knilsson
/
dns-zones
forked from critical/dns-zones
1
0
Fork 0
Code Pull Requests Activity
136 Commits
2 Branches
2 Tags
248 KiB
main
add-secure1-alias-for-www1
manual-import
import-from-svn
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8176bd3a30'
${ noResults }
Commit Graph

136 Commits (8176bd3a30786fb84b5de18c520daa7a04ac172e)
 

Author SHA1 Message Date
wytze@deboca.net 9c0e9a6848 Add A and SSHFP records for jenkins.cacert.org per e-mail request from Jan Dittberner. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2598 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 462ded1819 Update SSHFP records for emailout per e-mail from Jan Dittberner on 02.02.2015. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2597 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net cbaf82b142 Update SSHFP records for cacert-fw01 and cacert-fw02 after upgrading firewall OS to OpenBSD 5.6. 
Update IPv4 address for openppm.cacert.org per e-mail from Benedikt Heintel 08.01.2015.
Add A and SSHFP records for web, funding, webstatic per e-mail request from Jan Dittberner.
See also https://bugs.cacert.org/view.php?id=1363 for details about the shared IP setup.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2592 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 3a45494988 Update IPv4 and IPv6 addresses for ns4.cacert.org aka ns-ext.nlnetlabs.nl. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2582 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 0a3250a333 Add A record for hopper. 
Add additional SSHFP records for hopper.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2580 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net acc6312310 Add IPv6 support for OCSP service. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2575 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net bada7a02c3 Add IPv6 address for crl.cacert.org. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2574 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net f773d5fa50 Add TLSA record for www.cacert.org and secure.cacert.org. 
This supports effective use of the DNSSEC/TLSA Validator browser plugin
available from CZ.NIC Labs.
The records have been created with https://www.huque.com/bin/gen_tlsa
using these parameters:
  certificate usage: DANE-TA (2) trust anchor
  selector:          full cert (0)
  matching type:     exact match (0)
  certificate:       https://www.cacert.org/certs/root.der


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2570 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 8d476903f2 Add new (signed) zone cacert.community. 
Add zone file for reverse IPv4 for CAcert 213.154.225.224/27.
Add IPv6 address for ns1.cacert.com and ns1.cacert.net.
Drop obsolete dlv record.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2561 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 12f67876e4 Update INSTALL script for boxbackup client. 
Drop A records for audit.cacert.org and dev.cacert.org (no longer existing) and
add A record for openppm.cacert.org, per e-mail request from Benedik Heintel on
June 1, 2014.
Add resource records for critmon.cacert.org.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2560 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 5e86a71ef5 Add experimental AAAA record for ocsp-ipv6.cacert.org. 
Add some missing SSHFP records for infrastructure.cacert.org.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2559 14b1bab8-4ef6-0310-b690-991c95c89dfd
 10 years ago
wytze@deboca.net 4c2106515c Add two CNAME records per e-mail request from Mario Lipinski on 23.02.2014. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2548 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net d417978a99 Add SSHFP records for infrastructure hosts. 
Reorganize layout for better readability and maintainability.
Remove SSHFP records for monitor.cacert.org, because they are illegal: monitor is a CNAME.
Add CNAME records for www.test.cacert.org and www.test2.cacert.org.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2543 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net be584cdb5e Add PTR records for the full infra and critical networks. 
Add four new infrastructure systems.
Put the "real" infrastructure systems in a /80 subnet to simplify firewall rules.
Correct network addresses in comments.
Name changes per e-mail request from Mario Lipinski on 05.02.2014.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2542 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net 0bb876704e Upgrade nsd to new release: 3.2.17. 
Add PTR record for ns1.cacert.org in 2001:07b8:616.ip6 zone.
Drop dummy PTR record from 2001:07b8:616.ip6 zone.
Add AAAA record for ns1.cacert.org. to cacert.org zone.
Configure nsd for external access over IPv6.
Expand firewall script to support IPv6.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2534 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net 3234773ffd Add A record for eu.cacert.org (which is actually cacert.eu), 
to show that the IPv4 address in our range is taken.
Add IPv6 address, SSHFP and PTR records for hopper.cacert.org.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2533 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net 7935fda852 Drop wwwmail (mail name for www server) from the DNS. 
Add new zone 224-27.225.154.213.in-addr.arpa (reverse IPv4 of cacert.org).


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2531 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net f01c9a7ad7 Zone file updates. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2528 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net 208362da77 Update TXT spf1 record for blog.cacert.org. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2527 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net 3b120dbb93 Add new zone 6.1.6.0.8.b.7.0.1.0.0.2.ip6.arpa (reverse IPv6 of cacert.org). 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2526 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net d720f4cb4b Synchronize with real server. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2519 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net d66f23b210 Update A and AAAA records for ns3 after server migration of mars.overmeer.net. 
Drop obsolete name 'hlin' from the cacert.org zone.
Drop wwwdb and securedb entries which were added for testing new web server.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2503 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net d35d204bed Update A and AAAA records for ns3 after server migration of mars.overmeer.net. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2502 14b1bab8-4ef6-0310-b690-991c95c89dfd
 11 years ago
wytze@deboca.net 9da4b0b01b Drop nameserver ns2 because it will be taken out of service soon. 
A corresponding change has already been made in the GKG.NET registry.
Drop newsys.gun.de secondary nameserver for cacert.{org,net,com} because it
will be taken out of service soon, and drop its TSIG key as well.
Add temporary experimental A and AAAA records for wwwdb and securedb,
as part of the migration of CAcert's main webserver to new hardware.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2482 14b1bab8-4ef6-0310-b690-991c95c89dfd
 12 years ago
wytze@deboca.net 458788978e Update SPF record for lists.cacert.org because it appears that this host is now 
sending mail directly instead of via the cacert.org mail host, as a result of
the recent Tunix firewall changes.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2390 14b1bab8-4ef6-0310-b690-991c95c89dfd
 12 years ago
wytze@deboca.net 8cf45a34bd Also add IPv6 address for cacert.org itself. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2388 14b1bab8-4ef6-0310-b690-991c95c89dfd
 12 years ago
wytze@deboca.net 8fee8bffc4 Add IPv6 addresses for {www,secure,tverify}.cacert.org in preparation for 
World IPv6 Launch on 6 June 2012.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2386 14b1bab8-4ef6-0310-b690-991c95c89dfd
 12 years ago
wytze@deboca.net 16bbfbae33 Add A records for infrastructure.cacert.org and monitor.cacert.org, both pointing 
to 213.154.225.230, per e-mail request from Mario Lipinski on May 23, 2012.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2384 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net a519fee7de Remove A records for cod.cacert.org and translingo.cacert.org per e-mail request 
from Mario Lipinski on 20.05.2012.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2383 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net aeb3bc5df4 Reduce SOA expiration timer from 1 week to 2 days, in order to comply with a 
recommendation made in RFC 4641bis: the SOA expiration timer should be between
1/4th and 1/3rd of the size of the signature validity period (1 week at CAcert).


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2370 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net f11071c031 Drop CNAME records for stamp and timestamp, since this service hasn't been 
supported anymore for years, and has also been removed from the Apache2
webserver configuration on the CAcert webdb server.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2365 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net 65da9bc2cf Remove A record for hashserver service which has been shut down. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2363 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net ef4f5fb100 Remove A records for services which have been shut down recently. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2362 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net 7fb1ff3d79 DKIM records changed after infrastructure update. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2360 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net b1cd8b50f3 Remove A record for research.cacert.org per e-mail request from Piers Lauder. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2338 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago
wytze@deboca.net 3f4424d7b6 Add software configuration for CAcert ns server. 
The primary revision control is kept in RCS on the actual server,
but the RCS logs of that server are also kept in this svn repository.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2323 14b1bab8-4ef6-0310-b690-991c95c89dfd
 13 years ago