From 0f34a46287b33ce39a86250880bc97542e67a558 Mon Sep 17 00:00:00 2001 From: Johannes Löthberg Date: Fri, 6 Nov 2015 14:02:55 +0100 Subject: Add initial hyperboria.se zone MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Johannes Löthberg --- hyperboria.se.zone | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ named.conf | 5 +++++ 2 files changed, 70 insertions(+) create mode 100644 hyperboria.se.zone diff --git a/hyperboria.se.zone b/hyperboria.se.zone new file mode 100644 index 0000000..ffba34d --- /dev/null +++ b/hyperboria.se.zone @@ -0,0 +1,65 @@ +; vi: ft=bindzone:ts=8:sw=8:nowrap:noet +$ORIGIN hyperboria.se. +$TTL 2h + +@ IN SOA ns1.kyriasis.com. hostmaster.hyperboria.se ( + 01 ; serial + 4h ; refresh + 1h ; retry + 1w ; expire + 1h ; minttl + ) + NS ns1.kyriasis.com. + + A 212.71.254.33 + AAAA 2a01:7e00::f03c:91ff:fe6e:f996 +h AAAA fca1:fabb:7792:f28d:4623:139:10af:549 + +www CNAME hyperboria.se + +;;; DNSSEC + +; bind 9.9 and later supports "live signing" where the nameserver automatically signs the +; zone in memory. Due to this the live zone has a larger serial number than in this file + +;;; DANE (TLSA) - http://tools.ietf.org/html/rfc6698 +; "TLSA" +; usage: +; [0] match certification path & require known CA or trust anchor +; [1] match end-entity certificate & require known CA or trust anchor +; [2] match certification path, using given cert as trust anchor +; [3] match end-entity certificate +; selector: +; [0] X.509 certificate +; [1] public key +; match: +; [0] exact match +; [1] SHA-256 hash +; [2] SHA-512 hash + +;;; Mail + +;; MX +@ MX 10 theos.kyriasis.com. +@ MX 5 h.theos.kyriasis.com. +h MX 5 h.theos.kyriasis.com. + +;; SPF +@ TXT "v=spf1 a mx ~all" +@ SPF "v=spf1 a mx ~all" +h SPF "v=spf1 a mx ~all" +h TXT "v=spf1 a mx ~all" + +;;; Users + +; CERT and _pka records are used by GnuPG for looking up recipient's public key. +; - See for a guide. +; - See RFC 4398 § 2.2 for CERT IPGP. + +; OPENPGPKEY records are similar, but have the complete key. +; - See + +johannes TXT "Johannes Löthberg , +46739525259" + CERT IPGP 0 0 ( FFE0756vZflba7FgjlD7myc6nQu1aHR0cHM6Ly90aGVvcy + 5reXJpYXNpcy5jb20vfmt5cmlhcy9wZ3Ata2V5LnR4dA== ) +johannes._pka TXT "v=pka1;fpr=5134EF9EAF65F95B6BB1608E50FB9B273A9D0BB5;uri=https://theos.kyriasis.com/~kyrias/pgp-key.txt" diff --git a/named.conf b/named.conf index 2e6f189..e610ed4 100644 --- a/named.conf +++ b/named.conf @@ -54,6 +54,11 @@ zone "kyriasis.com" IN { inline-signing yes; }; +zone "hyperboria.se" { + type master; + file "/home/kyrias/dns/hyperboria.se.zone"; +}; + zone "the-tk.com" { type slave; file "the-tk.com.zone"; -- cgit v1.2.3-70-g09d2