; vi: ft=bindzone:ts=8:sw=8:nowrap:noet $ORIGIN kyriasis.com. $TTL 2h @ IN SOA theos.kyriasis.com. hostmaster ( 44 ; serial 4h ; refresh 1h ; retry 1w ; expire 1h ; minttl ) NS ns1.kyriasis.com. NS ns2.kyriasis.com. ; -> lucifer.kyriasis.com A 178.79.157.58 AAAA 2a01:7e00::f03c:91ff:fe69:1787 theos A 212.71.254.33 theos AAAA 2a01:7e00::f03c:91ff:fe6e:f996 NS1 A 212.71.254.33 NS1 AAAA 2a01:7e00::f03c:91ff:fe6e:f996 NS2 A 178.79.157.58 NS2 AAAA 2a01:7e00::f03c:91ff:fe69:1787 www CNAME kyriasis.com. www.theos CNAME theos.kyriasis.com. git CNAME theos.kyriasis.com. ldap CNAME theos.kyriasis.com. autoconfig CNAME theos.kyriasis.com. ca CNAME theos.kyriasis.com. wiki CNAME theos.kyriasis.com. ;;; Keybase verification @ TXT "keybase-site-verification=ps0bAlsiJPIhNZy3mN-xDArc8f9A-AEoVhgsC6NDLDk" theos TXT "keybase-site-verification=_bApRga8QdQm0OpTxOZLeBFAPDB1_VV_BGbB8X-jw-M" ;;; DNSSEC ; bind 9.9 and later supports "live signing" where the nameserver automatically signs the ; zone in memory. Due to this the live zone has a larger serial number than in this file ;;; DANE (TLSA) - http://tools.ietf.org/html/rfc6698 ; "TLSA" ; usage: ; [0] match certification path & require known CA or trust anchor ; [1] match end-entity certificate & require known CA or trust anchor ; [2] match certification path, using given cert as trust anchor ; [3] match end-entity certificate ; selector: ; [0] X.509 certificate ; [1] public key ; match: ; [0] exact match ; [1] SHA-256 hash ; [2] SHA-512 hash ;; theos ; https; StartSSL _443._tcp.theos TLSA 3 0 1 35da01bd9fed5e538baae2cb423dd6923f8d313c774f2da1b40e64d418e3f271 ;;; Mail ;; MX @ MX 5 theos.kyriasis.com. @ MX 5 lucifer.kyriasis.com. theos MX 5 theos.kyriasis.com. theos MX 25 lucifer.kyriasis.com. lists MX 5 theos.kyriasis.com. ;; SPF @ TXT "v=spf1 a mx ~all" @ SPF "v=spf1 a mx ~all" theos SPF "v=spf1 a mx ~all" theos TXT "v=spf1 a mx ~all" ;; DKIM theos._domainkey TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5u7MOeQk0oIgy64BcFDvmxiRGuZBPTFaFvRTz0LZMIq66E0iW76RFC9tBONQrVvVUCeMldmgy7AGjRMbZaszgtL14PJQeD9HDfbVnEVQhS12kMY2HPR3HruwfLcSgADjBwt3nVkdXusjTsNoGB/Yj7+Bdr/HFHi5blLB3a+6S7wIDAQAB" lucifer._domainkey TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYcYHES1v8w5pgSxmU5OuvG+JoNCynxPNnTzzwaiG6AWvTbToCRrqjVksCxeC+3YpzVvJGU3NifmM6c64rJRz/IVZYkim0UkZP2L07fhm0mUNwkcemziTG9YmrcGI9h9BiSYoW+v0hZuGjtmDUfPzupLYk1Cif3ZPZg7IwUai5+QIDAQAB" theos._domainkey.theos TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5u7MOeQk0oIgy64BcFDvmxiRGuZBPTFaFvRTz0LZMIq66E0iW76RFC9tBONQrVvVUCeMldmgy7AGjRMbZaszgtL14PJQeD9HDfbVnEVQhS12kMY2HPR3HruwfLcSgADjBwt3nVkdXusjTsNoGB/Yj7+Bdr/HFHi5blLB3a+6S7wIDAQAB" ;; SRV for email discovery ;; (not sure if anything useful uses them?) _submission._tcp SRV 0 0 587 theos.kyriasis.com. _imap._tcp SRV 0 0 143 theos.kyriasis.com. _imaps._tcp SRV 0 0 993 theos.kyriasis.com. ;;; Kerberos _kerberos TXT "KYRIASIS.COM" _kerberos._udp SRV 0 0 88 theos.kyriasis.com. _kerberos._tcp SRV 0 0 88 theos.kyriasis.com. _kerberos-master._udp SRV 0 0 88 theos.kyriasis.com. _kerberos-adm._tcp SRV 0 0 749 theos.kyriasis.com. _kpasswd._udp SRV 0 0 464 theos.kyriasis.com. ;;; LDAP _ldap._tcp SRV 0 0 389 theos.kyriasis.com. _ldaps._tcp SRV 0 0 636 theos.kyriasis.com. ;;; Gale gale CNAME theos.kyriasis.com. ;;; SSH hostkeys ; ; "SSHFP" ; algorithm: ; [1] RSA ; [2] DSA ; [3] ECDSA ; [4] ED25519 ; fingerprint type: ; [1] SHA-1 ; [2] SHA-256 ;; theos ; RSA theos SSHFP 1 1 35fb44db05be6c6b6867663021c1375c78ebdf33 theos SSHFP 1 2 74befd1f190727fd27ab0f20338a352264d7da1cafe14dd7315a25d6 ; Ed25519 theos SSHFP 4 1 50a1c85a3c98ca1bbc44a6b602b6be662a51b433 theos SSHFP 4 2 bc7d361c8576cc7e6ddfc12b9d826074d2201a521233b94896c1cb6c06a87e41 ;;; Users ; CERT and _pka records are used by GnuPG for looking up recipient's public key. ; - See for a guide. ; - See RFC 4398 § 2.2 for CERT IPGP. ; OPENPGPKEY records are similar, but have the complete key. ; - See johannes TXT "Johannes Löthberg , +46739525259" CERT IPGP 0 0 ( FFE0756vZflba7FgjlD7myc6nQu1aHR0cHM6Ly90aGVvcy 5reXJpYXNpcy5jb20vfmt5cmlhcy9wZ3Ata2V5LnR4dA== ) johannes._pka TXT "v=pka1;fpr=5134EF9EAF65F95B6BB1608E50FB9B273A9D0BB5;uri=https://theos.kyriasis.com/~kyrias/pgp-key.txt" ;;; Delegated subdomains ;; Arch-Tk arch NS ns1.he.net. NS ns2.he.net. NS ns3.he.net. NS ns4.he.net. NS ns5.he.net. $INCLUDE "/home/kyrias/dns/lucifer.kyriasis.com.zone"