X-Git-Url: https://git.exim.org/exim-dns.git/blobdiff_plain/a4a6cf27b4a92b7aead8a4d4c9bd04561e8d403f..HEAD:/exim.org.lua diff --git a/exim.org.lua b/exim.org.lua index f77068f..c81c431 100644 --- a/exim.org.lua +++ b/exim.org.lua @@ -11,46 +11,65 @@ -- .exim.org::c.ns.bytemark.co.uk:21600 -- IPs we use -local main_ipv4 = '131.111.8.192' -local main_ipv6 = '2001063002120008020423fffed6b664' +local tahini_ipv4 = '131.111.8.192' +local tahini_ipv6 = '2001:630:212:8:204:23ff:fed6:b664' +local hummus_ipv4 = '131.111.8.88' +local hummus_ipv6 = '2001:630:212:8::e:f0e' +local main_ipv4 = hummus_ipv4 +local main_ipv6 = hummus_ipv6 -- Standard TTL -local ttl = 7200 +local ttl = 900 -- Basic A/AAAA records -a_and_aaaa(_a, main_ipv4, main_ipv6, ttl) -a_and_aaaa('www', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) -a_and_aaaa('ftp', main_ipv4, main_ipv6, ttl) -a_and_aaaa('wiki', main_ipv4, main_ipv6, ttl) -a_and_aaaa('lists', main_ipv4, main_ipv6, ttl) -a_and_aaaa('bugs', main_ipv4, main_ipv6, ttl) -a_and_aaaa('docs', main_ipv4, main_ipv6, ttl) -a_and_aaaa('vcs', main_ipv4, main_ipv6, ttl) -a_and_aaaa('git', main_ipv4, main_ipv6, ttl) -a_and_aaaa('dev', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) + +local a_record_names = { + _a, 'www', 'mail', 'ftp', 'wiki', 'lists', 'bugs', + 'docs', 'vcs', 'git', 'dev' } +for val in values(a_record_names) do + a_and_aaaa(val, main_ipv4, main_ipv6, ttl) +end -- MX records -mx(_a,'tahini.csx.cam.ac.uk', ttl) -mx(_a,'boom.graemef.net', ttl) +mx(_a, 'hummus.csx.cam.ac.uk', 5, ttl) +mx(_a, 'boom.graemef.net', 15, ttl) -- -mx('bugs','tahini.csx.cam.ac.uk', ttl) +mx('bugs', 'hummus.csx.cam.ac.uk', 5, ttl) -- Mirrors etc - A and a few CNAME records -a(concat('www.us', _a), '209.58.132.254', ttl) -a(concat('www.ie', _a), '193.120.14.243', ttl) -a(concat('www.fr', _a), '193.54.153.246', ttl) -a(concat('www.congo', _a), '194.7.39.155', ttl) -a(concat('ftp.de', _a), '195.211.161.101', ttl) -a(concat('www.de', _a), '195.211.161.101', ttl) -a(concat('www.tw', _a), '192.72.81.219', ttl) -a(concat('www.pl', _a), '193.219.28.2', ttl) -cname(concat('www.no', _a), 'spheniscus.uninett.no', ttl) -cname(concat('www.in', _a), 'exim.in.freeos.com', ttl) - --- end \ No newline at end of file +a('www.ie', '193.120.14.243', ttl) +a('www.fr', '193.54.153.246', ttl) +a('www.congo', '194.7.39.155', ttl) +a('ftp.de', '195.211.161.101', ttl) +a('www.de', '195.211.161.101', ttl) +a('www.tw', '192.72.81.219', ttl) +a('www.pl', '193.219.28.2', ttl) +cname('www.no', 'spheniscus.uninett.no', ttl) + +-- Misc other services held elsewhere +cname('buildfarm', 'eximfarm.krot.org', ttl) + +-- Delegation of testdns.exim.org for testsuite +ns('testdns', 'nlns.globnix.net', ttl) +ns('testdns', 'us0ns.globnix.net', ttl) + +-- SSHFP records under our administrative control. +a_and_aaaa('hummus', hummus_ipv4, hummus_ipv6, ttl) +sshfp('hummus', 1, 'cf99c484ef40cedf604f4250ed2e767491de9f52', 1, ttl) +sshfp('hummus', 1, 'd5ec5ff09c6f410ece6b1cb17667baaec4dfcdf0f70bd9042dfdc5bed1ae004f', 2, ttl) +sshfp('hummus', 2, '0b85b8f17ecafcfb0f2d4beae9d74bf37113daac', 1, ttl) +sshfp('hummus', 2, '2048f5b5ed4471cca229e304c0f8ff166823697504d2d3a28f38f11dac80e1fe', 2, ttl) +sshfp('hummus', 3, 'd8a0078138279834a2dae8ce9eb408671ba88045', 1, ttl) +sshfp('hummus', 3, '20fb937eb9b87aec566dff0a97b31963a3f5dd7cbba9e205574ebc676e842dff', 2, ttl) +-- 2016-10-27: apparently LuaDNS needlessly "validate" by checking the algorithms against an outdated whitelist, +-- such that we can't have the Ed25519 fingerprints from RFC7479 (March 2015). +-- sshfp('hummus', 4, '6c6eaf95c8242ea53791942717b0ed40e9e5db92', 1, ttl) +-- sshfp('hummus', 4, 'bf4b9376f5fffe2b59a0948638df3b4d77d02da2cb8c44cbc90d0bf174f22e5e', 2, ttl) + +-- Google Gmail Postmaster Tools (this one for Phil): +cname('nwkjs7zfnln6', 'gv-3umn6e3uwnaqo5.dv.googlehosted.com', ttl) + +-- dummy changes here to this record, to try to nudge propagation +txt('_dummy-foo', '12345', ttl) + +-- end