parental-agents for automatic KSK published checkingJohannes Löthberg1-0/+14
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Fix remmy.io MXJohannes Löthberg1-2/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Re-add accidentally removed allow-transferJohannes Löthberg1-0/+10
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Switch from explicit notify to notify yesJohannes Löthberg1-19/+5
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Drop the-tk.com slaveJohannes Löthberg1-9/+0
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Add remmy.io zoneJohannes Löthberg3-0/+73
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Switch to fully automatic DNSSEC managementJohannes Löthberg1-4/+9
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Add Google to SPF policyJohannes Löthberg1-2/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27kyriasis.com: Add CAA recordJohannes Löthberg1-0/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2022-08-27Move config directoryJohannes Löthberg2-17/+16
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-10-10Split Lets Encrypt TLSA records out into separate zone fileJohannes Löthberg2-74/+24
This removes a bunch of duplication, and leads to easier updates in the future. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-10-10Update Lets Encrypt TLSA recordsJohannes Löthberg1-5/+72
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-10-10Add SIP SRV records pointing to theosJohannes Löthberg1-0/+4
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-10-10Drop h.theos domainJohannes Löthberg1-4/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Bump serialJohannes Löthberg1-1/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Add TLSA records for mail portsJohannes Löthberg1-0/+7
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Add correct TLSA digestJohannes Löthberg1-2/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Bump serialJohannes Löthberg1-1/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11SpacingJohannes Löthberg1-0/+4
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Remove unused theos.kyriasis.com.zoneJohannes Löthberg1-39/+0
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Add theos SSH host keysJohannes Löthberg1-0/+20
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Add theos.kyriasis.com:443 TLSA recordJohannes Löthberg1-0/+1
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Drop remmy.io zoneJohannes Löthberg2-47/+0
Moved to hosted DNS. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Bump serialsJohannes Löthberg2-2/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11remmy.io: Update self TXTsJohannes Löthberg1-1/+2
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-03-11Update PGP recordsJohannes Löthberg3-357/+31
The PKA records are a mess these days with GnuPG not documenting the formats properly and completely changing the format. Kept the DANE record as that is actually standardized by an RFC. This won't be used either on modern GnuPG installations as WKD is the only remote auto locate mechanism enabled by default. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2020-02-22Bunch of changes, yayJohannes Löthberg1-6/+8
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>