X-Git-Url: https://git.exim.org/exim-dns.git/blobdiff_plain/e30cb2c1724fb139188ce0f8995eb40a3b1ec9c8..707bb6134efd51daec0d5467de901677fe0ba315:/exim.org.lua diff --git a/exim.org.lua b/exim.org.lua index 12aefc7..c81c431 100644 --- a/exim.org.lua +++ b/exim.org.lua @@ -11,34 +11,32 @@ -- .exim.org::c.ns.bytemark.co.uk:21600 -- IPs we use -local main_ipv4 = '131.111.8.192' -local main_ipv6 = '2001:630:212:8:204:23ff:fed6:b664' +local tahini_ipv4 = '131.111.8.192' +local tahini_ipv6 = '2001:630:212:8:204:23ff:fed6:b664' +local hummus_ipv4 = '131.111.8.88' +local hummus_ipv6 = '2001:630:212:8::e:f0e' +local main_ipv4 = hummus_ipv4 +local main_ipv6 = hummus_ipv6 -- Standard TTL -local ttl = 28800 +local ttl = 900 -- Basic A/AAAA records -a_and_aaaa(_a, main_ipv4, main_ipv6, ttl) -a_and_aaaa('www', main_ipv4, main_ipv6, ttl) -a_and_aaaa('mail', main_ipv4, main_ipv6, ttl) -a_and_aaaa('ftp', main_ipv4, main_ipv6, ttl) -a_and_aaaa('wiki', main_ipv4, main_ipv6, ttl) -a_and_aaaa('lists', main_ipv4, main_ipv6, ttl) -a_and_aaaa('bugs', main_ipv4, main_ipv6, ttl) -a_and_aaaa('docs', main_ipv4, main_ipv6, ttl) -a_and_aaaa('vcs', main_ipv4, main_ipv6, ttl) -a_and_aaaa('git', main_ipv4, main_ipv6, ttl) -a_and_aaaa('dev', main_ipv4, main_ipv6, ttl) -a_and_aaaa('www2', main_ipv4, main_ipv6, ttl) + +local a_record_names = { + _a, 'www', 'mail', 'ftp', 'wiki', 'lists', 'bugs', + 'docs', 'vcs', 'git', 'dev' } +for val in values(a_record_names) do + a_and_aaaa(val, main_ipv4, main_ipv6, ttl) +end -- MX records -mx(_a, 'tahini.csx.cam.ac.uk', 5, ttl) +mx(_a, 'hummus.csx.cam.ac.uk', 5, ttl) mx(_a, 'boom.graemef.net', 15, ttl) -- -mx('bugs', 'tahini.csx.cam.ac.uk', 5, ttl) +mx('bugs', 'hummus.csx.cam.ac.uk', 5, ttl) -- Mirrors etc - A and a few CNAME records -a('www.us', '209.58.132.254', ttl) a('www.ie', '193.120.14.243', ttl) a('www.fr', '193.54.153.246', ttl) a('www.congo', '194.7.39.155', ttl) @@ -47,10 +45,31 @@ a('www.de', '195.211.161.101', ttl) a('www.tw', '192.72.81.219', ttl) a('www.pl', '193.219.28.2', ttl) cname('www.no', 'spheniscus.uninett.no', ttl) -cname('www.in', 'exim.in.freeos.com', ttl) + +-- Misc other services held elsewhere +cname('buildfarm', 'eximfarm.krot.org', ttl) -- Delegation of testdns.exim.org for testsuite ns('testdns', 'nlns.globnix.net', ttl) ns('testdns', 'us0ns.globnix.net', ttl) --- end \ No newline at end of file +-- SSHFP records under our administrative control. +a_and_aaaa('hummus', hummus_ipv4, hummus_ipv6, ttl) +sshfp('hummus', 1, 'cf99c484ef40cedf604f4250ed2e767491de9f52', 1, ttl) +sshfp('hummus', 1, 'd5ec5ff09c6f410ece6b1cb17667baaec4dfcdf0f70bd9042dfdc5bed1ae004f', 2, ttl) +sshfp('hummus', 2, '0b85b8f17ecafcfb0f2d4beae9d74bf37113daac', 1, ttl) +sshfp('hummus', 2, '2048f5b5ed4471cca229e304c0f8ff166823697504d2d3a28f38f11dac80e1fe', 2, ttl) +sshfp('hummus', 3, 'd8a0078138279834a2dae8ce9eb408671ba88045', 1, ttl) +sshfp('hummus', 3, '20fb937eb9b87aec566dff0a97b31963a3f5dd7cbba9e205574ebc676e842dff', 2, ttl) +-- 2016-10-27: apparently LuaDNS needlessly "validate" by checking the algorithms against an outdated whitelist, +-- such that we can't have the Ed25519 fingerprints from RFC7479 (March 2015). +-- sshfp('hummus', 4, '6c6eaf95c8242ea53791942717b0ed40e9e5db92', 1, ttl) +-- sshfp('hummus', 4, 'bf4b9376f5fffe2b59a0948638df3b4d77d02da2cb8c44cbc90d0bf174f22e5e', 2, ttl) + +-- Google Gmail Postmaster Tools (this one for Phil): +cname('nwkjs7zfnln6', 'gv-3umn6e3uwnaqo5.dv.googlehosted.com', ttl) + +-- dummy changes here to this record, to try to nudge propagation +txt('_dummy-foo', '12345', ttl) + +-- end