7c02d092f1
Merge pull request 'Allow letsencrypt certificates for cacert.org' ( #10 ) from letsencrypt-for-code-cacert-org into main
...
Reviewed-on: critical/dns-zones#10
2023-06-21 19:39:13 +00:00
af50047a26
Merge pull request 'Add records for OpenID connect infrastructure' ( #11 ) from oidc-records into main
...
Reviewed-on: critical/dns-zones#11
2023-06-21 19:38:56 +00:00
701db6bb50
Merge pull request 'Fix reverse DNS for infra02' ( #12 ) from fix-infra02-ptr into main
...
Reviewed-on: critical/dns-zones#12
2023-06-21 19:38:41 +00:00
4ca0ff5e41
Fix reverse DNS for infra02
2023-06-14 19:14:49 +02:00
7986084a40
Add letsencrypt as allowed CA for cacert.org zone
2023-06-14 18:45:40 +02:00
7e0d88f8bf
Order records for code.cacert.org by type
2023-06-14 14:55:22 +02:00
03b01fff79
Allow letsencrypt certificates for code.cacert.org
2023-06-14 10:39:23 +02:00
0bbd5741b1
Add IPv6 PTR records
2023-05-26 18:17:27 +02:00
b6fec8ad4b
Add OIDC demo application container
2023-05-26 18:12:26 +02:00
565c2881b0
Add appregistration and idp records
...
Add records for appregistration.cacert.org and idp.cacert.org that are
meant to be used for the IDP (Identity Provider) and application
registration parts of the OpenID Connect/OAuth2 setup.
2023-05-26 18:12:26 +02:00
d79167a436
Add authserver records
2023-05-26 18:12:26 +02:00
ee97f88832
Merge pull request 'clean-cacert-org-zones' ( #9 ) from clean-cacert-org-zone into main
...
Reviewed-on: critical/dns-zones#9
2023-05-26 15:18:22 +00:00
992d534697
Tighten SPF record
...
PowerDNS cuts TXT records at 255 chars
(https://doc.powerdns.com/authoritative/appendices/types.html#txt ). This
commit reduces the size by using mx and a SPF policy entries.
2023-05-02 20:10:20 +02:00
17106f7c86
Fix forward and reverse entries
...
- add missing AAAA records in cacert.org
- add missing PTR records in IPv6 reverse zone
- remove broken PTR records in IPv6 reverse zone
- fix SPF records
2023-01-28 13:10:51 +01:00
1f976e4d65
Sort reverse DNS zones
2023-01-28 13:10:51 +01:00
302a6d26f5
Sort and clean zone cacert.org
2023-01-28 13:10:51 +01:00
b1891e9a5b
Merge pull request 'Fix warnings from pdnsutil check-all-zones' ( #6 ) from fix-pdnsutil-check-zone-warnings into main
...
Reviewed-on: critical/dns-zones#6
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2022-11-26 10:26:21 +00:00
87e24a3b41
Merge branch 'main' into fix-pdnsutil-check-zone-warnings
2022-11-26 09:46:28 +00:00
a3a661bfe2
Merge pull request 'Remove services that are not available anymore' ( #7 ) from remove-dead-services into main
...
Reviewed-on: critical/dns-zones#7
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2022-11-26 09:46:13 +00:00
7744e78659
Remove services that are not available anymore
2022-10-29 19:45:19 +02:00
50d3959257
Fix warnings from pdnsutil check-all-zones
2022-10-29 18:41:33 +02:00
1d6b970a6a
Merge pull request 'add-secondary-ns-support' ( #5 ) from add-secondary-ns-support into main
...
Reviewed-on: critical/dns-zones#5
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2022-10-25 14:18:14 +00:00
2c896a85ac
Add support for secondary nameservers
...
Fixes #4
2022-10-23 13:52:05 +02:00
5f7fb5235d
Remove the import_zone script
...
This commit removes the older import_zone script to avoid accidential
usage.
2022-10-23 13:34:01 +02:00
3698bb4e53
Add README.md with usage documentation
2022-10-23 13:33:43 +02:00
f70ee9f182
Merge pull request 'Add AAAA RR for cacert.com and cacert.net' ( #3 ) from add-missing-aaaa-records into main
...
Reviewed-on: critical/dns-zones#3
2022-10-23 10:08:20 +00:00
d3de6eb830
Add AAAA RR for cacert.com and cacert.net
2022-10-23 11:57:46 +02:00
91a49d40dc
manual import from ns1.cacert.org
2022-10-23 10:41:58 +02:00
11b092beb0
Use git branch -D for reference_branch
...
This commit allows the use of a reference_branch that is not merged into
the current working directory.
Imports have been sorted by isort
2022-10-23 08:02:52 +00:00
424bd7954f
Use sendmail instead of SMTP
...
- remove the SMTP requirement to be able to work with /usr/lib/sendmail
instead
- use f-strings where appropriate to improve readability
- use text-parameter to subprocess.run to avoid extra decode calls
2022-10-23 08:02:52 +00:00
d93300732b
Implement update-zones.py to update zones from git
...
- ignore temporary files and Python bytecode
- add update-zones.py
2022-10-23 08:02:52 +00:00
f70a11c863
Fix warnings from pdnsutil check-zone
...
This commit removes explicit DNSKEY entries and invalid names from the
cacert.org zone.
2022-09-17 10:04:38 +02:00
976a391df2
Use delegated 224-27.225.154.213.in-addr.arpa zone
2022-09-16 10:12:12 +02:00
1b231b8fb5
Add import_zone script from NS2
...
Signed-off-by: Jan Dittberner <jandd@cacert.org>
2022-09-15 17:11:31 +02:00
143cc348cb
Remove ns3, and ocsp1 from cacert.org.
...
Signed-off-by: Jan Dittberner <jandd@cacert.org>
2022-09-11 09:58:21 +02:00
076d4d1466
Update ns1 A and AAAA records for cacert.{com,net,org}
2022-07-16 15:20:10 +00:00
8d1f2e0117
Update from ns2.cacert.org
2022-07-16 15:13:22 +00:00
8f11930cf1
Switch crl.cacert.org back to critical, add crl_egal
2022-07-16 14:26:05 +00:00
7f3670760f
Add ping.cacert.org AAAA, remove webdb.cacert.org
2022-07-16 14:24:11 +00:00
6cbd6f92a6
Add AAAA record for webdb.cacert.org
2022-07-16 13:53:51 +00:00
6b9aa5cced
Change AAAA record of crl.cacert.org
2022-07-16 13:48:30 +00:00
690dffbaac
Update crl servers for cacert.org
...
- add crl2
- move crl to external address
2022-07-16 13:46:46 +00:00
493baa3a57
Update cacert.org AAAA records for ns1 and ns2
2022-07-16 13:42:54 +00:00
4659cac454
Add code.cacert.org and pgsql.cacert.org
2022-07-16 13:41:27 +00:00
f7b19773ff
Update cacert.org NS records
2022-07-16 13:40:02 +00:00
8eb1b378c9
Sort SSHFP for hopper.cacert.org
2022-07-16 13:38:16 +00:00
cd11540381
Convert cacert.org to PowerDNS format
2022-07-16 13:36:23 +00:00
11f67755b2
Change cacert.net AAAA for ns1 and ns2
2022-07-16 13:33:23 +00:00
0961327761
Change NS records for cacert.net
2022-07-16 13:31:40 +00:00
ff17ba99ce
Convert cacert.net for PowerDNS
...
- change zone syntax to absolute names
- add ns2, ns4, ns5
2022-07-16 13:29:22 +00:00