knilsson/dns-zones
1
0
Fork 0
forked from critical/dns-zones
Code Pull requests Activity

Commit graph

  • d09d38a794 Disable DKIM records main Kim Nilsson 2024-03-29 15:51:16 +0000
  • 8176bd3a30 Merge pull request 'Add missing NS record for ns3.cacert.org' (#19) from add-ns-record-for-ns3 into main Jan Dittberner 2024-02-07 12:41:05 +0000
  • c181887cec Add missing NS record for ns3.cacert.org Jan Dittberner 2024-02-07 13:36:17 +0100
  • 04125bf2f3 Merge pull request 'Fix changed ns3 and ns4 AAAA records' (#18) from fix-ns3-ns4-aaaa-records into main Jan Dittberner 2024-02-07 12:19:40 +0000
  • 9de5285a08 Fix changed ns3 and ns4 AAAA records Jan Dittberner 2023-11-11 19:48:55 +0100
  • f68f02ef0e Add alias secure1.cacert.org add-secure1-alias-for-www1 Jan Dittberner 2023-09-17 08:22:53 +0200
  • a6f82d4019 Merge pull request 'Revert nameservers for cacert.org' (#16) from revert-ns-records-to-cacert_org into main Jan Dittberner 2023-09-16 17:28:12 +0000
  • 89f7eaee9c Revert nameservers for cacert.org Jan Dittberner 2023-08-30 17:32:15 +0200
  • ce333c9c21 Merge pull request 'Add records for new monitoring VM' (#15) from add-new-monitoring-vm into main Jan Dittberner 2023-08-17 18:02:13 +0000
  • da9b780bce Add records for new monitoring VM Jan Dittberner 2023-08-13 14:06:06 +0200
  • 9021726bb2 Merge pull request 'Change nameservers for cacert.org' (#14) from move-cacert-org-nameservers-for-registrar-change into main Jan Dittberner 2023-08-09 09:52:14 +0000
  • decdd833ac Change nameservers for cacert.org Jan Dittberner 2023-07-23 13:34:31 +0200
  • ad84697c8a Merge pull request 'lists-upgrade' (#13) from lists-upgrade into main Jan Dittberner 2023-07-17 16:42:24 +0000
  • e3411f74eb Update lists host keys Jan Dittberner 2023-07-16 19:26:03 +0200
  • 9cb7ac6da6 Update infra02 SSH host keys Jan Dittberner 2023-07-16 19:25:26 +0200
  • 7c02d092f1 Merge pull request 'Allow letsencrypt certificates for cacert.org' (#10) from letsencrypt-for-code-cacert-org into main Jan Dittberner 2023-06-21 19:39:13 +0000
  • af50047a26 Merge pull request 'Add records for OpenID connect infrastructure' (#11) from oidc-records into main Jan Dittberner 2023-06-21 19:38:56 +0000
  • 701db6bb50 Merge pull request 'Fix reverse DNS for infra02' (#12) from fix-infra02-ptr into main Jan Dittberner 2023-06-21 19:38:41 +0000
  • 4ca0ff5e41 Fix reverse DNS for infra02 Jan Dittberner 2023-06-14 19:14:49 +0200
  • 7986084a40 Add letsencrypt as allowed CA for cacert.org zone Jan Dittberner 2023-06-14 18:45:40 +0200
  • 7e0d88f8bf Order records for code.cacert.org by type Jan Dittberner 2023-06-14 14:55:22 +0200
  • 03b01fff79 Allow letsencrypt certificates for code.cacert.org Jan Dittberner 2023-06-14 10:38:29 +0200
  • 0bbd5741b1 Add IPv6 PTR records Jan Dittberner 2023-05-26 18:17:27 +0200
  • b6fec8ad4b Add OIDC demo application container Jan Dittberner 2023-01-28 14:44:49 +0100
  • 565c2881b0 Add appregistration and idp records Jan Dittberner 2022-09-16 10:09:21 +0200
  • d79167a436 Add authserver records Jan Dittberner 2022-09-15 19:19:25 +0200
  • ee97f88832 Merge pull request 'clean-cacert-org-zones' (#9) from clean-cacert-org-zone into main Jan Dittberner 2023-05-26 15:18:22 +0000
  • 992d534697 Tighten SPF record Jan Dittberner 2023-05-02 20:10:20 +0200
  • 17106f7c86 Fix forward and reverse entries Jan Dittberner 2022-10-30 12:31:57 +0100
  • 1f976e4d65 Sort reverse DNS zones Jan Dittberner 2022-10-30 09:46:51 +0100
  • 302a6d26f5 Sort and clean zone cacert.org Jan Dittberner 2022-10-29 19:43:26 +0200
  • b1891e9a5b Merge pull request 'Fix warnings from pdnsutil check-all-zones' (#6) from fix-pdnsutil-check-zone-warnings into main Jan Dittberner 2022-11-26 10:26:21 +0000
  • 87e24a3b41 Merge branch 'main' into fix-pdnsutil-check-zone-warnings Jan Dittberner 2022-11-26 09:46:28 +0000
  • a3a661bfe2 Merge pull request 'Remove services that are not available anymore' (#7) from remove-dead-services into main Jan Dittberner 2022-11-26 09:46:13 +0000
  • 7744e78659 Remove services that are not available anymore Jan Dittberner 2022-10-29 19:45:19 +0200
  • 50d3959257 Fix warnings from pdnsutil check-all-zones Jan Dittberner 2022-10-23 11:52:51 +0200
  • 1d6b970a6a Merge pull request 'add-secondary-ns-support' (#5) from add-secondary-ns-support into main Jan Dittberner 2022-10-25 14:18:14 +0000
  • 2c896a85ac Add support for secondary nameservers Jan Dittberner 2022-10-23 13:52:05 +0200
  • 5f7fb5235d Remove the import_zone script Jan Dittberner 2022-10-23 13:34:01 +0200
  • 3698bb4e53 Add README.md with usage documentation Jan Dittberner 2022-10-23 13:33:43 +0200
  • f70ee9f182 Merge pull request 'Add AAAA RR for cacert.com and cacert.net' (#3) from add-missing-aaaa-records into main Jan Dittberner 2022-10-23 10:08:20 +0000
  • d3de6eb830 Add AAAA RR for cacert.com and cacert.net Jan Dittberner 2022-10-23 11:57:46 +0200
  • 91a49d40dc manual import from ns1.cacert.org manual-import Jan Dittberner 2022-10-23 10:41:58 +0200
  • 11b092beb0 Use git branch -D for reference_branch Jan Dittberner 2022-09-17 10:12:09 +0200
  • 424bd7954f Use sendmail instead of SMTP Jan Dittberner 2022-09-17 09:15:51 +0200
  • d93300732b Implement update-zones.py to update zones from git Jan Dittberner 2022-09-15 19:07:33 +0200
  • f70a11c863 Fix warnings from pdnsutil check-zone Jan Dittberner 2022-09-17 10:04:38 +0200
  • 976a391df2 Use delegated 224-27.225.154.213.in-addr.arpa zone Jan Dittberner 2022-09-16 10:00:07 +0200
  • 1b231b8fb5 Add import_zone script from NS2 Dirk Astrath 2022-09-15 17:10:52 +0200
  • 143cc348cb Remove ns3, and ocsp1 from cacert.org. Dirk Astrath 2022-09-11 09:58:21 +0200
  • 076d4d1466 Update ns1 A and AAAA records for cacert.{com,net,org} Dirk Astrath 2022-07-16 14:28:23 +0000
  • 8d1f2e0117 Update from ns2.cacert.org Dirk Astrath 2022-07-04 10:21:23 +0000
  • 8f11930cf1 Switch crl.cacert.org back to critical, add crl_egal Dirk Astrath 2022-07-10 15:31:13 +0000
  • 7f3670760f Add ping.cacert.org AAAA, remove webdb.cacert.org Dirk Astrath 2022-07-10 15:31:13 +0000
  • 6cbd6f92a6 Add AAAA record for webdb.cacert.org Dirk Astrath 2022-07-04 10:20:17 +0000
  • 6b9aa5cced Change AAAA record of crl.cacert.org Dirk Astrath 2022-07-04 09:15:06 +0000
  • 690dffbaac Update crl servers for cacert.org Dirk Astrath 2022-06-22 21:57:49 +0000
  • 493baa3a57 Update cacert.org AAAA records for ns1 and ns2 Dirk Astrath 2022-06-22 19:41:36 +0000
  • 4659cac454 Add code.cacert.org and pgsql.cacert.org Dirk Astrath 2022-06-19 18:09:33 +0000
  • f7b19773ff Update cacert.org NS records Dirk Astrath 2022-06-16 12:25:36 +0000
  • 8eb1b378c9 Sort SSHFP for hopper.cacert.org Dirk Astrath 2022-06-16 11:14:00 +0000
  • cd11540381 Convert cacert.org to PowerDNS format Dirk Astrath 2022-05-22 11:16:42 +0000
  • 11f67755b2 Change cacert.net AAAA for ns1 and ns2 Dirk Astrath 2022-06-19 18:09:25 +0000
  • 0961327761 Change NS records for cacert.net Dirk Astrath 2022-06-19 18:09:24 +0000
  • ff17ba99ce Convert cacert.net for PowerDNS Dirk Astrath 2022-06-16 11:13:52 +0000
  • 10c93e9cbb Remove cacert.community Jan Dittberner 2022-07-16 13:26:19 +0000
  • 99fcbe3e5f Change ns1/ns2 AAAA records for cacert.com Dirk Astrath 2022-06-19 18:09:17 +0000
  • 5ff4fa0ad6 Update cacert.com NS records Dirk Astrath 2022-06-16 12:36:56 +0000
  • 0da00703d6 Remove DNSSEC records from cacert.com, adapt NS records Jan Dittberner 2022-05-22 09:56:14 +0000
  • fb36036ba8 Import nsd zone for cacert.com Dirk Astrath 2022-05-16 19:10:52 +0000
  • 91fbc3f21c Re-order IPv6 reverse DNS records Dirk Astrath 2022-07-04 10:21:23 +0000
  • 7742926d51 Add IPv6 PTR records for www.cacert.org Dirk Astrath 2022-07-04 10:21:23 +0000
  • a0aa862a32 Bump IPv6 reverse SOA serial Dirk Astrath 2022-07-04 09:04:07 +0000
  • 886b2a1f3c Switch IPv6 reverse zone to PowerDNS syntax Dirk Astrath 2022-06-19 19:37:31 +0000
  • dce203320e Update IPv4 reverse zone Dirk Astrath 2022-06-19 18:36:04 +0000
  • 72e71adb89 Add reverse zones from ns2 Jan Dittberner 2022-06-19 20:35:58 +0200
  • 0e0fd05c0e Remove obsolete files Jan Dittberner 2022-07-16 12:43:42 +0200
  • c42b123843 Added webmail and infra03 import-from-svn dirk@cacert.org 2020-06-13 21:26:01 +0000
  • 76d9ba641d Added IPv6 and updated SSHFP for blog/wiki dirk@cacert.org 2020-05-10 19:06:41 +0000
  • 1129b6e7c3 Disable ns-ext.nlnetlabs.nl for cacert.{org,com,net}. Disable sns-pba.dm1.sns.isc.org for cacert.{com,net}. Drop all records for ns5.cacert.{com,net} since ISC will be ending the secondary name service on January 31, 2020. Note: ns5.cacert.org should be dropped as well before January 31, 2020. wytze@deboca.net 2019-10-19 15:20:32 +0000
  • e09bf3160b Update records for email.cacert.org and emailout.cacert.org per e-mal request from Jan Dittberner on 06.08.2019. Break up very long TXT record for spf1 in two parts to avoid hitting the 255 chars limit. wytze@deboca.net 2019-08-06 14:06:38 +0000
  • 95293b329d Apply changes for infrastructure systems per e-mail request from Jan Dittberner on 03.08.2019. wytze@deboca.net 2019-08-04 07:45:46 +0000
  • e4637553b6 Updates for mk-tlsa-recs script: - use ldns-dane from /usr/bin (parametrized) - only generate TLSA records for symlink'ed certificates - generate both domain and trust anchor TLSA records wytze@deboca.net 2019-06-06 09:22:44 +0000
  • ef022f1e09 Add A and SSHFP records for test3.cacert.org per e-mail request from Jan Dittberner on 01.11.2018. Re-enable IPv6 for ns3.cacert.org. Add CNAME records for secure.test3.cacert,org and www.test3.cacert.org. Shorten TLSA records (i.e. use 2 1 1 rather than 2 0 0). Add extra SSHFP records for test.cacert.org and test2.cacert.org. Drop ns4.cacert.org secondary server. Add fingerprints for new CAcert root certificates. wytze@deboca.net 2019-06-06 09:21:07 +0000
  • af9fc0a42c Drop ns4.cacert.com/ns4.cacert.net secondary server. Re-enable IPv6 address for ns3.cacert.com and ns.cacert.net.. wytze@deboca.net 2019-06-06 09:18:43 +0000
  • 8e9ff22085 Add CNAME for codedocs.cacert.org per e-mail request from Jan Dittberner on 27.10.2018 wytze@deboca.net 2018-10-27 07:32:37 +0000
  • 76cdf889a6 Turn off TSIG for mars.overmeer.net because this server has been upgraded to OpenSUSE 15.0. The bind 9.11.2 contained in that release appears to be incompatible with respect to TSIG handling with our NSD 4.1.12. Note that bind 9,9 and bind 9.10 work just fine ... Upgrade nsd to new release: 4.1.23. Update IPv6 address for hopper.cacert.org. wytze@deboca.net 2018-07-30 08:18:46 +0000
  • 660fb8dff6 Update CAA record to contain a valid mailto: URL. wytze@deboca.net 2018-05-02 13:15:58 +0000
  • c669cccd54 Add IPv6 address for translations.cacert.org per e-mail request from Jan Dittberner on 15.04.2018. Add IPv6 address for bugs.cacert.org per e-mail request from Jan Dittberrner on 06.04.2018. wytze@deboca.net 2018-04-17 07:20:48 +0000
  • d21b8189a8 Add IPv6 address for bugs.cacert.org per e-mail request from Jan Dittberrner on 06.04.2018. Add AAAA and update SSHFP records for irc per e-mail request from Jan Dittberner on 03.04.2018. wytze@deboca.net 2018-04-07 07:17:12 +0000
  • 20dc5d300d Add A record for proxyout per e-mail from Jan Dittbernet of 25.02.2018. wytze@deboca.net 2018-02-26 11:17:17 +0000
  • 396ec2467c Zone updates up to 25 February 2018. wytze@deboca.net 2018-02-25 09:45:00 +0000
  • c2227d5a9d Upgrade to new release: 4.1.12. Set TTL for SOA to 1 hour, and SOA expire time to 7 days, per web recommendations. wytze@deboca.net 2017-05-28 09:06:26 +0000
  • 4ca51d05f8 Update SSHFP records for hopper after migration to OpenSUSE 13.2. wytze@deboca.net 2016-08-04 09:22:58 +0000
  • ccbc0a84ca Upgrade OpenDNSSEC software to version 2.0.0-1. wytze@deboca.net 2016-07-16 15:35:41 +0000
  • ec8644b28d Add additional SSHFP records for git.cacert.org. wytze@deboca.net 2016-07-15 10:34:27 +0000
  • bcd0f029ba Add CNAME for infradocs.cacert,org pointing to webstatic.cacert.org, per e-mail request from Jan Dittberner on 05.05.2016. wytze@deboca.net 2016-05-06 09:48:00 +0000
  • 12fb5c2d9c Add script to generate TLSA records for domains found in the certs subdirectory. wytze@deboca.net 2015-12-16 16:55:43 +0000
  • cd5e89e784 Build and install the ldns example tools, so we can use the ldns-dane tool. Update SSHFP records for cats.cacert.org. Add RRs for policy.cacert.org. wytze@deboca.net 2015-12-16 16:51:27 +0000
  • 5dafcb4700 ODS-NOTES: Update instructions for key rollover. keylist: Status on 20151026 after KSK key rollover, submitting new DS hashes and issuing ods-ksmutil key ds-seen for the ready KSK's. The new KSK goes from ready to active, the old KSK from active to retire. Note that cacert.community still needs to be done. cacert.*: Disable IPv6 address for ns3, because this host is currently lacking IPv6 connectivity. wytze@deboca.net 2015-10-31 14:55:19 +0000