From c959f07a2d015531869e3abce0600a23ce49fe97 Mon Sep 17 00:00:00 2001 From: Matthieu Saulnier Date: Sat, 12 Aug 2017 21:04:12 +0200 Subject: DNS zone files looks horrible and need to be cleaned a bit --- roles/dnsserver/files/casperlefantom.net.zone | 68 +++++++++------------- roles/dnsserver/files/home.casperlefantom.net.zone | 14 ++--- roles/dnsserver/files/jaysfoodventure.com.zone | 27 ++++----- roles/dnsserver/files/vpn.casperlefantom.net.zone | 6 +- 4 files changed, 46 insertions(+), 69 deletions(-) diff --git a/roles/dnsserver/files/casperlefantom.net.zone b/roles/dnsserver/files/casperlefantom.net.zone index 4564139..50c300c 100644 --- a/roles/dnsserver/files/casperlefantom.net.zone +++ b/roles/dnsserver/files/casperlefantom.net.zone @@ -1,6 +1,6 @@ $ttl 86400 casperlefantom.net. IN SOA nsa.casperlefantom.net. hostmaster.casperlefantom.net. ( -2017081200 ; serial number +2017081201 ; serial number 10800 ; refresh 3600 ; retry 1209600 ; expire @@ -17,8 +17,8 @@ vpn IN NS nsb.vpn.casperlefantom.net. vpn IN NS nsc.vpn.casperlefantom.net. @ IN MX 10 mail.casperlefantom.net. - @ IN A 51.15.179.153 +@ IN TXT "v=spf1 mx mx:casperlefantom.net mx:jaysfoodventure.com ip4:82.247.103.117 ip6:2a01:e35:2f76:7750::4 -all" home IN A 192.168.0.25 @@ -43,23 +43,36 @@ www IN A 51.15.179.153 * IN CNAME www +_adsp._domainkey IN TXT "dkim=all" +_dmarc IN TXT "v=DMARC1;p=reject;sp=reject;adkim=r;aspf=r" +201708._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; s=email; " + "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9MR0U/PzpSihX+jM1STQm+oFrOh4R/XL9eIHVu9knK0VzxuuQ6Bz/0FAJOMZu1dj5u+wm+z+vNe4f7Qr7RSnqvfwjZjLXodSNhz99Cpe/4IzOT68uciL3H6CCc7e0ZzcPs+GX4rLd8XOSIK188OfK7b+m13gw008cOyhjUzySnVAoO1judRa7tT3k9fufsS7t1XPmY7ClnSGak" + "PfpIqDL0LH2+5qjs1EpwzjFJiHeGF32DSGUFAsKGY7D40IbULFiY0/z9F710GZpfkrKqs0Lt2L9LE0L8cy1YvsrCQO/7NMyOE1jUV3ykxV75H2X483AjSDjnymsisogP+976hIvO2CFsj6rKXWCh//xrTDsDD9d86L8zbZHzCKfa0A8MIod50PZl+G6uX1hDENgcrxvF/ftWo3qwUp6cYZ8iAR5G0s45Y6WGa3ebNagCKyDcJMQGS2JpLq" + "IyAem1/kdOOCw47yYzGmZtIzBNYHJyWeSS7c4SUZNDjR09az+jPH5ZEpti7kJywHDtFvunLTohGLy+RtKrm7o23SY2aBpF4yYHcBFcQIlgPSOEXK0nXVDNlQbRPLsFsT3JKRVBAOSEjGjpYsv6vetSthnxigfWOD3QUQ+qEAUtrGf9d20xhrm0DB5ezs67Ty4pJL2swun8XlKPMmD+lHX0Qfy6Djegr1uvMCAwEAAQ==" ) ; ----- DKIM key 201708 for casperlefantom.net + + ns1 IN A 82.247.103.117 ns1 IN AAAA 2a01:e35:2f76:7750::4 +ns1 IN TXT "d72vewh3wa4lwpaj.onion" nsa IN A 82.247.103.117 nsa IN AAAA 2a01:e35:2f76:7750::4 +nsa IN TXT "d72vewh3wa4lwpaj.onion" ntp1 IN A 82.247.103.117 ntp1 IN AAAA 2a01:e35:2f76:7750::4 lancaster IN A 82.247.103.117 lancaster IN AAAA 2a01:e35:2f76:7750::4 +lancaster IN TXT "d72vewh3wa4lwpaj.onion" manchester IN A 82.247.103.117 manchester IN AAAA 2a01:e35:2f76:7750::4 +manchester IN TXT "d72vewh3wa4lwpaj.onion" mail IN A 82.247.103.117 mail IN AAAA 2a01:e35:2f76:7750::4 +mail IN TXT "v=spf1 a a:mail.casperlefantom.net ip4:82.247.103.117 ip6:2a01:e35:2f76:7750::4 -all" smtp IN A 82.247.103.117 smtp IN AAAA 2a01:e35:2f76:7750::4 @@ -68,10 +81,12 @@ voip IN A 82.247.103.117 voip IN AAAA 2a01:e35:2f76:7750::4 dl IN A 51.15.179.153 +dl IN TXT "mwyjtiphky5em4yp.onion" mirror IN A 82.247.103.117 mirror IN AAAA 2a01:e35:2f76:7750::4 +mirror IN TXT "pmstfd4f6s5bm2xq.onion" jabber IN A 82.247.103.117 @@ -88,9 +103,11 @@ ssl IN AAAA 2a01:e35:2f76:7750::4 ns2 IN A 109.238.2.79 ns2 IN AAAA 2a00:c70:1:109:238:2:79:c0de +ns2 IN TXT "qunkjql4sgxnb6vr.onion" nsb IN A 109.238.2.79 nsb IN AAAA 2a00:c70:1:109:238:2:79:c0de +nsb IN TXT "qunkjql4sgxnb6vr.onion" ntp2 IN A 109.238.2.79 ntp2 IN AAAA 2a00:c70:1:109:238:2:79:c0de @@ -99,22 +116,28 @@ bank IN A 82.247.103.117 bank IN AAAA 2a01:e35:2f76:7750::4 blog IN A 51.15.179.153 +blog IN TXT "d72vewh3wa4lwpaj.onion" 111281hpv002079 IN A 109.238.2.79 111281hpv002079 IN AAAA 2a00:c70:1:109:238:2:79:c0de +111281hpv002079 IN TXT "qunkjql4sgxnb6vr.onion" vps128389 IN A 176.31.191.26 vps128389 IN AAAA 2001:41d0:52:100::f2 +vps128389 IN TXT "gfuzfrkr6mg47ktw.onion" sd-129211 IN A 51.15.179.153 +sd-129211 IN TXT "bpr7drsao5vozzr5.onion" ns3 IN A 176.31.191.26 ns3 IN AAAA 2001:41d0:52:100::f2 +ns3 IN TXT "gfuzfrkr6mg47ktw.onion" nsc IN A 176.31.191.26 nsc IN AAAA 2001:41d0:52:100::f2 +nsc IN TXT "gfuzfrkr6mg47ktw.onion" ntp3 IN A 176.31.191.26 ntp3 IN AAAA 2001:41d0:52:100::f2 @@ -123,48 +146,11 @@ rtig IN A 51.15.179.153 ns4 IN A 51.15.179.153 +ns4 IN TXT "bpr7drsao5vozzr5.onion" nsd IN A 51.15.179.153 +nsd IN TXT "bpr7drsao5vozzr5.onion" ntp4 IN A 51.15.179.153 - - -casperlefantom.net. TXT "v=spf1 mx mx:casperlefantom.net mx:jaysfoodventure.com ip4:82.247.103.117 ip6:2a01:e35:2f76:7750::4 -all" -mail.casperlefantom.net. TXT "v=spf1 a a:mail.casperlefantom.net ip4:82.247.103.117 ip6:2a01:e35:2f76:7750::4 -all" - - -201708._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; s=email; " - "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9MR0U/PzpSihX+jM1STQm+oFrOh4R/XL9eIHVu9knK0VzxuuQ6Bz/0FAJOMZu1dj5u+wm+z+vNe4f7Qr7RSnqvfwjZjLXodSNhz99Cpe/4IzOT68uciL3H6CCc7e0ZzcPs+GX4rLd8XOSIK188OfK7b+m13gw008cOyhjUzySnVAoO1judRa7tT3k9fufsS7t1XPmY7ClnSGak" - "PfpIqDL0LH2+5qjs1EpwzjFJiHeGF32DSGUFAsKGY7D40IbULFiY0/z9F710GZpfkrKqs0Lt2L9LE0L8cy1YvsrCQO/7NMyOE1jUV3ykxV75H2X483AjSDjnymsisogP+976hIvO2CFsj6rKXWCh//xrTDsDD9d86L8zbZHzCKfa0A8MIod50PZl+G6uX1hDENgcrxvF/ftWo3qwUp6cYZ8iAR5G0s45Y6WGa3ebNagCKyDcJMQGS2JpLq" - "IyAem1/kdOOCw47yYzGmZtIzBNYHJyWeSS7c4SUZNDjR09az+jPH5ZEpti7kJywHDtFvunLTohGLy+RtKrm7o23SY2aBpF4yYHcBFcQIlgPSOEXK0nXVDNlQbRPLsFsT3JKRVBAOSEjGjpYsv6vetSthnxigfWOD3QUQ+qEAUtrGf9d20xhrm0DB5ezs67Ty4pJL2swun8XlKPMmD+lHX0Qfy6Djegr1uvMCAwEAAQ==" ) ; ----- DKIM key 201708 for casperlefantom.net - - -_dmarc IN TXT "v=DMARC1;p=reject;sp=reject;adkim=r;aspf=r" - - -_adsp._domainkey IN TXT "dkim=all" - - -blog.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" - -dl.casperlefantom.net. TXT "mwyjtiphky5em4yp.onion" -mirror.casperlefantom.net. TXT "pmstfd4f6s5bm2xq.onion" - -ns1.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" -nsa.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" -lancaster.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" -manchester.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" - -ns2.casperlefantom.net. TXT "qunkjql4sgxnb6vr.onion" -nsb.casperlefantom.net. TXT "qunkjql4sgxnb6vr.onion" -111281hpv002079.casperlefantom.net. TXT "qunkjql4sgxnb6vr.onion" - -ns3.casperlefantom.net. TXT "gfuzfrkr6mg47ktw.onion" -nsc.casperlefantom.net. TXT "gfuzfrkr6mg47ktw.onion" -vps128389.casperlefantom.net. TXT "gfuzfrkr6mg47ktw.onion" - -ns4.casperlefantom.net. TXT "bpr7drsao5vozzr5.onion" -nsd.casperlefantom.net. TXT "bpr7drsao5vozzr5.onion" -sd-38449.casperlefantom.net. TXT "bpr7drsao5vozzr5.onion" diff --git a/roles/dnsserver/files/home.casperlefantom.net.zone b/roles/dnsserver/files/home.casperlefantom.net.zone index f9eab77..9adbfc7 100644 --- a/roles/dnsserver/files/home.casperlefantom.net.zone +++ b/roles/dnsserver/files/home.casperlefantom.net.zone @@ -1,6 +1,6 @@ $ttl 86400 home.casperlefantom.net. IN SOA ns.home.casperlefantom.net. hostmaster.casperlefantom.net. ( -2017062200 +2017081201 10800 3600 604800 @@ -16,11 +16,14 @@ ns IN AAAA 2a01:e35:2f76:7750::4 lancaster IN A 192.168.0.25 lancaster IN AAAA 2a01:e35:2f76:7750::4 +lancaster IN TXT "d72vewh3wa4lwpaj.onion" manchester IN A 192.168.0.25 manchester IN AAAA 2a01:e35:2f76:7750::4 +manchester IN TXT "d72vewh3wa4lwpaj.onion" * IN CNAME manchester blackbird IN A 10.42.0.51 +blackbird IN TXT "onc27ga76nsdpmwc.onion" mosquito IN A 192.168.0.52 @@ -28,6 +31,7 @@ mosquito IN AAAA 2a01:e35:2f76:7750::3 falcon IN A 192.168.0.54 falcon IN AAAA 2a01:e35:2f76:7750::5 +falcon IN TXT "3bt4evcfdlpiewcp.onion" vm01 IN A 192.168.0.60 vm01 IN AAAA 2a01:e35:2f76:7750::10 @@ -43,11 +47,3 @@ mirror IN AAAA 2a01:e35:2f76:7750::4 voip IN A 192.168.0.25 voip IN AAAA 2a01:e35:2f76:7750::4 - - -lancaster.home.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" -manchester.home.casperlefantom.net. TXT "d72vewh3wa4lwpaj.onion" - -blackbird.home.casperlefantom.net. TXT "onc27ga76nsdpmwc.onion" - -falcon.home.casperlefantom.net. TXT "3bt4evcfdlpiewcp.onion" diff --git a/roles/dnsserver/files/jaysfoodventure.com.zone b/roles/dnsserver/files/jaysfoodventure.com.zone index 62a81d5..f89b39d 100644 --- a/roles/dnsserver/files/jaysfoodventure.com.zone +++ b/roles/dnsserver/files/jaysfoodventure.com.zone @@ -1,6 +1,6 @@ $ttl 86400 jaysfoodventure.com. IN SOA nsa.jaysfoodventure.com. hostmaster.jaysfoodventure.com. ( -2017081200 ; serial number +2017081201 ; serial number 10800 ; refresh 3600 ; retry 1209600 ; expire @@ -12,8 +12,8 @@ jaysfoodventure.com. IN SOA nsa.jaysfoodventure.com. hostmaster.jaysfoodventure. @ IN NS nsd.jaysfoodventure.com. @ IN MX 10 mail.casperlefantom.net. - @ IN A 51.15.179.153 +@ IN TXT "v=spf1 redirect=casperlefantom.net" admin IN CNAME jaysfoodventure.com. @@ -23,10 +23,19 @@ eat IN CNAME jaysfoodventure.com. me IN CNAME jaysfoodventure.com. static IN CNAME jaysfoodventure.com. + www IN A 51.15.179.153 * IN CNAME www +_adsp._domainkey IN TXT "dkim=all" +_dmarc IN TXT "v=DMARC1;p=reject;sp=reject;adkim=r;aspf=r" +201708._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; s=email; " + "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3yavfAwZl2xEsTVzpH9IC/bIdzJB0am0f7wxOLoEii0AdxOh8/Tia5qqyPpOExepS5CugvY7drzXIZJafcsyasrs3tOwI6WafGeFl9jtiE+0iTMKMK6jNHRq91gLgBLfflBomVNtbKyDw9Agz1ABIvs7ASGJAHzBhY16N4BDYIE6HTMQNd9ocghbUtKexp4GAdA7Vlr7iR88KV" + "5EfTxSPRY5Pfs4XdXw+/So5QAB4eHo+fTexdcT3M+7de0Fv8jCeGrRPCfn3319W6xQgHA9GeLc1u5au56qmCo4o6nGh3mCxYQVgutRBbyM3Q8mY5I+KnKFR6u69Edb8lZrdaE2qcTtrzd0FdOUXJWO2sX1EesVNPC78Tz2XzqsfQJXH8pAtiymKCuG7pXJ6rTs0g7/yJIw179+40f1hc09El6DhJLlnnl05EayLTedULhkGCEkoUNNsizB" + "rF/Jb5ELfB2Fc2J4vIBfLHnRfLOBB13fNYmAtyShB9edhQDd/AnoGs37ymAkYK3PdDfdr9urjFroITaIa438UWU/ip5gYCk+23seT5bIkLsXUH7preUE7+K8pkSkF6oQR8V22B/kZX7GxkQEKAuuKTBzNTlDBp2ycJoOLyFGCWQZlnCKhCptzMPqEYd5mk4Ty9iB42/mYeSEMvFIs9luxgWYNAVCqLU0uhcCAwEAAQ==" ) ; ----- DKIM key 201708 for jaysfoodventure.com + + ns1 IN A 82.247.103.117 ns1 IN AAAA 2a01:e35:2f76:7750::4 nsa IN A 82.247.103.117 @@ -47,17 +56,3 @@ nsc IN AAAA 2001:41d0:52:100::f2 ns4 IN A 51.15.179.153 nsd IN A 51.15.179.153 - - -jaysfoodventure.com. TXT "v=spf1 redirect=casperlefantom.net" - - -201708._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; s=email; " - "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3yavfAwZl2xEsTVzpH9IC/bIdzJB0am0f7wxOLoEii0AdxOh8/Tia5qqyPpOExepS5CugvY7drzXIZJafcsyasrs3tOwI6WafGeFl9jtiE+0iTMKMK6jNHRq91gLgBLfflBomVNtbKyDw9Agz1ABIvs7ASGJAHzBhY16N4BDYIE6HTMQNd9ocghbUtKexp4GAdA7Vlr7iR88KV" - "5EfTxSPRY5Pfs4XdXw+/So5QAB4eHo+fTexdcT3M+7de0Fv8jCeGrRPCfn3319W6xQgHA9GeLc1u5au56qmCo4o6nGh3mCxYQVgutRBbyM3Q8mY5I+KnKFR6u69Edb8lZrdaE2qcTtrzd0FdOUXJWO2sX1EesVNPC78Tz2XzqsfQJXH8pAtiymKCuG7pXJ6rTs0g7/yJIw179+40f1hc09El6DhJLlnnl05EayLTedULhkGCEkoUNNsizB" - "rF/Jb5ELfB2Fc2J4vIBfLHnRfLOBB13fNYmAtyShB9edhQDd/AnoGs37ymAkYK3PdDfdr9urjFroITaIa438UWU/ip5gYCk+23seT5bIkLsXUH7preUE7+K8pkSkF6oQR8V22B/kZX7GxkQEKAuuKTBzNTlDBp2ycJoOLyFGCWQZlnCKhCptzMPqEYd5mk4Ty9iB42/mYeSEMvFIs9luxgWYNAVCqLU0uhcCAwEAAQ==" ) ; ----- DKIM key 201708 for jaysfoodventure.com - - -_dmarc IN TXT "v=DMARC1;p=reject;sp=reject;adkim=r;aspf=r" - -_adsp._domainkey IN TXT "dkim=all" diff --git a/roles/dnsserver/files/vpn.casperlefantom.net.zone b/roles/dnsserver/files/vpn.casperlefantom.net.zone index cead710..1b7b0e5 100644 --- a/roles/dnsserver/files/vpn.casperlefantom.net.zone +++ b/roles/dnsserver/files/vpn.casperlefantom.net.zone @@ -1,6 +1,6 @@ $ttl 86400 vpn.casperlefantom.net. IN SOA nsa.vpn.casperlefantom.net. hostmaster.casperlefantom.net. ( -2016120402 +2017081200 10800 3600 604800 @@ -14,7 +14,7 @@ vpn.casperlefantom.net. IN SOA nsa.vpn.casperlefantom.net. hostmaster.casperlefa nsa IN A 172.18.2.0 nsb IN A 172.18.3.0 -sd-38449 IN A 172.18.2.0 -* IN CNAME sd-38449 +sd-129211 IN A 172.18.2.0 +* IN CNAME sd-129211 vps128389 IN A 172.18.3.0 -- cgit