knilsson
/
dns-zones
forked from critical/dns-zones
1
0
Fork 0
Code Pull Requests Activity
133 Commits
2 Branches
2 Tags
248 KiB
main
add-secure1-alias-for-www1
manual-import
import-from-svn
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f68f02ef0e'
${ noResults }
Commit Graph

87 Commits (f68f02ef0e9c26f1588036db02031ea81d025604)

Author SHA1 Message Date
Jan Dittberner f68f02ef0e Add alias secure1.cacert.org 1 year ago
Jan Dittberner 89f7eaee9c Revert nameservers for cacert.org 
The registrar change to joker has been finished. This commit reverts the
NS records back to ns*.cacert.org.

This reverts commit decdd833ac.
 1 year ago
Jan Dittberner da9b780bce Add records for new monitoring VM 1 year ago
Jan Dittberner decdd833ac Change nameservers for cacert.org 
Switch nameservers to ns1-ns4.cacert.net to prepare switch of registrar.
 1 year ago
Jan Dittberner ad84697c8a Merge pull request 'lists-upgrade' (#13) from lists-upgrade into main 
Reviewed-on: critical/dns-zones#13
Reviewed-by: Dirk Astrath <dirk@cacert.org>
 1 year ago
Jan Dittberner e3411f74eb Update lists host keys 
The lists system has been rebuilt on a new Debian 11 host with new host
keys.
 1 year ago
Jan Dittberner 9cb7ac6da6 Update infra02 SSH host keys 
- remove DSA key
- add ED25519 key
 1 year ago
Jan Dittberner 7c02d092f1 Merge pull request 'Allow letsencrypt certificates for cacert.org' (#10) from letsencrypt-for-code-cacert-org into main 
Reviewed-on: critical/dns-zones#10
 1 year ago
Jan Dittberner 7986084a40 Add letsencrypt as allowed CA for cacert.org zone 1 year ago
Jan Dittberner 7e0d88f8bf Order records for code.cacert.org by type 1 year ago
Jan Dittberner 03b01fff79 Allow letsencrypt certificates for code.cacert.org 1 year ago
Jan Dittberner b6fec8ad4b Add OIDC demo application container 1 year ago
Jan Dittberner 565c2881b0 Add appregistration and idp records 
Add records for appregistration.cacert.org and idp.cacert.org that are
meant to be used for the IDP (Identity Provider) and application
registration parts of the OpenID Connect/OAuth2 setup.
 1 year ago
Jan Dittberner d79167a436 Add authserver records 1 year ago
Jan Dittberner 992d534697 Tighten SPF record 
PowerDNS cuts TXT records at 255 chars
(https://doc.powerdns.com/authoritative/appendices/types.html#txt). This
commit reduces the size by using mx and a SPF policy entries.
 1 year ago
Jan Dittberner 17106f7c86 Fix forward and reverse entries 
- add missing AAAA records in cacert.org
- add missing PTR records in IPv6 reverse zone
- remove broken PTR records in IPv6 reverse zone
- fix SPF records
 2 years ago
Jan Dittberner 302a6d26f5 Sort and clean zone cacert.org 2 years ago
Jan Dittberner 87e24a3b41 Merge branch 'main' into fix-pdnsutil-check-zone-warnings 2 years ago
Jan Dittberner 7744e78659 Remove services that are not available anymore 2 years ago
Jan Dittberner 50d3959257 Fix warnings from pdnsutil check-all-zones 2 years ago
Jan Dittberner 91a49d40dc manual import from ns1.cacert.org 2 years ago
Jan Dittberner f70a11c863 Fix warnings from pdnsutil check-zone 
This commit removes explicit DNSKEY entries and invalid names from the
cacert.org zone.
 2 years ago
Dirk Astrath 143cc348cb Remove ns3, and ocsp1 from cacert.org. 
Signed-off-by: Jan Dittberner <jandd@cacert.org>
 2 years ago
Dirk Astrath 076d4d1466 Update ns1 A and AAAA records for cacert.{com,net,org} 2 years ago
Dirk Astrath 8f11930cf1 Switch crl.cacert.org back to critical, add crl_egal 2 years ago
Dirk Astrath 7f3670760f Add ping.cacert.org AAAA, remove webdb.cacert.org 2 years ago
Dirk Astrath 6cbd6f92a6 Add AAAA record for webdb.cacert.org 2 years ago
Dirk Astrath 6b9aa5cced Change AAAA record of crl.cacert.org 2 years ago
Dirk Astrath 690dffbaac Update crl servers for cacert.org 
- add crl2
- move crl to external address
 2 years ago
Dirk Astrath 493baa3a57 Update cacert.org AAAA records for ns1 and ns2 2 years ago
Dirk Astrath 4659cac454 Add code.cacert.org and pgsql.cacert.org 2 years ago
Dirk Astrath f7b19773ff Update cacert.org NS records 2 years ago
Dirk Astrath 8eb1b378c9 Sort SSHFP for hopper.cacert.org 2 years ago
Dirk Astrath cd11540381 Convert cacert.org to PowerDNS format 2 years ago
dirk@cacert.org c42b123843 Added webmail and infra03 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2751 14b1bab8-4ef6-0310-b690-991c95c89dfd
 4 years ago
dirk@cacert.org 76d9ba641d Added IPv6 and updated SSHFP for blog/wiki 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2749 14b1bab8-4ef6-0310-b690-991c95c89dfd
 4 years ago
wytze@deboca.net e09bf3160b Update records for email.cacert.org and emailout.cacert.org per e-mal request from Jan Dittberner on 06.08.2019. 
Break up very long TXT record for spf1 in two parts to avoid hitting the 255 chars limit.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2736 14b1bab8-4ef6-0310-b690-991c95c89dfd
 5 years ago
wytze@deboca.net 95293b329d Apply changes for infrastructure systems per e-mail request from Jan Dittberner on 03.08.2019. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2735 14b1bab8-4ef6-0310-b690-991c95c89dfd
 5 years ago
wytze@deboca.net ef022f1e09 Add A and SSHFP records for test3.cacert.org per e-mail request from Jan Dittberner on 01.11.2018. 
Re-enable IPv6 for ns3.cacert.org.
Add CNAME records for secure.test3.cacert,org and www.test3.cacert.org.
Shorten TLSA records (i.e. use 2 1 1 rather than 2 0 0).
Add extra SSHFP records for test.cacert.org and test2.cacert.org.
Drop ns4.cacert.org secondary server.
Add fingerprints for new CAcert root certificates.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2727 14b1bab8-4ef6-0310-b690-991c95c89dfd
 5 years ago
wytze@deboca.net 8e9ff22085 Add CNAME for codedocs.cacert.org per e-mail request from Jan Dittberner on 27.10.2018 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2720 14b1bab8-4ef6-0310-b690-991c95c89dfd
 6 years ago
wytze@deboca.net 76cdf889a6 Turn off TSIG for mars.overmeer.net because this server has been upgraded to OpenSUSE 15.0. 
The bind 9.11.2 contained in that release appears to be incompatible with respect to TSIG
handling with our NSD 4.1.12. Note that bind 9,9 and bind 9.10 work just fine ...
Upgrade nsd to new release: 4.1.23.
Update IPv6 address for hopper.cacert.org.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2714 14b1bab8-4ef6-0310-b690-991c95c89dfd
 6 years ago
wytze@deboca.net 660fb8dff6 Update CAA record to contain a valid mailto: URL. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2705 14b1bab8-4ef6-0310-b690-991c95c89dfd
 6 years ago
wytze@deboca.net c669cccd54 Add IPv6 address for translations.cacert.org per e-mail request from Jan Dittberner on 15.04.2018. 
Add IPv6 address for bugs.cacert.org per e-mail request from Jan Dittberrner on 06.04.2018.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2702 14b1bab8-4ef6-0310-b690-991c95c89dfd
 7 years ago
wytze@deboca.net d21b8189a8 Add IPv6 address for bugs.cacert.org per e-mail request from Jan Dittberrner on 06.04.2018. 
Add AAAA and update SSHFP records for irc per e-mail request from Jan Dittberner on 03.04.2018.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2699 14b1bab8-4ef6-0310-b690-991c95c89dfd
 7 years ago
wytze@deboca.net 20dc5d300d Add A record for proxyout per e-mail from Jan Dittbernet of 25.02.2018. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2697 14b1bab8-4ef6-0310-b690-991c95c89dfd
 7 years ago
wytze@deboca.net 396ec2467c Zone updates up to 25 February 2018. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2695 14b1bab8-4ef6-0310-b690-991c95c89dfd
 7 years ago
wytze@deboca.net c2227d5a9d Upgrade to new release: 4.1.12. 
Set TTL for SOA to 1 hour, and SOA expire time to 7 days, per web recommendations.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2685 14b1bab8-4ef6-0310-b690-991c95c89dfd
 7 years ago
wytze@deboca.net 4ca51d05f8 Update SSHFP records for hopper after migration to OpenSUSE 13.2. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2670 14b1bab8-4ef6-0310-b690-991c95c89dfd
 8 years ago
wytze@deboca.net ccbc0a84ca Upgrade OpenDNSSEC software to version 2.0.0-1. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2658 14b1bab8-4ef6-0310-b690-991c95c89dfd
 8 years ago
wytze@deboca.net ec8644b28d Add additional SSHFP records for git.cacert.org. 
git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2656 14b1bab8-4ef6-0310-b690-991c95c89dfd
 8 years ago