sysconfig/bind.git
2 weeks agoRefactor primary dynDNS config into a shared file master
Alex Dehnert [Fri, 19 Jun 2026 19:28:19 +0000 (19:28 +0000)]
Refactor primary dynDNS config into a shared file

We only really expect one primary at a time, but during setup it's handy to be
able to just include one file rather than copying a bunch of lines of config
over. (It might be easier yet if Salt just generated permissions lines and the
various ACME certs required were in Salt's VCS rather than this one.)

2 weeks agoRename per-host files chankillo
Alex Dehnert [Fri, 19 Jun 2026 18:10:00 +0000 (18:10 +0000)]
Rename per-host files

We're getting a bunch of per-host files (all but one of which is currently
irrelevant, admittedly), so rather than put them all at top level, put them in
a subdir.

2 weeks agoStart using proxy because of imminent MIT firewall
Alex Dehnert [Tue, 16 Jun 2026 04:50:08 +0000 (04:50 +0000)]
Start using proxy because of imminent MIT firewall

2 weeks agoInstall paperless (doc manager) on evora
Alex Dehnert [Tue, 16 Jun 2026 01:46:27 +0000 (01:46 +0000)]
Install paperless (doc manager) on evora

3 weeks agoRemove Linode IP since I've been re-creating the VM
Alex Dehnert [Mon, 8 Jun 2026 13:12:01 +0000 (13:12 +0000)]
Remove Linode IP since I've been re-creating the VM

Also I don't think it runs any services that need remote access (except SSH,
and now I'm mostly using Tailscale).

5 months agoUpdate home IP
Alex Dehnert [Wed, 14 Jan 2026 15:47:05 +0000 (15:47 +0000)]
Update home IP

5 months agoUpdate Linode ACL
Alex Dehnert [Wed, 14 Jan 2026 15:46:39 +0000 (15:46 +0000)]
Update Linode ACL

6 months agoMigrated Unifi controller to evora
Alex Dehnert [Sun, 7 Dec 2025 23:22:40 +0000 (23:22 +0000)]
Migrated Unifi controller to evora

8 months agoAdd DKIM key for Mailman to use for ARC
Alex Dehnert [Sun, 19 Oct 2025 03:02:00 +0000 (03:02 +0000)]
Add DKIM key for Mailman to use for ARC

12 months agoFutz with public IP for vault
Alex Dehnert [Wed, 18 Jun 2025 19:58:00 +0000 (19:58 +0000)]
Futz with public IP for vault

17 months agoAdd a record for the Guild printer for the 10-day
Alex Dehnert [Sat, 1 Feb 2025 03:41:56 +0000 (03:41 +0000)]
Add a record for the Guild printer for the 10-day

2 years agoSet up DNS for evora (internal)
Alex Dehnert [Fri, 7 Jun 2024 05:48:11 +0000 (05:48 +0000)]
Set up DNS for evora (internal)

2 years agoRemove TPOP printer now that game is over
Alex Dehnert [Sat, 10 Feb 2024 06:27:29 +0000 (06:27 +0000)]
Remove TPOP printer now that game is over

This mostly reverts commit c1d2682773ffb55595b69454bb7b985f7adc81f0.

2 years agoAdd TPOP printer
Alex Dehnert [Sat, 10 Feb 2024 06:27:15 +0000 (06:27 +0000)]
Add TPOP printer

2 years agoSet up SendGrid via GCP
Alex Dehnert [Mon, 29 Jan 2024 06:38:52 +0000 (06:38 +0000)]
Set up SendGrid via GCP

2 years agoPrinter has a wired and wireless name&IP now
Alex Dehnert [Fri, 29 Dec 2023 22:34:57 +0000 (22:34 +0000)]
Printer has a wired and wireless name&IP now

2 years agoMigrate zulip to chankillo and fix DNS issues
Alex Dehnert [Mon, 31 Jul 2023 21:54:27 +0000 (21:54 +0000)]
Migrate zulip to chankillo and fix DNS issues

- Update `zulip` DNS to point at chankillo and support the DNS-01 challenge for
  wildcard certs
- MxToolbox identifies some issues, and they mostly seem fairly harmless, but
  also fairly harmless to fix, and making MxToolbox alerting more useful is
  good:
  - Use ns1, not ns, as the primary nameserver in the zone
  - Remove Linode nameserver that shares a subnet with another one
  - Remove ns3 (olinda), which isn't running right now and is on the same
    subnet as ns1 (chankillo)

2 years agoSwap over email to chankillo
Alex Dehnert [Thu, 27 Jul 2023 18:27:52 +0000 (18:27 +0000)]
Swap over email to chankillo

2 years agoNotify secondaries for dehnerts.com
Alex Dehnert [Thu, 27 Jul 2023 18:27:25 +0000 (18:27 +0000)]
Notify secondaries for dehnerts.com

This probably speeds up change propagation

2 years agoRefactor list of IPs for masters and ACLs
Alex Dehnert [Thu, 27 Jul 2023 18:27:06 +0000 (18:27 +0000)]
Refactor list of IPs for masters and ACLs

2 years agoContinue swapping DNS primary over to chankillo
Alex Dehnert [Thu, 27 Jul 2023 17:18:13 +0000 (13:18 -0400)]
Continue swapping DNS primary over to chankillo

2 years agochankillo dyndns setup
Alex Dehnert [Thu, 27 Jul 2023 16:56:48 +0000 (16:56 +0000)]
chankillo dyndns setup

2 years agochankillo migration continues
Alex Dehnert [Thu, 27 Jul 2023 03:00:41 +0000 (23:00 -0400)]
chankillo migration continues

New nameservers, remove hostnames corresponding to olinda-only services, switch
some over to chankillo, etc.

2 years agoProgress towards setting up chankillo
Alex Dehnert [Tue, 18 Jul 2023 14:19:38 +0000 (10:19 -0400)]
Progress towards setting up chankillo

2 years agoAdd chankillo server config
Alex Dehnert [Tue, 18 Jul 2023 14:20:16 +0000 (14:20 +0000)]
Add chankillo server config

2 years agoIgnore dpkg files
Alex Dehnert [Thu, 25 May 2023 07:01:41 +0000 (07:01 +0000)]
Ignore dpkg files

2 years agoNew server config for test server
Alex Dehnert [Thu, 25 May 2023 07:01:32 +0000 (07:01 +0000)]
New server config for test server

3 years agoRemove a bunch of hostnames that haven't been used in years
Alex Dehnert [Sun, 11 Jun 2023 19:05:54 +0000 (15:05 -0400)]
Remove a bunch of hostnames that haven't been used in years

3 years agoAdd new machines
Alex Dehnert [Sun, 11 Jun 2023 19:00:38 +0000 (15:00 -0400)]
Add new machines

3 years agoAdd linode, update augsburg IP
Alex Dehnert [Mon, 29 May 2023 04:56:56 +0000 (00:56 -0400)]
Add linode, update augsburg IP

3 years agoAllow Linode to act as a secondary DNS server
Alex Dehnert [Mon, 29 May 2023 04:55:27 +0000 (00:55 -0400)]
Allow Linode to act as a secondary DNS server

3 years agoMore testing hosts
Alex Dehnert [Tue, 23 May 2023 20:45:04 +0000 (16:45 -0400)]
More testing hosts

3 years agoAdd new `xidi` host
Alex Dehnert [Wed, 10 May 2023 05:34:29 +0000 (01:34 -0400)]
Add new `xidi` host

3 years agoAdd unifi hostname and cert permissions
Alex Dehnert [Tue, 4 Apr 2023 19:00:23 +0000 (15:00 -0400)]
Add unifi hostname and cert permissions

3 years agorpi: Add internal utility names
Alex Dehnert [Mon, 21 Nov 2022 04:04:45 +0000 (23:04 -0500)]
rpi: Add internal utility names

Eventually maybe I should avoid private IP space in the public zone, but we
already have a bunch so this isn't adding a lot more.

3 years agomail: Add DKIM and DMARC config
Alex Dehnert [Sun, 10 Jul 2022 23:16:20 +0000 (19:16 -0400)]
mail: Add DKIM and DMARC config

3 years agomail: Add an SPF record
Alex Dehnert [Sun, 10 Jul 2022 08:15:45 +0000 (04:15 -0400)]
mail: Add an SPF record

3 years agomail: Add "pop", not just "*.pop"
Alex Dehnert [Sun, 10 Jul 2022 08:15:28 +0000 (04:15 -0400)]
mail: Add "pop", not just "*.pop"

3 years agoAdd a *.pop hostname to use with GMail
Alex Dehnert [Sat, 9 Jul 2022 19:20:50 +0000 (15:20 -0400)]
Add a *.pop hostname to use with GMail

4 years agoAdd squaresdb-google name
Alex Dehnert [Fri, 18 Feb 2022 04:15:41 +0000 (23:15 -0500)]
Add squaresdb-google name

4 years agoAdd Zulip records
Alex Dehnert [Mon, 27 Sep 2021 02:56:49 +0000 (22:56 -0400)]
Add Zulip records

5 years agoEnable ACME DNS challenges for squaresdb
Alex Dehnert [Sat, 19 Jun 2021 23:06:06 +0000 (19:06 -0400)]
Enable ACME DNS challenges for squaresdb

5 years agoUpdate Duck Dacha's external IP
Alex Dehnert [Fri, 21 May 2021 17:39:45 +0000 (13:39 -0400)]
Update Duck Dacha's external IP

5 years agoSet up acme challenges for duck-dacha/adehnert-pi4
Alex Dehnert [Thu, 29 Apr 2021 00:20:36 +0000 (20:20 -0400)]
Set up acme challenges for duck-dacha/adehnert-pi4

5 years agoAdd adehnert-roost-api to dehnerts.com
Alex Dehnert [Sat, 20 Feb 2021 22:30:03 +0000 (17:30 -0500)]
Add adehnert-roost-api to dehnerts.com

It's a little redundant, but it's probably convenient to have mit.edu and
dehnerts.com match.

5 years agoSwitch to newer MIT nameservers
Alex Dehnert [Fri, 29 Jan 2021 18:43:32 +0000 (13:43 -0500)]
Switch to newer MIT nameservers

I'm not sure that doing forwarding actually makes sense for my bind, but I'm
not changing it for the moment...

5 years agoAdd virunga/vault hostnames
Alex Dehnert [Sun, 10 Jan 2021 07:57:22 +0000 (02:57 -0500)]
Add virunga/vault hostnames

5 years agoDelegate dns-01 hostname for roost-api
Alex Dehnert [Wed, 9 Dec 2020 00:56:49 +0000 (19:56 -0500)]
Delegate dns-01 hostname for roost-api

5 years agoAdd adehnert-test-b entry (including for LE dns-01)
Alex Dehnert [Fri, 27 Nov 2020 23:42:26 +0000 (18:42 -0500)]
Add adehnert-test-b entry (including for LE dns-01)

5 years agoPoint roost-api back at adehnert-roost-api again
Alex Dehnert [Fri, 27 Nov 2020 06:52:02 +0000 (01:52 -0500)]
Point roost-api back at adehnert-roost-api again

5 years agoTemporarily point roost-api at olinda to get a cert
Alex Dehnert [Fri, 27 Nov 2020 02:23:58 +0000 (21:23 -0500)]
Temporarily point roost-api at olinda to get a cert

5 years agoAdd wieliczka+salt to dehnerts.com zone
Alex Dehnert [Sun, 22 Nov 2020 03:37:37 +0000 (22:37 -0500)]
Add wieliczka+salt to dehnerts.com zone

5 years agoAdd internal printer IP
Alex Dehnert [Sat, 21 Nov 2020 04:07:17 +0000 (23:07 -0500)]
Add internal printer IP

5 years agoAdd IP for Duck Dacha (perhaps yet to be renamed)
Alex Dehnert [Thu, 6 Aug 2020 16:20:50 +0000 (12:20 -0400)]
Add IP for Duck Dacha (perhaps yet to be renamed)

6 years agoUpdate soviet-russia's external IP
Alex Dehnert [Tue, 7 Apr 2020 06:11:58 +0000 (02:11 -0400)]
Update soviet-russia's external IP

6 years agoAdd a CNAME from the main zone for lushan-monitor
Alex Dehnert [Fri, 7 Feb 2020 05:16:08 +0000 (00:16 -0500)]
Add a CNAME from the main zone for lushan-monitor

6 years agoSend notifies to the (currently) hidden secondaries for dynamic.dehnerts
Alex Dehnert [Fri, 7 Feb 2020 05:10:17 +0000 (00:10 -0500)]
Send notifies to the (currently) hidden secondaries for dynamic.dehnerts

6 years agoFix secondary config for dynamic.dehnerts on XVM
Alex Dehnert [Fri, 7 Feb 2020 04:42:45 +0000 (23:42 -0500)]
Fix secondary config for dynamic.dehnerts on XVM

6 years agoBetter version-control per-server config
Alex Dehnert [Fri, 7 Feb 2020 04:24:38 +0000 (23:24 -0500)]
Better version-control per-server config

Also, make adehnert3.xvm a secondary for dynamic.dehnerts.com. It won't be
updated directly, but if olinda goes down, at least there will be a machine
that has the zone data available.

6 years agoReenable dehnert.arctic.org and add a DNAME in dynamic.dehnert.arctic.org
Alex Dehnert [Tue, 29 Oct 2019 16:52:35 +0000 (12:52 -0400)]
Reenable dehnert.arctic.org and add a DNAME in dynamic.dehnert.arctic.org

*.dynamic.dehnert.arctic.org should behave just like *.dynamic.dehnerts.com,
without needing to do dynamic updates for both.

6 years agoAlso allow updating TXT records
Alex Dehnert [Sat, 12 Oct 2019 20:15:26 +0000 (16:15 -0400)]
Also allow updating TXT records

Useful for certs and just general notes.

6 years agoIgnore some files for dynamic updates
Alex Dehnert [Sat, 31 Aug 2019 00:23:22 +0000 (20:23 -0400)]
Ignore some files for dynamic updates

6 years agoDynamic zone updates, first pass
Alex Dehnert [Sat, 31 Aug 2019 00:22:42 +0000 (20:22 -0400)]
Dynamic zone updates, first pass

6 years agoOops, fix olinda's IP in dehnerts.com record
Alex Dehnert [Wed, 14 Aug 2019 05:30:40 +0000 (01:30 -0400)]
Oops, fix olinda's IP in dehnerts.com record

6 years agoAdd new charon4 IP
Alex Dehnert [Fri, 2 Aug 2019 16:47:55 +0000 (12:47 -0400)]
Add new charon4 IP

6 years agoAdd some new squares-related hostnames
Alex Dehnert [Fri, 2 Aug 2019 16:46:02 +0000 (12:46 -0400)]
Add some new squares-related hostnames

7 years agoNew masada IP
Alex Dehnert [Tue, 25 Jun 2019 15:50:03 +0000 (11:50 -0400)]
New masada IP

7 years agoAnother serial bump
Alex Dehnert [Tue, 25 Jun 2019 04:23:27 +0000 (00:23 -0400)]
Another serial bump

7 years agoBump serial to encourage replication
Alex Dehnert [Fri, 14 Jun 2019 01:04:19 +0000 (21:04 -0400)]
Bump serial to encourage replication

7 years agoNew IP for olinda
Alex Dehnert [Fri, 14 Jun 2019 00:31:12 +0000 (20:31 -0400)]
New IP for olinda

7 years agoAdded NS record and SquaresDB hostnames
Alex Dehnert [Thu, 13 Jun 2019 03:46:10 +0000 (23:46 -0400)]
Added NS record and SquaresDB hostnames

olinda's IP is changing (... again), and it seems wise to just include
"olinda.mit.edu" as an NS record, since that's probably relatively stable...

7 years agoConfig changes from 18.04 upgrade?
Alex Dehnert [Thu, 13 Jun 2019 03:45:45 +0000 (23:45 -0400)]
Config changes from 18.04 upgrade?

7 years agoMore RPi-related hostnames
Alex Dehnert [Fri, 8 Mar 2019 09:00:03 +0000 (04:00 -0500)]
More RPi-related hostnames

7 years agoGitLab verification code
Alex Dehnert [Mon, 31 Dec 2018 09:11:37 +0000 (04:11 -0500)]
GitLab verification code

7 years agoMove logs to someplace apparmor allows by default
Alex Dehnert [Wed, 19 Dec 2018 05:36:52 +0000 (00:36 -0500)]
Move logs to someplace apparmor allows by default

Logging still doesn't seem to work on adehnert3.xvm, though.

7 years agoUpdate transfer/notify config
Alex Dehnert [Wed, 19 Dec 2018 05:34:28 +0000 (00:34 -0500)]
Update transfer/notify config

- Add charon4 to the set of allowed transferers
- Use a named ACL, rather than listing the full set twice
- Comment the different allowed IPs with what they are
- Enable notifications (or at least don't explicitly disable them) so changes
  propagate faster

7 years agoRemove some (but by no means all) outdated names
Alex Dehnert [Wed, 19 Dec 2018 05:32:00 +0000 (00:32 -0500)]
Remove some (but by no means all) outdated names

Mostly killing the ones that don't work now and seem *very* unlikely to come
back ever.

7 years agoNewer root hints
Alex Dehnert [Wed, 19 Dec 2018 05:21:54 +0000 (00:21 -0500)]
Newer root hints

8 years agoAllow requests from new charon IP instead
Alex Dehnert [Wed, 25 Apr 2018 07:00:21 +0000 (03:00 -0400)]
Allow requests from new charon IP instead

8 years agoNew root keys (from package update?)
Alex Dehnert [Fri, 29 Sep 2017 16:14:41 +0000 (12:14 -0400)]
New root keys (from package update?)

8 years agoSave bind logs in a bind-writable directory
Alex Dehnert [Wed, 20 Sep 2017 06:07:45 +0000 (02:07 -0400)]
Save bind logs in a bind-writable directory

Otherwise, apparently bind can't do the log rotation. It logs an error message,
but just keeps filling the file.

9 years agoRemove uses of 18.208.* addresses
Alex Dehnert [Sat, 20 May 2017 18:51:30 +0000 (14:51 -0400)]
Remove uses of 18.208.* addresses

- Use newer olinda IP for the transfer and recursion ACLs
- remove olinda1's A record -- not much point, since it's gone
- remove persistent-dialup -- the moira record seems to be gone, and it doesn't
  seem worth resurrecting the service
- Bump serial

9 years agoPoint ns1 back at (current) olinda
Alex Dehnert [Sat, 20 May 2017 18:33:33 +0000 (14:33 -0400)]
Point ns1 back at (current) olinda

It seems that dehnert.arctic.org uses ns1.dehnerts.com, so we get SERVFAILs and
stuff if we just change the nameserver record to ns3.

9 years agoBump serial, because I bet I forgot
Alex Dehnert [Thu, 26 Jan 2017 15:29:22 +0000 (10:29 -0500)]
Bump serial, because I bet I forgot

9 years agoExcise (most) 18.208 IPs (masada and ns1)
Alex Dehnert [Wed, 18 Jan 2017 04:43:27 +0000 (23:43 -0500)]
Excise (most) 18.208 IPs (masada and ns1)

9 years agoBelatedly bump serial
Alex Dehnert [Mon, 2 Jan 2017 17:02:20 +0000 (12:02 -0500)]
Belatedly bump serial

9 years agoPoint lushan at lushan2.mit.edu, not the old host record
Alex Dehnert [Mon, 12 Dec 2016 03:50:10 +0000 (22:50 -0500)]
Point lushan at lushan2.mit.edu, not the old host record

9 years agoUpdated IP address for olinda
Alex Dehnert [Mon, 12 Dec 2016 03:49:43 +0000 (22:49 -0500)]
Updated IP address for olinda

9 years agoAdd more details to log lines (like timestamps...)
Alex Dehnert [Mon, 12 Dec 2016 03:10:28 +0000 (22:10 -0500)]
Add more details to log lines (like timestamps...)

9 years agoAdd imap.dehnerts.com, to go with *.imap.dehnerts.com
Alex Dehnert [Sun, 7 Aug 2016 03:58:58 +0000 (23:58 -0400)]
Add imap.dehnerts.com, to go with *.imap.dehnerts.com

10 years agoIgnore rndc.key
Alex Dehnert [Sat, 30 Apr 2016 16:07:25 +0000 (12:07 -0400)]
Ignore rndc.key

IIRC, it's the secret key for zone transfers or control operations or
something.

10 years agoAdd some stock files
Alex Dehnert [Sat, 30 Apr 2016 16:07:02 +0000 (12:07 -0400)]
Add some stock files

10 years agoAdd Google site verification records
Alex Dehnert [Sat, 30 Apr 2016 16:04:41 +0000 (12:04 -0400)]
Add Google site verification records

12 years agoAdd roost and roost-api hostnames
Alex Dehnert [Sat, 5 Jul 2014 21:45:32 +0000 (17:45 -0400)]
Add roost and roost-api hostnames

13 years agoChange the intervals in the SOA record
Alex Dehnert [Sun, 12 May 2013 21:30:07 +0000 (17:30 -0400)]
Change the intervals in the SOA record

Based on the example at http://en.wikipedia.org/wiki/Zone_file and explanation
at http://www.zytrax.com/books/dns/ch8/soa.html, put new expiry, refresh, etc.
intervals in the SOA record, partially to make changes quicker to make.

13 years agoAllow MIT-only recursion and add logging
Alex Dehnert [Sun, 12 May 2013 21:18:48 +0000 (17:18 -0400)]
Allow MIT-only recursion and add logging

I'm not sure what the motivation for either of these were (changes made Feb
24).

13 years agoUse persistent-dialup-ns1 in dehnerts.com
Alex Dehnert [Mon, 25 Feb 2013 04:21:42 +0000 (23:21 -0500)]
Use persistent-dialup-ns1 in dehnerts.com

MIT DNS updates slowly...

13 years agoAdd persistent-dialup zone for Linerva #1293
Alex Dehnert [Mon, 25 Feb 2013 03:39:28 +0000 (22:39 -0500)]
Add persistent-dialup zone for Linerva #1293

13 years agoAdd git hostname
Alex Dehnert [Sat, 8 Dec 2012 12:26:02 +0000 (07:26 -0500)]
Add git hostname

13 years agoMark lushan.mit.edu as an FQDN
Alex Dehnert [Wed, 7 Nov 2012 00:30:51 +0000 (19:30 -0500)]
Mark lushan.mit.edu as an FQDN

Whoops. Yay periods.