Eventually maybe I should avoid private IP space in the public zone, but we
already have a bunch so this isn't adding a lot more.
update-policy {
grant * selfsub * A TXT;
grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.duck-dacha.dynamic.dehnerts.com TXT;
update-policy {
grant * selfsub * A TXT;
grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.duck-dacha.dynamic.dehnerts.com TXT;
+ grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.homeassistant.dynamic.dehnerts.com TXT;
+ grant adehnert-pi4.dynamic.dehnerts.com name _acme-challenge.pihole.dynamic.dehnerts.com TXT;
};
allow-transfer { "transfer-allowed"; };
allow-query { any; };
};
allow-transfer { "transfer-allowed"; };
allow-query { any; };
$TTL 300
@ IN SOA ns root (
$TTL 300
@ IN SOA ns root (
4h ; slave refresh
15m ; slave retry time in case of a problem
4w ; slave expiration time
4h ; slave refresh
15m ; slave retry time in case of a problem
4w ; slave expiration time
soviet-russia IN A 73.219.64.71
; external IP for Duck Dacha(?)
duck-dacha IN A 130.44.166.3
soviet-russia IN A 73.219.64.71
; external IP for Duck Dacha(?)
duck-dacha IN A 130.44.166.3
-_acme-challenge.duck-dacha IN CNAME _acme-challenge.duck-dacha.dynamic
-_acme-challenge.adehnert-pi4 IN CNAME _acme-challenge.adehnert-pi4.dynamic
+adehnert-pi4 IN A 192.168.3.10
+homeassistant IN CNAME adehnert-pi4
+pihole IN CNAME adehnert-pi4
+_acme-challenge.adehnert-pi4 IN CNAME _acme-challenge.adehnert-pi4.dynamic
+_acme-challenge.duck-dacha IN CNAME _acme-challenge.duck-dacha.dynamic
+_acme-challenge.homeassistant IN CNAME _acme-challenge.homeassistant.dynamic
+_acme-challenge.pihole IN CNAME _acme-challenge.pihole.dynamic
dd-printer IN A 192.168.2.11
tikal IN A 192.168.1.27
dd-printer IN A 192.168.2.11
tikal IN A 192.168.1.27