Move new bind files to playbook files dir

2024-06-18 23:26:47 +02:00 · 2024-06-18 23:26:47 +02:00 · 025f474cd0
parent 5bc038e3d2
commit 025f474cd0
4 changed files with 41 additions and 147 deletions
--- a/bind/db.golem.linux.it
+++ b/bind/db.golem.linux.it
@ -1,95 +0,0 @@
-;                    +================+
-; BIND data file for | GOLEM.LINUX.IT |
-;                    +================+
-;
-; IMPORTANT: Always remember to update the Serial number after any change,
-; otherwise new records will not be retrieved by other DNS servers,
-; and they will not propagate.
-$TTL	3600
-@	IN	SOA	ns.golem.linux.it. info.golem.linux.it. (
-                     2024060302         ; Serial
-                          14400         ; Refresh
-                          86400         ; Retry
-                         604800         ; Expire
-                          86400 )       ; Negative Cache TTL
-
-; name servers - NS records
-        IN      NS      ns.golem.linux.it.
-        IN      NS      ns.linux.it.
- 	IN	NS	ns.giomba.it.
-	IN	NS	ns.firenze.linux.it.
-
-; dynamic name server for computers in Officina
-andromeda.officina.golem.linux.it.	IN	AAAA	2001:470:c844:200:2e0:81ff:fed0:ec03
-
-; mail -- mailbox.org
-golem.linux.it.			IN	MX	10 mxext1.mailbox.org.
-golem.linux.it.			IN	MX	10 mxext2.mailbox.org.
-golem.linux.it.			IN	MX	20 mxext3.mailbox.org.
-0c11bf06d09019ef480ae8d7a6a3ebe5c269405d.golem.linux.it.  IN TXT 2593cd5dd048c3264223b52a5290fb9e0f6fedba
-golem.linux.it.			IN	TXT	"v=spf1 include:mailbox.org -all"
-golem.linux.it.			IN	A	152.228.140.73
-
-; hosts - A records
-ns.golem.linux.it.		IN	A       152.228.140.73
-ns.golem.linux.it.		IN	AAAA	2001:470:c844::11
-
-; VPS
-atena				IN	A	152.228.140.73
-atena				IN	AAAA	2001:470:c844::11
-ipv4.atena			IN	A	152.228.140.73
-ipv6.atena			IN	AAAA	2001:41d0:404:200::947f
-; use ipv4 or ipv6 to only get the ipv4 or ipv6 address -- needed for some buggy apps
-ipv4.golem.linux.it.		IN	A	    152.228.140.73
-ipv6.golem.linux.it.		IN	AAAA	2001:470:c844::11
-; "Gestionale dei soci", migrated on VPS
-argento			            IN	CNAME	atena
-
-; vital mnemonic services
-ns6.golem.linux.it.		IN	CNAME	ipv6.golem.linux.it.
-www.golem.linux.it.		IN	CNAME	golem.linux.it.
-
-; Network equipment
-porceddu.net    IN	AAAA	2001:470:c844:200::1
-scatolotto.net	IN	AAAA	2001:470:c844::200
-
-; VPN
-vpn		    IN	CNAME	ipv4.atena
-
-; web
-archivio	IN	CNAME	atena
-blog		IN	CNAME	atena
-build		IN	CNAME	atena
-cgi		    IN	CNAME	atena
-ci		    IN	CNAME	atena
-cloud		IN	CNAME	atena
-digitalecivile	IN	CNAME	atena
-git		    IN	CNAME	atena
-hub.docker	IN	CNAME	atena
-matrix		IN	CNAME	atena
-websdr		IN	CNAME	atena
-wiki		IN	CNAME	atena
-
-; servers in Officina
-backupper           		IN	AAAA	2001:470:c844:200:4c9a:3fff:fe98:663c
-builder			            IN	AAAA	2001:470:c844:200:b867:2ff:fe66:f76b
-cassone			            IN	AAAA	2001:470:c844:200:ec5b:2bff:febd:d71a
-cerbero                     IN  AAAA    2001:470:c844:200::1111:4242
-screensy                    IN  AAAA    2001:470:c844:200:1447:55ff:fe54:279e
-; Dead servers, their services are moved
-cassiopea		            IN	CNAME	cerbero
-servirtualozzo.cassiopea	IN	CNAME	cassone
-vupiuesse.andromeda			IN	CNAME	cassone
-
-; workstations in Officina
-stampante3d.officina    	IN	AAAA	2001:470:c844:200:10ab:2782:dcdf:8ebb
-golem-sala-corsi.officina	IN	AAAA	2001:470:c844:200:4c47:aaf:6c2d:a08c
-laptopless.officina         IN  AAAA    2001:470:c844:200:2c0:9fff:fefc:123c
-limortouch.officina         IN  AAAA    2001:470:c844:200:167e:8920:7567:a49b
-
-; soci
-spookyh-vm0.soci            IN  AAAA    2001:470:c844:200:3467:6bff:fe6b:1045
-
-; tests
-comment-0   IN  TXT "Serata di test 30 maggio 2024"
-
--- a/bind/named.conf.local
+++ b/bind/named.conf.local
@ -1,34 +0,0 @@
-//
-// Do any local configuration here
-//
-
-// Consider adding the 1918 zones here, if they are not used in your
-// organization
-//include "/etc/bind/zones.rfc1918";
-
-zone "golem.linux.it" {
-        type master;
-        file "/etc/bind/zones/db.golem.linux.it";
-        allow-transfer {
-                213.254.12.144/28;      // Tutta ILS
-                2001:1418:10:5::0/64;   // Tutta (?) ILS IPv6 (?)
-                2001:4b78:2000::/48;    // Tutto Marco d'Itri (BOFH)
-                85.94.204.144/28;       // Tutto Marco d'Itri (BOFH)
-                2001:470:c844::/48;     // GOLEM network
-		51.255.204.171/32;	// ns.giomba.it
-		90.147.189.115/32;	// ns.firenze.linux.it
-        };
-};
-
-zone "firenze.linux.it" {
-	type slave;
-	file "/var/cache/bind/db.firenze.golem.linux.it";
-	masters { 90.147.189.115; };
-};
-
-zone "giomba.it" {
-	type slave;
-	file "/var/cache/bind/db.giomba.it";
-	masters { 51.255.204.171; };
-};
-
--- a/playbooks/files/bind/conf
+++ b/playbooks/files/bind/conf
@ -1,11 +1,33 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
 zone "golem.linux.it" {
        type master;
-	file "/etc/bind/db.golem.linux.it";
+        file "/etc/bind/zones/db.golem.linux.it";
        allow-transfer {
                213.254.12.144/28;      // Tutta ILS
                2001:1418:10:5::0/64;   // Tutta (?) ILS IPv6 (?)
                2001:4b78:2000::/48;    // Tutto Marco d'Itri (BOFH)
                85.94.204.144/28;       // Tutto Marco d'Itri (BOFH)
                2001:470:c844::/48;     // GOLEM network
+		51.255.204.171/32;	// ns.giomba.it
+		90.147.189.115/32;	// ns.firenze.linux.it
        };
 };
+
+zone "firenze.linux.it" {
+	type slave;
+	file "/var/cache/bind/db.firenze.golem.linux.it";
+	masters { 90.147.189.115; };
+};
+
+zone "giomba.it" {
+	type slave;
+	file "/var/cache/bind/db.giomba.it";
+	masters { 51.255.204.171; };
+};
--- a/playbooks/files/bind/zones
+++ b/playbooks/files/bind/zones
@ -6,17 +6,18 @@
 ; otherwise new records will not be retrieved by other DNS servers,
 ; and they will not propagate.
 $TTL	3600
-@	IN	SOA	vostok.giomba.it. info.golem.linux.it. (
-                     2024032600         ; Serial
-                           3600         ; Refresh
+@	IN	SOA	ns.golem.linux.it. info.golem.linux.it. (
+                     2024060302         ; Serial
+                          14400         ; Refresh
                          86400         ; Retry
-                          86400         ; Expire
+                         604800         ; Expire
                          86400 )       ; Negative Cache TTL

 ; name servers - NS records
-        IN      NS      vostok.giomba.it.
+        IN      NS      ns.golem.linux.it.
        IN      NS      ns.linux.it.
 	IN	NS	ns.giomba.it.
+	IN	NS	ns.firenze.linux.it.

 ; dynamic name server for computers in Officina
 andromeda.officina.golem.linux.it.	IN	AAAA	2001:470:c844:200:2e0:81ff:fed0:ec03
@ -31,7 +32,7 @@ golem.linux.it.			IN	A	152.228.140.73

 ; hosts - A records
 ns.golem.linux.it.		IN	A       152.228.140.73
-ns.golem.linux.it.		IN	AAAA	2001:470:c844::2
+ns.golem.linux.it.		IN	AAAA	2001:470:c844::11

 ; VPS
 atena				IN	A	152.228.140.73
@ -40,7 +41,7 @@ ipv4.atena			IN	A	152.228.140.73
 ipv6.atena			IN	AAAA	2001:41d0:404:200::947f
 ; use ipv4 or ipv6 to only get the ipv4 or ipv6 address -- needed for some buggy apps
 ipv4.golem.linux.it.		IN	A	    152.228.140.73
-ipv6.golem.linux.it.		IN	AAAA	2001:470:c844::2
+ipv6.golem.linux.it.		IN	AAAA	2001:470:c844::11
 ; "Gestionale dei soci", migrated on VPS
 argento			            IN	CNAME	atena

@ -90,4 +91,4 @@ limortouch.officina         IN  AAAA    2001:470:c844:200:167e:8920:7567:a49b
 spookyh-vm0.soci            IN  AAAA    2001:470:c844:200:3467:6bff:fe6b:1045

 ; tests
-comment-0   IN  TXT "There has been an error in the authoritative DNS for years and we only discover it now?"
+comment-0   IN  TXT "Serata di test 30 maggio 2024"