# This source code is released into the public domain. # # Primary makefile for DNS management. # Make sure failures in != expansions cause make to stop. .MAKEFLAGS: -W ### Our local master server. MASTER= lily.le-fay.org MASTER_ADDR!= getaddrinfo -f inet6 -p tcp -t stream ${MASTER} \ | awk '{ print $$4 }' ### Default SOA values. SOA_MNAME= ${MASTER}. SOA_RNAME= hostmaster.le-fay.org. # Serial is always 1; nsdiff handles this magically. SOA_SERIAL= 1 SOA_REFRESH= 1d SOA_RETRY= 1h SOA_EXPIRE= 2w SOA_MINIMUM= 5m # Default value for $TTL. TTL= 1h # Nameservers to use for Internet zones. NAMESERVERS= ns1.le-fay.org \ ns2.le-fay.org \ ns3.le-fay.org ### The DN42 master server. DN42_MASTER= fd42:4242:2601:ac53::1 # The zones we serve; fetch this list from the catalog zone. ZONES!= bin/get_catalog "catalog.invalid" "${MASTER}" # These zones are used for DN42. DN42_ZONES= \ dn42 \ d.f.ip6.arpa \ 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa \ 23.172.in-addr.arpa 31.172.in-addr.arpa # These zones are always insecure, because they don't exist on the Internet. INSECURE_ZONES= \ 18.198.in-addr.arpa ####################################################################### # Unbound configuration for resolvers. # All servers which run Unbound. UNBOUND_SERVERS?= \ hemlock.le-fay.org \ fuchsia.eden.le-fay.org \ amaranth.le-fay.org \ rose.le-fay.org \ witch.le-fay.org \ turnera.le-fay.org # Forwarder addresses for Unbound forwarders. UNBOUND_FORWARDERS?= \ 2001:8b0:aab5:c401::1:3 \ 2001:8b0:aab5:c401::1:4 # -Dforwarder means this server forwards queries to ${UNBOUND_FORWARDERS}. # -Dnolocal means this server doesn't have a copy of our local zones. # -Dtls enables DoH and DoT; certificates should be provided in confdir # (tls/cert.pem, tls/key.pem). # UNBOUND_PROCESS_FLAGS.hemlock.le-fay.org= -Dnolocal=yes -Dforwarder=yes UNBOUND_PROCESS_FLAGS.fuchsia.eden.le-fay.org= -Dnolocal=yes -Dforwarder=yes UNBOUND_PROCESS_FLAGS.amaranth.le-fay.org= -Dnolocal=yes UNBOUND_PROCESS_FLAGS.rose.le-fay.org= -Dnolocal=yes UNBOUND_PROCESS_FLAGS.witch.le-fay.org= -Dtls=yes UNBOUND_PROCESS_FLAGS.turnera.le-fay.org= -Dtls=yes ####################################################################### # The default target doesn't do anything. # all: @echo "Please specify a target:" @echo " make diff show diff between zone files and online zone" @echo " make update-zones update online zones" @echo " make unbound build and install Unbound configs" .PHONY: all # Individual targets add dependencies to clean. clean: .PHONY: clean .include "Makefile.inc.unbound" .include "Makefile.inc.zones" # File paths. .PATH: ${ZONEDIR} .OBJDIR: ${.CURDIR}/build BINDIR= ${.CURDIR}/bin PROCESS= ${BINDIR}/process