knot: fix acls
This commit is contained in:
parent
607fbc7b00
commit
ec63f15c64
|
@ -40,17 +40,33 @@
|
||||||
acl = [
|
acl = [
|
||||||
{
|
{
|
||||||
id = "jabber";
|
id = "jabber";
|
||||||
key = "jabber";
|
key = "jabber.c3d2.de";
|
||||||
action = "update";
|
action = "update";
|
||||||
update-owner = "name";
|
update-owner = "name";
|
||||||
update-owner-match = "sub-or-equal";
|
update-owner-match = "sub-or-equal";
|
||||||
update-owner-name = [ "jabber.c3d2.de." ];
|
update-owner-name = [ "jabber.c3d2.de." ];
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
id = "axfr";
|
||||||
|
address = [
|
||||||
|
# INWX
|
||||||
|
"2a0a:c980::53/128"
|
||||||
|
# Inbert
|
||||||
|
"2001:67c:1400:2240::1/128"
|
||||||
|
# dns.serv.zentralwerk.org
|
||||||
|
"172.20.73.2/32"
|
||||||
|
"2a00:8180:2c00:282:2::2"
|
||||||
|
# ns.spaceboyz.net
|
||||||
|
"95.217.229.209/32"
|
||||||
|
"2a01:4f9:4b:39ec::4/128"
|
||||||
|
];
|
||||||
|
action = [ "transfer" "notify" ];
|
||||||
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
log = [ {
|
log = [ {
|
||||||
target = "syslog";
|
target = "syslog";
|
||||||
any = "info";
|
any = "debug";
|
||||||
} ];
|
} ];
|
||||||
|
|
||||||
mod-stats = [ {
|
mod-stats = [ {
|
||||||
|
@ -107,13 +123,14 @@
|
||||||
zonefile-load = "difference-no-serial";
|
zonefile-load = "difference-no-serial";
|
||||||
} ];
|
} ];
|
||||||
|
|
||||||
zone = map (zone: {
|
zone = map ({ acl ? [], ... }@zone: {
|
||||||
inherit (zone) domain;
|
inherit (zone) domain;
|
||||||
template = "default";
|
template = "default";
|
||||||
notify = [ "all" ];
|
notify = [ "all" ];
|
||||||
|
acl = [ "axfr" ] ++ acl;
|
||||||
}) [
|
}) [
|
||||||
{ domain = "c3dd.de"; }
|
{ domain = "c3dd.de"; }
|
||||||
{ domain = "c3d2.de"; }
|
{ domain = "c3d2.de"; acl = [ "jabber" ]; }
|
||||||
{ domain = "hq.c3d2.de"; }
|
{ domain = "hq.c3d2.de"; }
|
||||||
{ domain = "dyn.hq.c3d2.de"; }
|
{ domain = "dyn.hq.c3d2.de"; }
|
||||||
# TODO: consolidate
|
# TODO: consolidate
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
knot:
|
knot:
|
||||||
keyFile: ENC[AES256_GCM,data:abZvm9g13J8yQ22OVkFQey9XGG4hl09qWUzqFJNNS8afEcT4vAbxZCLbrRSnCCI8uZn28/PgRMVPmKhV2l1VEBaiNt8Is2cWT0bf5CQK4P4P3f+/FY2LF6SzVEGpGkEioNM=,iv:x42ABoG+3qwj6K2l/SLySCQW3t2vgdMfazxwqWrQU9w=,tag:tovVGK6gJny8XR5bFo4QPg==,type:str]
|
keyFile: ENC[AES256_GCM,data:AIljRkmOy8qjkJHM3er0JVJdE3iD2oFJ/hDXsrBDvQ5u2G08/eqz+e9KQoYLaSg7GU5+Io1O6ADUPlCi2g5pGz4rkLFlhLFCVTOUFgex9dkchIQ9gMELPCAm6kAMZlPnfv2UnG9EaQCtT0LpCOItpQ==,iv:d3ARHmPo/+VU/4Dmxth2ar7y1AMF0ruO/7ddqPqTsdA=,tag:F7JuHNkusL92sTgp5a1oRg==,type:str]
|
||||||
ssh-keys:
|
ssh-keys:
|
||||||
knot:
|
knot:
|
||||||
public: ENC[AES256_GCM,data:LxJqnVOjC7PD6Muup96Ep83/7MvhyIbE8iBB7Yxd2MkCIWZVuHhVcNgVBP9IaMs8cj4RPNq8NUJSP3AjRM0U+EDDXyRwend0GzpIERGoNEJOoqbCF1Ts9wVx4EEWrQ==,iv:RD8WYJURlTktuHP4CMo6KxS8N/H7adTt7pPttSEFuHM=,tag:e6JLyGvKJi+Nt1yP9gT2wA==,type:str]
|
public: ENC[AES256_GCM,data:LxJqnVOjC7PD6Muup96Ep83/7MvhyIbE8iBB7Yxd2MkCIWZVuHhVcNgVBP9IaMs8cj4RPNq8NUJSP3AjRM0U+EDDXyRwend0GzpIERGoNEJOoqbCF1Ts9wVx4EEWrQ==,iv:RD8WYJURlTktuHP4CMo6KxS8N/H7adTt7pPttSEFuHM=,tag:e6JLyGvKJi+Nt1yP9gT2wA==,type:str]
|
||||||
|
@ -28,8 +28,8 @@ sops:
|
||||||
RyswT3E2Rnh2aTZMdXI0QnJRQVFNYVUKu9yv8wZ7X6mmFc3wj/4cOL9mZrP0Q6F7
|
RyswT3E2Rnh2aTZMdXI0QnJRQVFNYVUKu9yv8wZ7X6mmFc3wj/4cOL9mZrP0Q6F7
|
||||||
fXtdZr93TmTK9cG5EuBYuGDvOooFsPeSLSjP6BFRG+2+X+QxK7nSFg==
|
fXtdZr93TmTK9cG5EuBYuGDvOooFsPeSLSjP6BFRG+2+X+QxK7nSFg==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-01-28T00:01:53Z"
|
lastmodified: "2024-03-17T13:30:09Z"
|
||||||
mac: ENC[AES256_GCM,data:h0KiAAn9uNCvcbhwlAl53SVZnG5q8JvC2OWinoC3Q0+U1HXePLynl2Hn1sV87KCig+KlcokbgmFot7NyA0pzOuvbRWcjwJr8FEsb3wRvjxipF+B9z+yLwZ/RXaDgnYoa6pdPkA6eoAA33PO43tlSpaLf+/yRW6Ya/1l3wE/GY20=,iv:A/7PmpYq09vhsPosxITkHBPJnQkCo7EVcu+biOF0yiQ=,tag:YevwhNkWvqCf/JNz7Wrdlw==,type:str]
|
mac: ENC[AES256_GCM,data:iAqigiacq2TjY+TzoxGju7tuo0eEnH8KrRrm/cMGwBzDwaCIT96JkKxva7gxqD1TUW9P5sWaM7ZEYJd6l4CDxgdJ3/ayyjABhAKR2AeMuSUaRWomauePKP2I83V5w5BIUODDtw7eHitkyZpZAm8/at+YI1OlEhWb06sDG0T1KN4=,iv:AJ/Lf9w4zxm0kJxuoCsHmTvwGslQdWqqmOuCaYOwgWc=,tag:tXtZSupLTnXYASTtDmYfLQ==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2023-08-08T22:43:21Z"
|
- created_at: "2023-08-08T22:43:21Z"
|
||||||
enc: |
|
enc: |
|
||||||
|
|
Loading…
Reference in New Issue