diff --git a/bind/named.conf.local b/bind/named.conf.local index a73f38e..41672f6 100644 --- a/bind/named.conf.local +++ b/bind/named.conf.local @@ -1,295 +1,297 @@ zone "kde.org." in { type master; file "master/kde.org.zone"; also-notify { "cloudns-ddos"; }; }; zone "digikam.org." in { type master; file "master/digikam.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.be." in { type master; file "master/kde.be.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.eu." in { type master; file "master/kde.eu.zone"; also-notify { "cloudns-standard"; }; + auto-dnssec maintain; + inline-signing yes; }; zone "kde.in." in { type master; file "master/kde.in.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.it." in { type master; file "master/kde.it.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.ca." in { type master; file "master/kde.ca.zone"; also-notify { "cloudns-standard"; }; }; zone "kdelibs.com." in { type master; file "master/kdelibs.com.zone"; also-notify { "cloudns-standard"; }; }; zone "desktopsummit.org." in { type master; file "master/desktopsummit.org.zone"; also-notify { "cloudns-standard"; }; }; zone "behindkde.org." in { type master; file "master/behindkde.org.zone"; also-notify { "cloudns-standard"; }; }; zone "behindkde.com." in { type master; file "master/behindkde.com.zone"; also-notify { "cloudns-standard"; }; }; zone "kdenews.org." in { type master; file "master/kdenews.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kde-edu.org." in { type master; file "master/kde-edu.org.zone"; also-notify { "cloudns-standard"; }; }; zone "planetkde.org." in { type master; file "master/planetkde.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kaddressbook.com." in { type master; file "master/kaddressbook.com.zone"; also-notify { "cloudns-standard"; }; }; zone "kaddressbook.org." in { type master; file "master/kaddressbook.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdepim.org." in { type master; file "master/kdepim.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdepim.com." in { type master; file "master/kdepim.com.zone"; also-notify { "cloudns-standard"; }; }; zone "kontact.org." in { type master; file "master/kontact.org.zone"; also-notify { "cloudns-standard"; }; }; zone "korganizer.org." in { type master; file "master/korganizer.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kphotoalbum.org." in { type master; file "master/kphotoalbum.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.org.pl." in { type master; file "master/kde.org.pl.zone"; also-notify { "cloudns-standard"; }; }; zone "konqueror.org." in { type master; file "master/konqueror.org.zone"; also-notify { "cloudns-standard"; }; }; zone "konqueror.com." in { type master; file "master/konqueror.com.zone"; also-notify { "cloudns-standard"; }; }; zone "koffice.org." in { type master; file "master/koffice.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdemail.net." in { type master; file "master/kdemail.net.zone"; also-notify { "cloudns-standard"; }; }; zone "kdetalk.net." in { type master; file "master/kdetalk.net.zone"; also-notify { "cloudns-standard"; }; }; zone "calligra.org." in { type master; file "master/calligra.org.zone"; also-notify { "cloudns-standard"; }; }; zone "calligra-suite.org." in { type master; file "master/calligra-suite.org.zone"; also-notify { "cloudns-standard"; }; }; zone "plasma-active.org." in { type master; file "master/plasma-active.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kexi-project.org." in { type master; file "master/kexi-project.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdevelop.org." in { type master; file "master/kdevelop.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdenlive.org" IN { type master; file "master/kdenlive.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kmymoney.org" IN { type master; file "master/kmymoney.org.zone"; also-notify { "cloudns-standard"; }; }; zone "inqlude.org" IN { type master; file "master/inqlude.org.zone"; also-notify { "cloudns-standard"; }; }; zone "k3b.org" IN { type master; file "master/k3b.org.zone"; also-notify { "cloudns-standard"; }; }; zone "skrooge.org" IN { type master; file "master/skrooge.org.zone"; also-notify { "cloudns-standard"; }; }; zone "plasma-mobile.org" IN { type master; file "master/plasma-mobile.org.zone"; also-notify { "cloudns-standard"; }; }; zone "qtcon.org" IN { type master; file "master/qtcon.org.zone"; }; zone "commit-digest.org" IN { type master; file "master/commit-digest.org.zone"; also-notify { "cloudns-standard"; }; }; zone "commit-digest.com" IN { type master; file "master/commit-digest.com.zone"; also-notify { "cloudns-standard"; }; }; zone "frameworks.org" IN { type master; file "master/frameworks.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdeitalia.it" IN { type master; file "master/kdeitalia.it.zone"; also-notify { "cloudns-standard"; }; }; zone "krusader.org" IN { type master; file "master/krusader.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.gr.jp" IN { type master; file "master/kde.gr.jp.zone"; also-notify { "cloudns-standard"; }; }; zone "falkon.org" IN { type master; file "master/falkon.org.zone"; also-notify { "cloudns-standard"; }; }; zone "openraster.org" IN { type master; file "master/openraster.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kde.ru" IN { type master; file "master/kde.ru.zone"; also-notify { "cloudns-standard"; }; }; zone "kstuff.org" IN { type master; file "master/kstuff.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kdeedu.org" IN { type master; file "master/kdeedu.org.zone"; also-notify { "cloudns-standard"; }; }; zone "mauikit.org" IN { type master; file "master/mauikit.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kirogi.org" IN { type master; file "master/kirogi.org.zone"; also-notify { "cloudns-standard"; }; }; zone "kde-china.org" IN { type master; file "master/kde-china.org.zone"; also-notify { "cloudns-standard"; }; }; diff --git a/bind/named.conf.options b/bind/named.conf.options index 12cc2ba..81f7b62 100644 --- a/bind/named.conf.options +++ b/bind/named.conf.options @@ -1,40 +1,41 @@ options { directory "/var/cache/bind"; + key-directory "/etc/bind/keys"; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; version "Not disclosed"; notify explicit; }; masters "cloudns-standard" { 109.201.133.111; 209.58.140.85; 54.36.26.145; 185.206.180.104; 185.136.96.66; 185.136.97.66; 185.136.98.66; 185.136.99.66; 185.206.180.193; 2a00:1768:1001:9::31:1; 2605:fe80:2100:a013:7::1; 2a0b:1640:1:1:1:1:8ec:5a47; 2a06:fb00:1::1:66; 2a06:fb00:1::2:66; 2a06:fb00:1::3:66; 2a06:fb00:1::4:66; 2a0b:1640:1:3::1; }; masters "cloudns-ddos" { 185.136.96.100; 185.136.97.100; 185.136.98.100; 185.136.99.100; 185.206.180.198; 2a06:fb00:1::1:100; 2a06:fb00:1::2:100; 2a06:fb00:1::3:100; 2a06:fb00:1::4:100; 2a0b:1640:1:3::6; }; diff --git a/scripts/update_dns_bluemchen.sh b/scripts/update_dns_bluemchen.sh index e0413e1..45af94b 100755 --- a/scripts/update_dns_bluemchen.sh +++ b/scripts/update_dns_bluemchen.sh @@ -1,27 +1,28 @@ #!/bin/bash # Switch to our DNS checkout and update it cd /srv/dns/ git pull -q # Copy over our Bind configuration cp bind/* /etc/bind/ # Deploy our Zones now. We track the ones which have changed to trigger a DNS change for zoneToDeploy in zones/*.zone; do # Determine which zone we are updating domain=`basename $zoneToDeploy .zone` # What will the new path be? newPath="/etc/bind/master/$domain.zone" # Has the zone changed / is it new? if [[ ! -e $newPath ]] || ! cmp -s $zoneToDeploy $newPath; then # Deploy it cp $zoneToDeploy $newPath + rndc reload $domain uploadConfig=1 fi done # Install our configuration test -n "$uploadConfig" && /etc/init.d/bind9 reload