From 71dfbbe0291218bcb3ffaa9997d8aaf6d98a3259 Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Thu, 22 Feb 2018 00:25:36 +0800 Subject: role/dns: configure NSD as the stealth master with 2 domains * Add "network" and "nsd" variables * Install and configure NSD as the authoritative stealth master server * Allow notify and transfer to slave masters: - freedns.afraid.org - 1984hosting.com * Add preliminary zone files for domains: - 233233.xyz - 1314233.xyz --- roles/dns/templates/zones/233233.xyz.zone.j2 | 38 ++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 roles/dns/templates/zones/233233.xyz.zone.j2 (limited to 'roles/dns/templates/zones/233233.xyz.zone.j2') diff --git a/roles/dns/templates/zones/233233.xyz.zone.j2 b/roles/dns/templates/zones/233233.xyz.zone.j2 new file mode 100644 index 0000000..9a71750 --- /dev/null +++ b/roles/dns/templates/zones/233233.xyz.zone.j2 @@ -0,0 +1,38 @@ +$ORIGIN 233233.xyz. +$TTL 1h + +; WARNING: +; A CNAME record is NOT allowed to coexist with *any other* data! +; Therefore one can't have a CNAME Record at the zone root, because +; the zone root must have two mandatory records: SOA and NS. +; +; According to the specification: if a CNAME RR is present at a node, +; no other data should be present; this ensures that the data for a +; canonical name and its aliases cannot be different. This rule also +; insures that a cached CNAME can be used without checking with an +; authoritative server for other RR types. + +@ IN SOA ns.233233.xyz. admin.233233.xyz. ( + 2018022123 ; serial number + 1d ; refresh + 2h ; retry + 4w ; expire + 1h ; minimum TTL + ) + +@ IN NS ns2.afraid.org. + +;@ IN MX 10 mail.233233.xyz. + +@ IN A {{ network.ipv4.address }} +@ IN AAAA {{ network.ipv6.address }} +;mail IN A {{ network.ipv4.address }} +;mail IN AAAA {{ network.ipv6.address }} + +www IN CNAME @ +g IN CNAME @ +zw IN CNAME @ + +;@ IN TXT "v=spf1 mx -all" + +; vim: set ft=bindzone : -- cgit v1.2.2