Ryan Malloy
6d72d65642
Big migration: the source/prepared split is gone. Each zones/*.zone is now an RFC-compliant zone file that CoreDNS reads directly. Editing a record is just edit + bump SOA + commit. CoreDNS auto-reloads within 30s; HE pulls on its own 300s SOA-refresh cycle. Why: groundwork for the coredns-rfc2136 plugin to edit zones in place without juggling a source/prepared transformation step. Also reduces the mental model from "edit source, run prep, push" to just "edit". Changes: - zones/*.zone: 84 files migrated from Vultr-export form to RFC-compliant form (SOA injected, Vultr NS replaced with HE NS, CNAME/MX/NS rdata dot-terminated, apex lines get explicit @ prefix). Diff is mechanical and byte-count is unchanged (~340K) -- pure formatting promotion. - docker-compose.yml: bind ./zones:/zones:ro (was ./zones-prepared) - Makefile: dropped 'prep' target. 'reload' is now a no-op explainer. 'tls-up' no longer depends on prep. 'clean' no longer wipes prepared. - scripts/prepare-zones.sh moved to scripts/archive/ (kept for reference). - .gitignore: updated comment for zones-prepared/ (now legacy). NOT in this commit (follow-ups): - CLAUDE.md updates documenting the new workflow. - scripts/bump-serials.sh helper for manual-edit SOA bumping. - coredns-rfc2136 plugin refactor (Phase 2b in the plan).
17 lines
590 B
Plaintext
17 lines
590 B
Plaintext
# Legacy: zones-prepared/ was the generated form when scripts/prepare-zones.sh
|
|
# (now in scripts/archive/) processed zones/. We retired that pipeline in
|
|
# favour of editing zones/*.zone directly as RFC-compliant served files.
|
|
# If anyone runs the archived script, the output stays out of git.
|
|
zones-prepared/*.zone
|
|
|
|
# Self-signed certs (re-generated by scripts/generate-certs.sh)
|
|
certs/*.pem
|
|
|
|
# Caddy's runtime data: issued certs, ACME account keys, transient state.
|
|
# NEVER commit — contains the ACME account private key.
|
|
caddy-data/
|
|
caddy-config/
|
|
|
|
# Local-only env overrides
|
|
.env.local
|