Jan Dittberner
a6f82d4019
Merge pull request 'Revert nameservers for cacert.org' ( #16 ) from revert-ns-records-to-cacert_org into main
...
Reviewed-on: critical/dns-zones#16
Reviewed-by: Dirk Astrath <dirk@cacert.org>
1 year ago
Jan Dittberner
89f7eaee9c
Revert nameservers for cacert.org
...
The registrar change to joker has been finished. This commit reverts the
NS records back to ns*.cacert.org.
This reverts commit decdd833ac
.
1 year ago
Jan Dittberner
ce333c9c21
Merge pull request 'Add records for new monitoring VM' ( #15 ) from add-new-monitoring-vm into main
...
Reviewed-on: critical/dns-zones#15
1 year ago
Jan Dittberner
da9b780bce
Add records for new monitoring VM
1 year ago
Jan Dittberner
9021726bb2
Merge pull request 'Change nameservers for cacert.org' ( #14 ) from move-cacert-org-nameservers-for-registrar-change into main
...
Reviewed-on: critical/dns-zones#14
1 year ago
Jan Dittberner
decdd833ac
Change nameservers for cacert.org
...
Switch nameservers to ns1-ns4.cacert.net to prepare switch of registrar.
1 year ago
Jan Dittberner
ad84697c8a
Merge pull request 'lists-upgrade' ( #13 ) from lists-upgrade into main
...
Reviewed-on: critical/dns-zones#13
Reviewed-by: Dirk Astrath <dirk@cacert.org>
1 year ago
Jan Dittberner
e3411f74eb
Update lists host keys
...
The lists system has been rebuilt on a new Debian 11 host with new host
keys.
1 year ago
Jan Dittberner
9cb7ac6da6
Update infra02 SSH host keys
...
- remove DSA key
- add ED25519 key
1 year ago
Jan Dittberner
7c02d092f1
Merge pull request 'Allow letsencrypt certificates for cacert.org' ( #10 ) from letsencrypt-for-code-cacert-org into main
...
Reviewed-on: critical/dns-zones#10
1 year ago
Jan Dittberner
af50047a26
Merge pull request 'Add records for OpenID connect infrastructure' ( #11 ) from oidc-records into main
...
Reviewed-on: critical/dns-zones#11
1 year ago
Jan Dittberner
701db6bb50
Merge pull request 'Fix reverse DNS for infra02' ( #12 ) from fix-infra02-ptr into main
...
Reviewed-on: critical/dns-zones#12
1 year ago
Jan Dittberner
4ca0ff5e41
Fix reverse DNS for infra02
1 year ago
Jan Dittberner
7986084a40
Add letsencrypt as allowed CA for cacert.org zone
1 year ago
Jan Dittberner
7e0d88f8bf
Order records for code.cacert.org by type
1 year ago
Jan Dittberner
03b01fff79
Allow letsencrypt certificates for code.cacert.org
1 year ago
Jan Dittberner
0bbd5741b1
Add IPv6 PTR records
1 year ago
Jan Dittberner
b6fec8ad4b
Add OIDC demo application container
1 year ago
Jan Dittberner
565c2881b0
Add appregistration and idp records
...
Add records for appregistration.cacert.org and idp.cacert.org that are
meant to be used for the IDP (Identity Provider) and application
registration parts of the OpenID Connect/OAuth2 setup.
1 year ago
Jan Dittberner
d79167a436
Add authserver records
1 year ago
Jan Dittberner
ee97f88832
Merge pull request 'clean-cacert-org-zones' ( #9 ) from clean-cacert-org-zone into main
...
Reviewed-on: critical/dns-zones#9
1 year ago
Jan Dittberner
992d534697
Tighten SPF record
...
PowerDNS cuts TXT records at 255 chars
(https://doc.powerdns.com/authoritative/appendices/types.html#txt ). This
commit reduces the size by using mx and a SPF policy entries.
1 year ago
Jan Dittberner
17106f7c86
Fix forward and reverse entries
...
- add missing AAAA records in cacert.org
- add missing PTR records in IPv6 reverse zone
- remove broken PTR records in IPv6 reverse zone
- fix SPF records
2 years ago
Jan Dittberner
1f976e4d65
Sort reverse DNS zones
2 years ago
Jan Dittberner
302a6d26f5
Sort and clean zone cacert.org
2 years ago
Jan Dittberner
b1891e9a5b
Merge pull request 'Fix warnings from pdnsutil check-all-zones' ( #6 ) from fix-pdnsutil-check-zone-warnings into main
...
Reviewed-on: critical/dns-zones#6
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2 years ago
Jan Dittberner
87e24a3b41
Merge branch 'main' into fix-pdnsutil-check-zone-warnings
2 years ago
Jan Dittberner
a3a661bfe2
Merge pull request 'Remove services that are not available anymore' ( #7 ) from remove-dead-services into main
...
Reviewed-on: critical/dns-zones#7
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2 years ago
Jan Dittberner
7744e78659
Remove services that are not available anymore
2 years ago
Jan Dittberner
50d3959257
Fix warnings from pdnsutil check-all-zones
2 years ago
Jan Dittberner
1d6b970a6a
Merge pull request 'add-secondary-ns-support' ( #5 ) from add-secondary-ns-support into main
...
Reviewed-on: critical/dns-zones#5
Reviewed-by: Dirk Astrath <dirk@cacert.org>
2 years ago
Jan Dittberner
2c896a85ac
Add support for secondary nameservers
...
Fixes #4
2 years ago
Jan Dittberner
5f7fb5235d
Remove the import_zone script
...
This commit removes the older import_zone script to avoid accidential
usage.
2 years ago
Jan Dittberner
3698bb4e53
Add README.md with usage documentation
2 years ago
Jan Dittberner
f70ee9f182
Merge pull request 'Add AAAA RR for cacert.com and cacert.net' ( #3 ) from add-missing-aaaa-records into main
...
Reviewed-on: critical/dns-zones#3
2 years ago
Jan Dittberner
d3de6eb830
Add AAAA RR for cacert.com and cacert.net
2 years ago
Jan Dittberner
91a49d40dc
manual import from ns1.cacert.org
2 years ago
Jan Dittberner
11b092beb0
Use git branch -D for reference_branch
...
This commit allows the use of a reference_branch that is not merged into
the current working directory.
Imports have been sorted by isort
2 years ago
Jan Dittberner
424bd7954f
Use sendmail instead of SMTP
...
- remove the SMTP requirement to be able to work with /usr/lib/sendmail
instead
- use f-strings where appropriate to improve readability
- use text-parameter to subprocess.run to avoid extra decode calls
2 years ago
Jan Dittberner
d93300732b
Implement update-zones.py to update zones from git
...
- ignore temporary files and Python bytecode
- add update-zones.py
2 years ago
Jan Dittberner
f70a11c863
Fix warnings from pdnsutil check-zone
...
This commit removes explicit DNSKEY entries and invalid names from the
cacert.org zone.
2 years ago
Jan Dittberner
976a391df2
Use delegated 224-27.225.154.213.in-addr.arpa zone
2 years ago
Dirk Astrath
1b231b8fb5
Add import_zone script from NS2
...
Signed-off-by: Jan Dittberner <jandd@cacert.org>
2 years ago
Dirk Astrath
143cc348cb
Remove ns3, and ocsp1 from cacert.org.
...
Signed-off-by: Jan Dittberner <jandd@cacert.org>
2 years ago
Dirk Astrath
076d4d1466
Update ns1 A and AAAA records for cacert.{com,net,org}
2 years ago
Dirk Astrath
8d1f2e0117
Update from ns2.cacert.org
2 years ago
Dirk Astrath
8f11930cf1
Switch crl.cacert.org back to critical, add crl_egal
2 years ago
Dirk Astrath
7f3670760f
Add ping.cacert.org AAAA, remove webdb.cacert.org
2 years ago
Dirk Astrath
6cbd6f92a6
Add AAAA record for webdb.cacert.org
2 years ago
Dirk Astrath
6b9aa5cced
Change AAAA record of crl.cacert.org
2 years ago