From 16f1c41625d2ecbe34c38351bcd0c1892df85ffa Mon Sep 17 00:00:00 2001 From: Lexi Winter Date: Sat, 7 Jun 2025 12:23:01 +0100 Subject: use erb templates for zones --- Makefile | 80 ++++++++++-- zones/0_26.76.23.172.in-addr.arpa.zone | 19 --- zones/0_26.76.23.172.in-addr.arpa.zone.erb | 25 ++++ zones/117.73.187.81.in-addr.arpa.zone | 15 --- zones/117.73.187.81.in-addr.arpa.zone.erb | 20 +++ zones/160-175.96.2.81.in-addr.arpa.zone | 20 --- zones/160-175.96.2.81.in-addr.arpa.zone.erb | 26 ++++ zones/18.198.in-addr.arpa.zone | 11 -- zones/18.198.in-addr.arpa.zone.erb | 21 +++ zones/192-207.47.187.81.in-addr.arpa.zone | 25 ---- zones/192-207.47.187.81.in-addr.arpa.zone.erb | 31 +++++ zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone | 15 --- zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb | 21 +++ zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone | 45 ------- zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone.erb | 51 ++++++++ zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone | 15 --- zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb | 21 +++ zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone | 19 --- zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone.erb | 25 ++++ zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone | 32 ----- zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone.erb | 38 ++++++ zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone | 13 -- zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone.erb | 19 +++ zones/le-fay.dn42.zone | 64 ---------- zones/le-fay.dn42.zone.erb | 65 ++++++++++ zones/le-fay.org.uk.zone | 13 -- zones/le-fay.org.uk.zone.erb | 19 +++ zones/le-fay.org.zone | 159 ----------------------- zones/le-fay.org.zone.erb | 163 ++++++++++++++++++++++++ zones/rt.uk.eu.org.zone | 15 --- zones/rt.uk.eu.org.zone.erb | 20 +++ 31 files changed, 634 insertions(+), 491 deletions(-) delete mode 100644 zones/0_26.76.23.172.in-addr.arpa.zone create mode 100644 zones/0_26.76.23.172.in-addr.arpa.zone.erb delete mode 100644 zones/117.73.187.81.in-addr.arpa.zone create mode 100644 zones/117.73.187.81.in-addr.arpa.zone.erb delete mode 100644 zones/160-175.96.2.81.in-addr.arpa.zone create mode 100644 zones/160-175.96.2.81.in-addr.arpa.zone.erb delete mode 100644 zones/18.198.in-addr.arpa.zone create mode 100644 zones/18.198.in-addr.arpa.zone.erb delete mode 100644 zones/192-207.47.187.81.in-addr.arpa.zone create mode 100644 zones/192-207.47.187.81.in-addr.arpa.zone.erb delete mode 100644 zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone create mode 100644 zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb delete mode 100644 zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone create mode 100644 zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone.erb delete mode 100644 zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone create mode 100644 zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb delete mode 100644 zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone create mode 100644 zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone.erb delete mode 100644 zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone create mode 100644 zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone.erb delete mode 100644 zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone create mode 100644 zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone.erb delete mode 100644 zones/le-fay.dn42.zone create mode 100644 zones/le-fay.dn42.zone.erb delete mode 100644 zones/le-fay.org.uk.zone create mode 100644 zones/le-fay.org.uk.zone.erb delete mode 100644 zones/le-fay.org.zone create mode 100644 zones/le-fay.org.zone.erb delete mode 100644 zones/rt.uk.eu.org.zone create mode 100644 zones/rt.uk.eu.org.zone.erb diff --git a/Makefile b/Makefile index 3b77e2d..2812b1b 100644 --- a/Makefile +++ b/Makefile @@ -1,12 +1,31 @@ -# Our local master server. +### Our local master server. MASTER= hemlock.eden.le-fay.org -MASTER_ADDR!= getaddrinfo -f inet6 -p tcp -t stream hemlock.eden.le-fay.org|awk '{ print $$4 }' - -# The DN42 master server. +MASTER_ADDR!= getaddrinfo -f inet6 -p tcp -t stream ${MASTER} \ + | awk '{ print $$4 }' + +### Default SOA values. +# Serial is always 1; nsdiff handles this magically. +SOA_MNAME= ${MASTER}. +SOA_RNAME= hostmaster.le-fay.org. +SOA_SERIAL= 1 +SOA_REFRESH= 1d +SOA_RETRY= 1h +SOA_EXPIRE= 2w +SOA_MINIMUM= 5m +# Default value for $TTL. +TTL= 1h +# Nameservers to use for Internet zones. +NAMESERVERS= ns1.le-fay.org \ + ns2.le-fay.org \ + ns3.le-fay.org + +### The DN42 master server. DN42_MASTER= fd42:4242:2601:ac53::1 -NSDIFF= nsdiff -NSDIFFFLAGS= -Sserial -s ${MASTER} +NSUPDATE?= nsupdate +NSUPDATE_FLAGS?=-g +NSDIFF?= nsdiff +NSDIFFFLAGS?= -Sserial -s ${MASTER} DIFF?= # The zones we serve. @@ -26,6 +45,19 @@ ZONES= le-fay.org \ 0/26.76.23.172.in-addr.arpa \ 18.198.in-addr.arpa +# Template variables for primary zones. +ZONE_PROCESS_FLAGS= \ + -Dttl=${TTL} \ + -Dnameservers="${NAMESERVERS}" \ + -Dsoa_mname=${SOA_MNAME} \ + -Dsoa_rname=${SOA_RNAME} \ + -Dsoa_serial=${SOA_SERIAL} \ + -Dsoa_refresh=${SOA_REFRESH} \ + -Dsoa_retry=${SOA_RETRY} \ + -Dsoa_expire=${SOA_EXPIRE} \ + -Dsoa_minimum=${SOA_MINIMUM} + + # These zones are used for DN42. DN42_ZONES= \ dn42 \ @@ -73,39 +105,65 @@ UNBOUND_PROCESS_FLAGS= \ UNBOUND_PROCESS_FLAGS.witch.le-fay.org= -Dtls=yes UNBOUND_PROCESS_FLAGS.turnera.le-fay.org= -Dtls=yes +# The default target doesn't do anything. all: @echo "Please specify a target:" @echo " make diff show diff between zone files and online zone" @echo " make update-zones update online zones" @echo " make unbound-update build and install Unbound configs" +# Define the clean target to do nothing; we add dependencies to this below. clean: -.PATH: ${.CURDIR}/zones +# File paths. +ZONEDIR=${.CURDIR}/zones +.PATH: ${ZONEDIR} .OBJDIR: ${.CURDIR}/build +.SUFFIXES: .zone.erb .czone .PHONY: all update-zones clean +### Define targets for primary zones. + .for zone in ${ZONES} +# Update this zone when running update-zones. update-zones: ${zone} +# The zone itself is not a real file. .PHONY: ${zone} -${zone}: ${zone:S,/,_,g}.zone +# How to build a processed zone from a file zone. +${zone:S,/,_,g}.czone: Makefile ${zone:S,/,_,g}.zone.erb + ${.CURDIR}/bin/process \ + -Dzone=${zone} \ + ${ZONE_PROCESS_FLAGS} \ + ${ZONEDIR}/${zone:S,/,_,g}.zone.erb $@ + +# Take the built .czone file and send it to nsdiff. +# If DIFF is set, just print the diff instead of sending it to nsupdate. +${zone}: ${zone:S,/,_,g}.czone .if ${DIFF} != "" @tmpfile="$$(mktemp dns.XXXXXX)"; \ - ${NSDIFF} ${NSDIFFFLAGS} ${zone} $> \ + ${NSDIFF} ${NSDIFFFLAGS} ${zone} ${.ALLSRC} \ >"$$tmpfile" 2>&1 \ || cat "$$tmpfile"; \ rm "$$tmpfile" .else - ${NSDIFF} ${NSDIFFFLAGS} ${zone} $> | nsupdate -g + ${NSDIFF} ${NSDIFFFLAGS} ${zone} $> | ${NSUPDATE} ${NSUPDATE_FLAGS} .endif + +# Delete the czone for this zone when cleaning. +clean-zone-${zone}: + rm -f ${zone:S,/,_,g}.czone +clean: clean-zone-${zone} .endfor +# For easy of use, 'make diff' zones update-zone with DIFF set. .PHONY: diff diff: - @${MAKE} -C ${.CURDIR} update-zones DIFF=yes + @${MAKE} -C ${.CURDIR} DIFF=yes update-zones + +### Unbound configuration files. unbound-update: diff --git a/zones/0_26.76.23.172.in-addr.arpa.zone b/zones/0_26.76.23.172.in-addr.arpa.zone deleted file mode 100644 index 45f1c42..0000000 --- a/zones/0_26.76.23.172.in-addr.arpa.zone +++ /dev/null @@ -1,19 +0,0 @@ -$TTL 1h -$ORIGIN 0/26.76.23.172.in-addr.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS a.ns.le-fay.dn42. - NS b.ns.le-fay.dn42. - NS c.ns.le-fay.dn42. - -2 PTR rose.lon.uk.ipv4.le-fay.dn42. -3 PTR yarrow.ipv4.le-fay.dn42. -4 PTR thyme.lon.uk.ipv4.le-fay.dn42. -5 PTR uk-jmp-1.ipv4.le-fay.dn42. -8 PTR uk-aai-1.ipv4.le-fay.dn42. diff --git a/zones/0_26.76.23.172.in-addr.arpa.zone.erb b/zones/0_26.76.23.172.in-addr.arpa.zone.erb new file mode 100644 index 0000000..3ce62f7 --- /dev/null +++ b/zones/0_26.76.23.172.in-addr.arpa.zone.erb @@ -0,0 +1,25 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + + NS a.ns.le-fay.dn42. + NS b.ns.le-fay.dn42. + NS c.ns.le-fay.dn42. + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +2 PTR rose.lon.uk.ipv4.le-fay.dn42. +3 PTR yarrow.ipv4.le-fay.dn42. +4 PTR thyme.lon.uk.ipv4.le-fay.dn42. +5 PTR uk-jmp-1.ipv4.le-fay.dn42. +8 PTR uk-aai-1.ipv4.le-fay.dn42. diff --git a/zones/117.73.187.81.in-addr.arpa.zone b/zones/117.73.187.81.in-addr.arpa.zone deleted file mode 100644 index f7feba9..0000000 --- a/zones/117.73.187.81.in-addr.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 1h -$ORIGIN 117.73.187.81.in-addr.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -@ PTR ng0.willow.eden.le-fay.org. diff --git a/zones/117.73.187.81.in-addr.arpa.zone.erb b/zones/117.73.187.81.in-addr.arpa.zone.erb new file mode 100644 index 0000000..72ab29e --- /dev/null +++ b/zones/117.73.187.81.in-addr.arpa.zone.erb @@ -0,0 +1,20 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + +@ PTR ng0.willow.eden.le-fay.org. diff --git a/zones/160-175.96.2.81.in-addr.arpa.zone b/zones/160-175.96.2.81.in-addr.arpa.zone deleted file mode 100644 index 4df8c1b..0000000 --- a/zones/160-175.96.2.81.in-addr.arpa.zone +++ /dev/null @@ -1,20 +0,0 @@ -$TTL 1h -$ORIGIN 160-175.96.2.81.in-addr.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -161 PTR vlan401.core-1.inet.eden.le-fay.org. -162 PTR hemlock.eden.le-fay.org. -163 PTR witch.eden.le-fay.org. -164 PTR turnera.eden.le-fay.org. -165 PTR ilythia.le-fay.org. -166 PTR ragweed.le-fay.org. diff --git a/zones/160-175.96.2.81.in-addr.arpa.zone.erb b/zones/160-175.96.2.81.in-addr.arpa.zone.erb new file mode 100644 index 0000000..f165edf --- /dev/null +++ b/zones/160-175.96.2.81.in-addr.arpa.zone.erb @@ -0,0 +1,26 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +161 PTR vlan401.core-1.inet.eden.le-fay.org. +162 PTR hemlock.eden.le-fay.org. +163 PTR witch.eden.le-fay.org. +164 PTR turnera.eden.le-fay.org. +165 PTR ilythia.le-fay.org. +166 PTR ragweed.le-fay.org. diff --git a/zones/18.198.in-addr.arpa.zone b/zones/18.198.in-addr.arpa.zone deleted file mode 100644 index 6b641db..0000000 --- a/zones/18.198.in-addr.arpa.zone +++ /dev/null @@ -1,11 +0,0 @@ -$TTL 1h -$ORIGIN 18.198.in-addr.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - NS hemlock.eden.le-fay.org. - -1.0 PTR vlan402.core-1.inet.eden.le-fay.org. diff --git a/zones/18.198.in-addr.arpa.zone.erb b/zones/18.198.in-addr.arpa.zone.erb new file mode 100644 index 0000000..7f358bd --- /dev/null +++ b/zones/18.198.in-addr.arpa.zone.erb @@ -0,0 +1,21 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +1.0 PTR vlan402.core-1.inet.eden.le-fay.org. diff --git a/zones/192-207.47.187.81.in-addr.arpa.zone b/zones/192-207.47.187.81.in-addr.arpa.zone deleted file mode 100644 index b9f37da..0000000 --- a/zones/192-207.47.187.81.in-addr.arpa.zone +++ /dev/null @@ -1,25 +0,0 @@ -$TTL 1h -$ORIGIN 192-207.47.187.81.in-addr.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -192 PTR ng0.willow.eden.le-fay.org. -193 PTR nat-out-v4-willow.inet.eden.le-fay.org. -195 PTR fuchsia.eden.le-fay.org. -196 PTR willow.eden.le-fay.org. -197 PTR core-1.inet.eden.le-fay.org. -200 PTR wg-uk-myb-1.uk-aai-1.le-fay.org. -201 PTR wg-uk-aai-1.uk-myb-1.le-fay.org. -202 PTR ep-willow.uk-aai-1.le-fay.org. -203 PTR ep-uk-aai-1.willow.eden.le-fay.org. -205 PTR ix0-3004.willow.eden.le-fay.org. -206 PTR te1.core-1.inet.eden.le-fay.org. diff --git a/zones/192-207.47.187.81.in-addr.arpa.zone.erb b/zones/192-207.47.187.81.in-addr.arpa.zone.erb new file mode 100644 index 0000000..029460d --- /dev/null +++ b/zones/192-207.47.187.81.in-addr.arpa.zone.erb @@ -0,0 +1,31 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +192 PTR ng0.willow.eden.le-fay.org. +193 PTR nat-out-v4-willow.inet.eden.le-fay.org. +195 PTR fuchsia.eden.le-fay.org. +196 PTR willow.eden.le-fay.org. +197 PTR core-1.inet.eden.le-fay.org. +200 PTR wg-uk-myb-1.uk-aai-1.le-fay.org. +201 PTR wg-uk-aai-1.uk-myb-1.le-fay.org. +202 PTR ep-willow.uk-aai-1.le-fay.org. +203 PTR ep-uk-aai-1.willow.eden.le-fay.org. +205 PTR ix0-3004.willow.eden.le-fay.org. +206 PTR te1.core-1.inet.eden.le-fay.org. diff --git a/zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone b/zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone deleted file mode 100644 index 77f367f..0000000 --- a/zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 1h -$ORIGIN 5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR amaranth.le-fay.org. diff --git a/zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb b/zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb new file mode 100644 index 0000000..7c042c9 --- /dev/null +++ b/zones/5.1.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb @@ -0,0 +1,21 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR amaranth.le-fay.org. diff --git a/zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone b/zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone deleted file mode 100644 index 2442ed3..0000000 --- a/zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone +++ /dev/null @@ -1,45 +0,0 @@ -$TTL 1h -$ORIGIN 5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0 PTR ng0.willow.eden.le-fay.org. -0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0 PTR nat-out-v6-willow.inet.le-fay.org. -5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0 PTR c1.i.lfns.org.uk. -e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0 PTR willow.eden.le-fay.org. -7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR core-1.inet.eden.le-fay.org. -8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR willow.eden.le-fay.org. -9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR fuchsia.eden.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR uk-aai-1.le-fay.org. -0.5.0.0.0.0.0.0.0.0.0.0.3.0.0.0.6.0.1.0 PTR eris.lethe.sikol.co.uk. -1.5.0.0.0.0.0.0.0.0.0.0.3.0.0.0.6.0.1.0 PTR charon.lethe.sikol.co.uk. -2.5.0.0.0.0.0.0.0.0.0.0.3.0.0.0.6.0.1.0 PTR tartarus.lethe.sikol.co.uk. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.3 PTR te1.core-1.inet.eden.le-fay.org. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.3 PTR ix0-3004.willow.eden.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR vlan401.core-1.inet.eden.le-fay.org. -3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR witch.le-fay.org. -4.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR turnera.eden.le-fay.org. -5.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR hemlock.eden.le-fay.org. -6.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR freebsd15.eden.le-fay.org. -1.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-1.inet.eden.le-fay.org. -2.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-2.inet.eden.le-fay.org. -3.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-3.inet.eden.le-fay.org. -4.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-4.inet.eden.le-fay.org. -5.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-5.inet.eden.le-fay.org. -6.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-6.inet.eden.le-fay.org. -7.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR core-2.inet.eden.le-fay.org. -8.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR core-3.inet.eden.le-fay.org. -9.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR core-4.inet.eden.le-fay.org. -0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.4.c PTR ilythia.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.4.c PTR ragweed.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.4.c PTR vlan402.core-1.inet.eden.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.E PTR wg0.willow.eden.le-fay.org. diff --git a/zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone.erb b/zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone.erb new file mode 100644 index 0000000..9e3a04f --- /dev/null +++ b/zones/5.b.a.a.0.b.8.0.1.0.0.2.ip6.arpa.zone.erb @@ -0,0 +1,51 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0 PTR ng0.willow.eden.le-fay.org. +0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.0 PTR nat-out-v6-willow.inet.le-fay.org. +5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0 PTR c1.i.lfns.org.uk. +e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0 PTR willow.eden.le-fay.org. +7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR core-1.inet.eden.le-fay.org. +8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR willow.eden.le-fay.org. +9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR fuchsia.eden.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR uk-aai-1.le-fay.org. +0.5.0.0.0.0.0.0.0.0.0.0.3.0.0.0.6.0.1.0 PTR eris.lethe.sikol.co.uk. +1.5.0.0.0.0.0.0.0.0.0.0.3.0.0.0.6.0.1.0 PTR charon.lethe.sikol.co.uk. +2.5.0.0.0.0.0.0.0.0.0.0.3.0.0.0.6.0.1.0 PTR tartarus.lethe.sikol.co.uk. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.3 PTR te1.core-1.inet.eden.le-fay.org. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0.0.3 PTR ix0-3004.willow.eden.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR vlan401.core-1.inet.eden.le-fay.org. +3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR witch.le-fay.org. +4.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR turnera.eden.le-fay.org. +5.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR hemlock.eden.le-fay.org. +6.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR freebsd15.eden.le-fay.org. +1.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-1.inet.eden.le-fay.org. +2.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-2.inet.eden.le-fay.org. +3.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-3.inet.eden.le-fay.org. +4.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-4.inet.eden.le-fay.org. +5.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-5.inet.eden.le-fay.org. +6.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR access-6.inet.eden.le-fay.org. +7.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR core-2.inet.eden.le-fay.org. +8.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR core-3.inet.eden.le-fay.org. +9.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.1.0.4.c PTR core-4.inet.eden.le-fay.org. +0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.4.c PTR ilythia.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.4.c PTR ragweed.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.4.c PTR vlan402.core-1.inet.eden.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.E PTR wg0.willow.eden.le-fay.org. diff --git a/zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone b/zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone deleted file mode 100644 index fccc810..0000000 --- a/zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 1h -$ORIGIN a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR thyme.lon.uk.arpa.le-fay.org. diff --git a/zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb b/zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb new file mode 100644 index 0000000..e42b1d9 --- /dev/null +++ b/zones/a.4.0.4.8.a.b.0.1.0.0.2.ip6.arpa.zone.erb @@ -0,0 +1,21 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR thyme.lon.uk.arpa.le-fay.org. diff --git a/zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone b/zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone deleted file mode 100644 index 22d6b5d..0000000 --- a/zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,19 +0,0 @@ -$TTL 1h -$ORIGIN b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR vtnet0.uk-myb-1.le-fay.org. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR vtnet0.uk-myb-2.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR uk-myb-1.le-fay.org. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR yarrow.le-fay.org. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0 PTR rose.uk.lon.arpa.le-fay.org. diff --git a/zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone.erb b/zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone.erb new file mode 100644 index 0000000..0225f93 --- /dev/null +++ b/zones/b.6.0.0.8.9.0.1.0.0.a.2.ip6.arpa.zone.erb @@ -0,0 +1,25 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR vtnet0.uk-myb-1.le-fay.org. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR vtnet0.uk-myb-2.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR uk-myb-1.le-fay.org. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0 PTR yarrow.le-fay.org. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0 PTR rose.uk.lon.arpa.le-fay.org. diff --git a/zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone b/zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone deleted file mode 100644 index 76794e7..0000000 --- a/zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone +++ /dev/null @@ -1,32 +0,0 @@ -$TTL 1h -$ORIGIN b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS a.ns.le-fay.dn42. - NS b.ns.le-fay.dn42. - NS c.ns.le-fay.dn42. - -1.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR amaranth.eden.le-fay.dn42. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0 PTR yarrow.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0 PTR thyme.lon.uk.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR uk-aai-1.le-fay.dn42. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR willow.eden.le-fay.dn42. -3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR core-1.inet.eden.le-fay.dn42. -4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR nat-out-v6-willow.inet.eden.le-fay.dn42. -5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR fuchsia.eden.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR vlan401.core-1.inet.eden.le-fay.dn42. -3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR witch.eden.le-fay.dn42. -4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR turnera.eden.le-fay.dn42. -5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR hemlock.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f.6.0 PTR ix0-3004.willow.eden.le-fay.dn42. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f.6.0 PTR te1.core-1.inet.eden.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0 PTR rose.lon.uk.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0 PTR uk-jmp-1.le-fay.dn42. -2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0 PTR amaranth.eden.le-fay.dn42. -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f PTR resolver.le-fay.dn42. diff --git a/zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone.erb b/zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone.erb new file mode 100644 index 0000000..f75dd9d --- /dev/null +++ b/zones/b.6.0.b.3.8.a.0.b.5.d.f.ip6.arpa.zone.erb @@ -0,0 +1,38 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + + NS a.ns.le-fay.dn42. + NS b.ns.le-fay.dn42. + NS c.ns.le-fay.dn42. + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + +1.0.0.0.2.0.0.0.0.0.0.0.0.0.0.0.4.0.0.0 PTR amaranth.eden.le-fay.dn42. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0 PTR yarrow.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.4.0 PTR thyme.lon.uk.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR uk-aai-1.le-fay.dn42. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR willow.eden.le-fay.dn42. +3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR core-1.inet.eden.le-fay.dn42. +4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR nat-out-v6-willow.inet.eden.le-fay.dn42. +5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.0 PTR fuchsia.eden.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR vlan401.core-1.inet.eden.le-fay.dn42. +3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR witch.eden.le-fay.dn42. +4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR turnera.eden.le-fay.dn42. +5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.6.0 PTR hemlock.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f.6.0 PTR ix0-3004.willow.eden.le-fay.dn42. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f.6.0 PTR te1.core-1.inet.eden.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0 PTR rose.lon.uk.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0 PTR uk-jmp-1.le-fay.dn42. +2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0 PTR amaranth.eden.le-fay.dn42. +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.f PTR resolver.le-fay.dn42. diff --git a/zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone b/zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone deleted file mode 100644 index f2091e4..0000000 --- a/zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,13 +0,0 @@ -$TTL 1h -$ORIGIN e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. diff --git a/zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone.erb b/zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone.erb new file mode 100644 index 0000000..1f60783 --- /dev/null +++ b/zones/e.1.0.0.0.8.c.1.6.0.a.2.ip6.arpa.zone.erb @@ -0,0 +1,19 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" diff --git a/zones/le-fay.dn42.zone b/zones/le-fay.dn42.zone deleted file mode 100644 index 6c7e373..0000000 --- a/zones/le-fay.dn42.zone +++ /dev/null @@ -1,64 +0,0 @@ -$TTL 1h -$ORIGIN le-fay.dn42. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.dn42. ( - 1 ; serial - 1h ; refresh - 5m ; retry - 8w ; expire - 3m ; minimum - ) - - NS a.ns.le-fay.dn42. - NS b.ns.le-fay.dn42. - NS c.ns.le-fay.dn42. - - MX 10 smtp - - TXT "v=spf1 ip6:fd5b:a83:b06b:10::4 ~all" - -; Services -a.ns AAAA fd5b:a83:b06b:600::5 -b.ns AAAA fd5b:a83:b06b:300::2 -c.ns AAAA fd5b:a83:b06b:800::2 - -www CNAME fuchsia -smtp AAAA fd5b:a83:b06b:600::5 -resolver AAAA fd5b:a83:b06b:ff00::1 - -ntp AAAA fd5b:a83:b06b:100::1 - AAAA fd5b:a83:b06b:500::1 - AAAA fd5b:a83:b06b:601::5 -a.ntp AAAA fd5b:a83:b06b:100::1 - A 172.23.76.0 -b.ntp AAAA fd5b:a83:b06b:601::5 - A 172.23.76.6 -c.ntp AAAA fd5b:a83:b06b:500::1 - -; willow -willow.eden AAAA fd5b:a83:b06b:600::2 -ix0-3004.willow.eden AAAA fd5b:a83:b06b:6ff::1 -nat-out-v6-willow.inet.eden AAAA fd5b:a83:b06b:600::4 - -; Hosts -amaranth.eden AAAA fd5b:a83:b06b:800::2 -hemlock AAAA fd5b:a83:b06b:601::5 -turnera.eden AAAA fd5b:a83:b06b:601::4 -fuchsia AAAA fd5b:a83:b06b:600::5 -fuchsia.eden CNAME fuchsia -yarrow AAAA fd5b:a83:b06b:300::2 -witch.eden AAAA fd5b:a83:b06b:601::3 -rose.lon.uk AAAA fd5b:a83:b06b:700::1 -thyme.lon.uk AAAA fd5b:a83:b06b:400::1 -uk-aai-1 AAAA fd5b:a83:b06b:600::1 -uk-jmp-2 CNAME thyme.lon.uk.le-fay.dn42. -uk-myb-2 CNAME rose.lon.uk.le-fay.dn42. - -rose.lon.uk.ipv4 A 172.23.76.2 -thyme.lon.uk.ipv4 A 172.23.76.4 -uk-aai-1.ipv4 A 172.23.76.8 - -; Network devices -core-1.inet.eden AAAA fd5b:a83:b06b:600::3 -te1.core-1.inet.eden AAAA fd5b:a83:b06b:6ff::2 -vlan401.core-1.inet.eden AAAA fd5b:a83:b06b:601::1 diff --git a/zones/le-fay.dn42.zone.erb b/zones/le-fay.dn42.zone.erb new file mode 100644 index 0000000..3aa1225 --- /dev/null +++ b/zones/le-fay.dn42.zone.erb @@ -0,0 +1,65 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + + NS a.ns.le-fay.dn42. + NS b.ns.le-fay.dn42. + NS c.ns.le-fay.dn42. + + MX 10 smtp + TXT "v=spf1 ip6:fd5b:a83:b06b:10::4 ~all" + +; Services +a.ns AAAA fd5b:a83:b06b:600::5 +b.ns AAAA fd5b:a83:b06b:300::2 +c.ns AAAA fd5b:a83:b06b:800::2 + +www CNAME fuchsia +smtp AAAA fd5b:a83:b06b:600::5 +resolver AAAA fd5b:a83:b06b:ff00::1 + +ntp AAAA fd5b:a83:b06b:100::1 + AAAA fd5b:a83:b06b:500::1 + AAAA fd5b:a83:b06b:601::5 +a.ntp AAAA fd5b:a83:b06b:100::1 + A 172.23.76.0 +b.ntp AAAA fd5b:a83:b06b:601::5 + A 172.23.76.6 +c.ntp AAAA fd5b:a83:b06b:500::1 + +; willow +willow.eden AAAA fd5b:a83:b06b:600::2 +ix0-3004.willow.eden AAAA fd5b:a83:b06b:6ff::1 +nat-out-v6-willow.inet.eden AAAA fd5b:a83:b06b:600::4 + +; Hosts +amaranth.eden AAAA fd5b:a83:b06b:800::2 +hemlock AAAA fd5b:a83:b06b:601::5 +turnera.eden AAAA fd5b:a83:b06b:601::4 +fuchsia AAAA fd5b:a83:b06b:600::5 +fuchsia.eden CNAME fuchsia +yarrow AAAA fd5b:a83:b06b:300::2 +witch.eden AAAA fd5b:a83:b06b:601::3 +rose.lon.uk AAAA fd5b:a83:b06b:700::1 +thyme.lon.uk AAAA fd5b:a83:b06b:400::1 +uk-aai-1 AAAA fd5b:a83:b06b:600::1 +uk-jmp-2 CNAME thyme.lon.uk.le-fay.dn42. +uk-myb-2 CNAME rose.lon.uk.le-fay.dn42. + +rose.lon.uk.ipv4 A 172.23.76.2 +thyme.lon.uk.ipv4 A 172.23.76.4 +uk-aai-1.ipv4 A 172.23.76.8 + +; Network devices +core-1.inet.eden AAAA fd5b:a83:b06b:600::3 +te1.core-1.inet.eden AAAA fd5b:a83:b06b:6ff::2 +vlan401.core-1.inet.eden AAAA fd5b:a83:b06b:601::1 diff --git a/zones/le-fay.org.uk.zone b/zones/le-fay.org.uk.zone deleted file mode 100644 index d140307..0000000 --- a/zones/le-fay.org.uk.zone +++ /dev/null @@ -1,13 +0,0 @@ -$TTL 1h -$ORIGIN le-fay.org.uk. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. diff --git a/zones/le-fay.org.uk.zone.erb b/zones/le-fay.org.uk.zone.erb new file mode 100644 index 0000000..1f60783 --- /dev/null +++ b/zones/le-fay.org.uk.zone.erb @@ -0,0 +1,19 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" diff --git a/zones/le-fay.org.zone b/zones/le-fay.org.zone deleted file mode 100644 index 0f4ba70..0000000 --- a/zones/le-fay.org.zone +++ /dev/null @@ -1,159 +0,0 @@ -$TTL 1h -$ORIGIN le-fay.org. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - - TXT "v=spf1 ip4:81.187.47.195 ip6:2001:8b0:aab5:4::9 ip4:185.73.44.74 ip6:2001:ba8:4015:100::2 ~all" - - MX 20 fuchsia.eden.le-fay.org. - MX 30 spamtrap.le-fay.org. - - AAAA 2001:8b0:aab5:4::9 ; fuchsia - A 81.187.47.195 ; fuchsia - -; Nameservers - -ns1 AAAA 2001:ba8:4015:100::2 ; amaranth - A 185.73.44.74 ; amaranth -ns2 AAAA 2001:8b0:aab5:4::9 ; fuchsia - A 81.187.47.195 ; fuchsia -ns3 AAAA 2a00:1098:6b:100::2 ; yarrow - A 176.126.243.79 ; yarrow - -; DKIM keys -fuchsia._domainkey TXT "v=DKIM1; h=sha256; k=rsa; p=" "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPpbxRWV3H/WIihqmMxyr/4hrKLn90kcTeqTIaYOMoOgx36Eh/3aYOc+YaIWYoFH2bHF6p+es15IpUzJ+jZr7bbyxjAcNaQA//91TrkTlabxoiOHbQSp7RFarOj9V+xU+53R2PpECIkBVwmBMdX5zyNdH7DUacSe/rLkuWO7CQywIDAQAB" - -; Kerberos -_kerberos TXT "LE-FAY.ORG" -_kerberos.eden TXT "LE-FAY.ORG" -_kerberos._tcp SRV 1 0 88 witch -_kerberos._tcp SRV 1 0 88 turnera.eden -_kerberos-adm._tcp SRV 1 0 749 witch -_kerberos-adm._tcp SRV 1 0 749 turnera.eden -_kpasswd._tcp SRV 1 0 464 turnera.eden -_ldap._tcp SRV 10 50 389 witch -_ldap._tcp SRV 10 50 389 turnera.eden -_kerberos._udp SRV 1 0 88 witch -_kerberos._udp SRV 1 0 88 turnera.eden -_kpasswd._udp SRV 1 0 464 turnera.eden - -; Services - -smtp CNAME fuchsia.eden -www CNAME fuchsia.eden - -ntp CNAME ntp1 -ntp1 AAAA 2001:ba8:4015:100::2 ; amaranth - A 185.73.44.74 ; amaranth -ntp2 AAAA 2001:8b0:aab5:c401::1:5 ; hemlock - A 81.2.96.162 ; hemlock -ntp.eden CNAME ntp -ntp.svc.eden CNAME ntp - -; hemlock -hemlock.eden AAAA 2001:8b0:aab5:c401::1:5 - A 81.2.96.162 - MX 10 fuchsia.eden -ftp.eden CNAME hemlock.eden -git.eden CNAME hemlock.eden -media.eden CNAME hemlock.eden -mqtt.svc.eden CNAME hemlock.eden -music CNAME hemlock.eden -pkg CNAME hemlock.eden -prometheus CNAME hemlock.eden -qbt CNAME hemlock.eden -status CNAME hemlock.eden -www.eden CNAME hemlock.eden - - -; Hosts - -amaranth AAAA 2001:ba8:4015:100::2 - A 185.73.44.74 -fuchsia.eden AAAA 2001:8b0:aab5:4::9 - A 81.187.47.195 -freebsd13 AAAA 2001:8b0:aab5:c401::1:8 - A 81.2.96.169 -freebsd14 AAAA 2001:8b0:aab5:c401::1:7 - A 81.2.96.168 -freebsd15.eden AAAA 2001:8b0:aab5:c401::1:6 - A 81.2.96.167 -ilythia AAAA 2001:8b0:aab5:c401:1::2 - A 81.2.96.165 -ragweed AAAA 2001:8b0:aab5:c401:1::1 - A 81.2.96.166 -turnera.eden AAAA 2001:8b0:aab5:c401::1:4 - A 81.2.96.164 -turnera AAAA 2001:8b0:aab5:c401::1:4 - A 81.2.96.164 -witch AAAA 2001:8b0:aab5:c401::1:3 - A 81.2.96.163 -witch.eden AAAA 2001:8b0:aab5:c401::1:3 -witch.eden A 81.2.96.163 -yarrow AAAA 2a00:1098:6b:100::2 - A 176.126.243.79 - -; DN42 nodes -thyme.lon.uk.arpa AAAA 2001:ba8:404a:100::1 - A 185.73.44.73 -uk-jmp-2 CNAME thyme.lon.uk.arpa.le-fay.org. - -rose.lon.uk.arpa AAAA 2a00:1098:6b:200::1 -uk-myb-2 CNAME rose.lon.uk.arpa.le-fay.org. -vtnet0.uk-myb-2 CNAME uk-myb-2.le-fay.org. - -uk-jmp-1 AAAA 2001:ba8:4015:100::1 -wg-uk-aai-1.uk-myb-1 A 81.187.47.201 - -uk-aai-1 AAAA 2001:8b0:aab5:100::1 -ep-willow.uk-aai-1 A 81.187.47.202 -wg-uk-myb-1.uk-aai-1 A 81.187.47.200 - -vtnet0.uk-myb-1 AAAA 2a00:1098:6b::1 -vtnet0.uk-myb-1 A 46.235.229.111 - -; willow -willow.eden AAAA 2001:8b0:aab5:4::8 -nat-out-v4-willow.inet.eden A 81.187.47.193 -ep-uk-aai-1.willow.eden A 81.187.47.203 -ix0-3004.willow.eden AAAA 2001:8b0:aab5:3004::2 -ix0-3004.willow.eden A 81.187.47.205 -ng0.willow.eden AAAA 2001:8b0:aab5:1::1 -ng0.willow.eden A 81.187.47.192 - -; Network devices - -core-1.inet.eden AAAA 2001:8b0:aab5:4::7 - A 81.187.47.197 -te1.core-1.inet.eden AAAA 2001:8b0:aab5:3004::1 - A 81.187.47.206 -vlan401.core-1.inet.eden AAAA 2001:8b0:aab5:c401::1 - A 81.2.96.161 -vlan402.core-1.inet.eden AAAA 2001:8b0:aab5:c402::1 - A 198.18.0.1 -core-2.inet.eden AAAA 2001:8b0:aab5:c401::2:7 -core-3.inet.eden AAAA 2001:8b0:aab5:c401::2:8 -core-4.inet.eden AAAA 2001:8b0:aab5:c401::2:9 -access-1.inet.eden AAAA 2001:8b0:aab5:c401::2:1 -access-2.inet.eden AAAA 2001:8b0:aab5:c401::2:2 -access-3.inet.eden AAAA 2001:8b0:aab5:c401::2:3 -access-4.inet.eden AAAA 2001:8b0:aab5:c401::2:4 -access-5.inet.eden AAAA 2001:8b0:aab5:c401::2:5 -access-6.inet.eden AAAA 2001:8b0:aab5:c401::2:6 -outlet-hemlock.iot.eden A 172.20.193.1 -outlet-rack.iot.eden A 172.20.193.2 - -; Miscellaneous -eden MX 10 fuchsia.eden.le-fay.org. -vpn-in-1.eden AAAA 2001:8b0:aab5:1::1 -vpn-in-1.eden A 81.187.73.117 -spamtrap A 81.187.47.194 diff --git a/zones/le-fay.org.zone.erb b/zones/le-fay.org.zone.erb new file mode 100644 index 0000000..35b787d --- /dev/null +++ b/zones/le-fay.org.zone.erb @@ -0,0 +1,163 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 ip4:81.187.47.195 ip6:2001:8b0:aab5:4::9 ip4:185.73.44.74 ip6:2001:ba8:4015:100::2 ~all" + + MX 20 fuchsia.eden.le-fay.org. + MX 30 spamtrap.le-fay.org. + + AAAA 2001:8b0:aab5:4::9 ; fuchsia + A 81.187.47.195 ; fuchsia + +; Nameservers + +ns1 AAAA 2001:ba8:4015:100::2 ; amaranth + A 185.73.44.74 ; amaranth +ns2 AAAA 2001:8b0:aab5:4::9 ; fuchsia + A 81.187.47.195 ; fuchsia +ns3 AAAA 2a00:1098:6b:100::2 ; yarrow + A 176.126.243.79 ; yarrow + +; DKIM keys +fuchsia._domainkey TXT "v=DKIM1; h=sha256; k=rsa; p=" "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPpbxRWV3H/WIihqmMxyr/4hrKLn90kcTeqTIaYOMoOgx36Eh/3aYOc+YaIWYoFH2bHF6p+es15IpUzJ+jZr7bbyxjAcNaQA//91TrkTlabxoiOHbQSp7RFarOj9V+xU+53R2PpECIkBVwmBMdX5zyNdH7DUacSe/rLkuWO7CQywIDAQAB" + +; Kerberos +_kerberos TXT "LE-FAY.ORG" +_kerberos.eden TXT "LE-FAY.ORG" +_kerberos._tcp SRV 1 0 88 witch +_kerberos._tcp SRV 1 0 88 turnera.eden +_kerberos-adm._tcp SRV 1 0 749 witch +_kerberos-adm._tcp SRV 1 0 749 turnera.eden +_kpasswd._tcp SRV 1 0 464 turnera.eden +_ldap._tcp SRV 10 50 389 witch +_ldap._tcp SRV 10 50 389 turnera.eden +_kerberos._udp SRV 1 0 88 witch +_kerberos._udp SRV 1 0 88 turnera.eden +_kpasswd._udp SRV 1 0 464 turnera.eden + +; Services + +smtp CNAME fuchsia.eden +www CNAME fuchsia.eden + +ntp CNAME ntp1 +ntp1 AAAA 2001:ba8:4015:100::2 ; amaranth + A 185.73.44.74 ; amaranth +ntp2 AAAA 2001:8b0:aab5:c401::1:5 ; hemlock + A 81.2.96.162 ; hemlock +ntp.eden CNAME ntp +ntp.svc.eden CNAME ntp + +; hemlock +hemlock.eden AAAA 2001:8b0:aab5:c401::1:5 + A 81.2.96.162 + MX 10 fuchsia.eden +ftp.eden CNAME hemlock.eden +git.eden CNAME hemlock.eden +media.eden CNAME hemlock.eden +mqtt.svc.eden CNAME hemlock.eden +music CNAME hemlock.eden +pkg CNAME hemlock.eden +prometheus CNAME hemlock.eden +qbt CNAME hemlock.eden +status CNAME hemlock.eden +www.eden CNAME hemlock.eden + + +; Hosts + +amaranth AAAA 2001:ba8:4015:100::2 + A 185.73.44.74 +fuchsia.eden AAAA 2001:8b0:aab5:4::9 + A 81.187.47.195 +freebsd13 AAAA 2001:8b0:aab5:c401::1:8 + A 81.2.96.169 +freebsd14 AAAA 2001:8b0:aab5:c401::1:7 + A 81.2.96.168 +freebsd15.eden AAAA 2001:8b0:aab5:c401::1:6 + A 81.2.96.167 +ilythia AAAA 2001:8b0:aab5:c401:1::2 + A 81.2.96.165 +ragweed AAAA 2001:8b0:aab5:c401:1::1 + A 81.2.96.166 +turnera.eden AAAA 2001:8b0:aab5:c401::1:4 + A 81.2.96.164 +turnera AAAA 2001:8b0:aab5:c401::1:4 + A 81.2.96.164 +witch AAAA 2001:8b0:aab5:c401::1:3 + A 81.2.96.163 +witch.eden AAAA 2001:8b0:aab5:c401::1:3 +witch.eden A 81.2.96.163 +yarrow AAAA 2a00:1098:6b:100::2 + A 176.126.243.79 + +; DN42 nodes +thyme.lon.uk.arpa AAAA 2001:ba8:404a:100::1 + A 185.73.44.73 +uk-jmp-2 CNAME thyme.lon.uk.arpa.le-fay.org. + +rose.lon.uk.arpa AAAA 2a00:1098:6b:200::1 +uk-myb-2 CNAME rose.lon.uk.arpa.le-fay.org. +vtnet0.uk-myb-2 CNAME uk-myb-2.le-fay.org. + +uk-jmp-1 AAAA 2001:ba8:4015:100::1 +wg-uk-aai-1.uk-myb-1 A 81.187.47.201 + +uk-aai-1 AAAA 2001:8b0:aab5:100::1 +ep-willow.uk-aai-1 A 81.187.47.202 +wg-uk-myb-1.uk-aai-1 A 81.187.47.200 + +vtnet0.uk-myb-1 AAAA 2a00:1098:6b::1 +vtnet0.uk-myb-1 A 46.235.229.111 + +; willow +willow.eden AAAA 2001:8b0:aab5:4::8 +nat-out-v4-willow.inet.eden A 81.187.47.193 +ep-uk-aai-1.willow.eden A 81.187.47.203 +ix0-3004.willow.eden AAAA 2001:8b0:aab5:3004::2 +ix0-3004.willow.eden A 81.187.47.205 +ng0.willow.eden AAAA 2001:8b0:aab5:1::1 +ng0.willow.eden A 81.187.47.192 + +; Network devices + +core-1.inet.eden AAAA 2001:8b0:aab5:4::7 + A 81.187.47.197 +te1.core-1.inet.eden AAAA 2001:8b0:aab5:3004::1 + A 81.187.47.206 +vlan401.core-1.inet.eden AAAA 2001:8b0:aab5:c401::1 + A 81.2.96.161 +vlan402.core-1.inet.eden AAAA 2001:8b0:aab5:c402::1 + A 198.18.0.1 +core-2.inet.eden AAAA 2001:8b0:aab5:c401::2:7 +core-3.inet.eden AAAA 2001:8b0:aab5:c401::2:8 +core-4.inet.eden AAAA 2001:8b0:aab5:c401::2:9 +access-1.inet.eden AAAA 2001:8b0:aab5:c401::2:1 +access-2.inet.eden AAAA 2001:8b0:aab5:c401::2:2 +access-3.inet.eden AAAA 2001:8b0:aab5:c401::2:3 +access-4.inet.eden AAAA 2001:8b0:aab5:c401::2:4 +access-5.inet.eden AAAA 2001:8b0:aab5:c401::2:5 +access-6.inet.eden AAAA 2001:8b0:aab5:c401::2:6 +outlet-hemlock.iot.eden A 172.20.193.1 +outlet-rack.iot.eden A 172.20.193.2 + +; Miscellaneous +eden MX 10 fuchsia.eden.le-fay.org. +vpn-in-1.eden AAAA 2001:8b0:aab5:1::1 +vpn-in-1.eden A 81.187.73.117 +spamtrap A 81.187.47.194 diff --git a/zones/rt.uk.eu.org.zone b/zones/rt.uk.eu.org.zone deleted file mode 100644 index 5908774..0000000 --- a/zones/rt.uk.eu.org.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 1h -$ORIGIN rt.uk.eu.org. - -@ SOA hemlock.eden.le-fay.org. hostmaster.le-fay.org. ( - 1 1h 5m 8w 3m - ; serial refresh retry expire minimum - ) - - CAA 128 issue "letsencrypt.org;validationmethods=dns-01" - - NS ns1.le-fay.org. - NS ns2.le-fay.org. - NS ns3.le-fay.org. - - MX 10 fuchsia.eden.le-fay.org. diff --git a/zones/rt.uk.eu.org.zone.erb b/zones/rt.uk.eu.org.zone.erb new file mode 100644 index 0000000..6eb4a10 --- /dev/null +++ b/zones/rt.uk.eu.org.zone.erb @@ -0,0 +1,20 @@ +; vim:set ft=eruby.bindzone sw=8 ts=8 sts=8: + +$TTL <%= ttl %> +$ORIGIN <%= zone %>. + +@ SOA <%= soa_mname %> <%= soa_rname %> ( + <%= soa_serial %> + <%= soa_refresh %> + <%= soa_retry %> + <%= soa_expire %> + <%= soa_minimum %> + ) + +<% nameservers.split.each do |ns| %> + NS <%= ns %>. +<% end %> + + CAA 128 issue "letsencrypt.org;validationmethods=dns-01" + TXT "v=spf1 -all" + MX 10 fuchsia.eden.le-fay.org. -- cgit v1.2.3