knilsson/dns-zones
1
0
Fork 0
forked from critical/dns-zones
Code Pull requests Activity
133 commits 2 branches 2 tags 248 KiB
Commit graph

133 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jan Dittberner
f68f02ef0e Add alias secure1.cacert.org 2023-09-17 08:23:08 +02:00
Jan Dittberner
a6f82d4019 Merge pull request 'Revert nameservers for cacert.org' (#16) from revert-ns-records-to-cacert_org into main 
Reviewed-on: critical/dns-zones#16
Reviewed-by: Dirk Astrath <dirk@cacert.org>
 2023-09-16 17:28:12 +00:00
Jan Dittberner
89f7eaee9c Revert nameservers for cacert.org 
The registrar change to joker has been finished. This commit reverts the
NS records back to ns*.cacert.org.

This reverts commit decdd833ac.
 2023-08-30 17:32:15 +02:00
Jan Dittberner
ce333c9c21 Merge pull request 'Add records for new monitoring VM' (#15) from add-new-monitoring-vm into main 
Reviewed-on: critical/dns-zones#15
 2023-08-17 18:02:13 +00:00
Jan Dittberner
da9b780bce Add records for new monitoring VM 2023-08-13 14:06:06 +02:00
Jan Dittberner
9021726bb2 Merge pull request 'Change nameservers for cacert.org' (#14) from move-cacert-org-nameservers-for-registrar-change into main 
Reviewed-on: critical/dns-zones#14
 2023-08-09 09:52:14 +00:00
Jan Dittberner
decdd833ac Change nameservers for cacert.org 
Switch nameservers to ns1-ns4.cacert.net to prepare switch of registrar.
 2023-07-23 13:34:31 +02:00
Jan Dittberner
ad84697c8a Merge pull request 'lists-upgrade' (#13) from lists-upgrade into main 
Reviewed-on: critical/dns-zones#13
Reviewed-by: Dirk Astrath <dirk@cacert.org>
 2023-07-17 16:42:24 +00:00
Jan Dittberner
e3411f74eb Update lists host keys 
The lists system has been rebuilt on a new Debian 11 host with new host
keys.
 2023-07-16 19:26:03 +02:00
Jan Dittberner
9cb7ac6da6 Update infra02 SSH host keys 
- remove DSA key
- add ED25519 key
 2023-07-16 19:25:26 +02:00
Jan Dittberner
7c02d092f1 Merge pull request 'Allow letsencrypt certificates for cacert.org' (#10) from letsencrypt-for-code-cacert-org into main 
Reviewed-on: critical/dns-zones#10
 2023-06-21 19:39:13 +00:00
Jan Dittberner
af50047a26 Merge pull request 'Add records for OpenID connect infrastructure' (#11) from oidc-records into main 
Reviewed-on: critical/dns-zones#11
 2023-06-21 19:38:56 +00:00
Jan Dittberner
701db6bb50 Merge pull request 'Fix reverse DNS for infra02' (#12) from fix-infra02-ptr into main 
Reviewed-on: critical/dns-zones#12
 2023-06-21 19:38:41 +00:00
Jan Dittberner
4ca0ff5e41 Fix reverse DNS for infra02 2023-06-14 19:14:49 +02:00
Jan Dittberner
7986084a40 Add letsencrypt as allowed CA for cacert.org zone 2023-06-14 18:45:40 +02:00
Jan Dittberner
7e0d88f8bf Order records for code.cacert.org by type 2023-06-14 14:55:22 +02:00
Jan Dittberner
03b01fff79 Allow letsencrypt certificates for code.cacert.org 2023-06-14 10:39:23 +02:00
Jan Dittberner
0bbd5741b1 Add IPv6 PTR records 2023-05-26 18:17:27 +02:00
Jan Dittberner
b6fec8ad4b Add OIDC demo application container 2023-05-26 18:12:26 +02:00
Jan Dittberner
565c2881b0 Add appregistration and idp records 
Add records for appregistration.cacert.org and idp.cacert.org that are
meant to be used for the IDP (Identity Provider) and application
registration parts of the OpenID Connect/OAuth2 setup.
 2023-05-26 18:12:26 +02:00
Jan Dittberner
d79167a436 Add authserver records 2023-05-26 18:12:26 +02:00
Jan Dittberner
ee97f88832 Merge pull request 'clean-cacert-org-zones' (#9) from clean-cacert-org-zone into main 
Reviewed-on: critical/dns-zones#9
 2023-05-26 15:18:22 +00:00
Jan Dittberner
992d534697 Tighten SPF record 
PowerDNS cuts TXT records at 255 chars
(https://doc.powerdns.com/authoritative/appendices/types.html#txt). This
commit reduces the size by using mx and a SPF policy entries.
 2023-05-02 20:10:20 +02:00
Jan Dittberner
17106f7c86 Fix forward and reverse entries 
- add missing AAAA records in cacert.org
- add missing PTR records in IPv6 reverse zone
- remove broken PTR records in IPv6 reverse zone
- fix SPF records
 2023-01-28 13:10:51 +01:00
Jan Dittberner
1f976e4d65 Sort reverse DNS zones 2023-01-28 13:10:51 +01:00
Jan Dittberner
302a6d26f5 Sort and clean zone cacert.org 2023-01-28 13:10:51 +01:00
Jan Dittberner
b1891e9a5b Merge pull request 'Fix warnings from pdnsutil check-all-zones' (#6) from fix-pdnsutil-check-zone-warnings into main 
Reviewed-on: critical/dns-zones#6
Reviewed-by: Dirk Astrath <dirk@cacert.org>
 2022-11-26 10:26:21 +00:00
Jan Dittberner
87e24a3b41 Merge branch 'main' into fix-pdnsutil-check-zone-warnings 2022-11-26 09:46:28 +00:00
Jan Dittberner
a3a661bfe2 Merge pull request 'Remove services that are not available anymore' (#7) from remove-dead-services into main 
Reviewed-on: critical/dns-zones#7
Reviewed-by: Dirk Astrath <dirk@cacert.org>
 2022-11-26 09:46:13 +00:00
Jan Dittberner
7744e78659 Remove services that are not available anymore 2022-10-29 19:45:19 +02:00
Jan Dittberner
50d3959257 Fix warnings from pdnsutil check-all-zones 2022-10-29 18:41:33 +02:00
Jan Dittberner
1d6b970a6a Merge pull request 'add-secondary-ns-support' (#5) from add-secondary-ns-support into main 
Reviewed-on: critical/dns-zones#5
Reviewed-by: Dirk Astrath <dirk@cacert.org>
 2022-10-25 14:18:14 +00:00
Jan Dittberner
2c896a85ac Add support for secondary nameservers 
Fixes #4
 2022-10-23 13:52:05 +02:00
Jan Dittberner
5f7fb5235d Remove the import_zone script 
This commit removes the older import_zone script to avoid accidential
usage.
 2022-10-23 13:34:01 +02:00
Jan Dittberner
3698bb4e53 Add README.md with usage documentation 2022-10-23 13:33:43 +02:00
Jan Dittberner
f70ee9f182 Merge pull request 'Add AAAA RR for cacert.com and cacert.net' (#3) from add-missing-aaaa-records into main 
Reviewed-on: critical/dns-zones#3
 2022-10-23 10:08:20 +00:00
Jan Dittberner
d3de6eb830 Add AAAA RR for cacert.com and cacert.net 2022-10-23 11:57:46 +02:00
Jan Dittberner
91a49d40dc manual import from ns1.cacert.org 2022-10-23 10:41:58 +02:00
Jan Dittberner
11b092beb0 Use git branch -D for reference_branch 
This commit allows the use of a reference_branch that is not merged into
the current working directory.

Imports have been sorted by isort
 2022-10-23 08:02:52 +00:00
Jan Dittberner
424bd7954f Use sendmail instead of SMTP 
- remove the SMTP requirement to be able to work with /usr/lib/sendmail
  instead
- use f-strings where appropriate to improve readability
- use text-parameter to subprocess.run to avoid extra decode calls
 2022-10-23 08:02:52 +00:00
Jan Dittberner
d93300732b Implement update-zones.py to update zones from git 
- ignore temporary files and Python bytecode
- add update-zones.py
 2022-10-23 08:02:52 +00:00
Jan Dittberner
f70a11c863 Fix warnings from pdnsutil check-zone 
This commit removes explicit DNSKEY entries and invalid names from the
cacert.org zone.
 2022-09-17 10:04:38 +02:00
Jan Dittberner
976a391df2 Use delegated 224-27.225.154.213.in-addr.arpa zone 2022-09-16 10:12:12 +02:00
Dirk Astrath
1b231b8fb5 Add import_zone script from NS2 
Signed-off-by: Jan Dittberner <jandd@cacert.org>
 2022-09-15 17:11:31 +02:00
Dirk Astrath
143cc348cb Remove ns3, and ocsp1 from cacert.org. 
Signed-off-by: Jan Dittberner <jandd@cacert.org>
 2022-09-11 09:58:21 +02:00
Dirk Astrath
076d4d1466 Update ns1 A and AAAA records for cacert.{com,net,org} 2022-07-16 15:20:10 +00:00
Dirk Astrath
8d1f2e0117 Update from ns2.cacert.org 2022-07-16 15:13:22 +00:00
Dirk Astrath
8f11930cf1 Switch crl.cacert.org back to critical, add crl_egal 2022-07-16 14:26:05 +00:00
Dirk Astrath
7f3670760f Add ping.cacert.org AAAA, remove webdb.cacert.org 2022-07-16 14:24:11 +00:00
Dirk Astrath
6cbd6f92a6 Add AAAA record for webdb.cacert.org 2022-07-16 13:53:51 +00:00