Ryan Malloy
6d72d65642
Big migration: the source/prepared split is gone. Each zones/*.zone is now an RFC-compliant zone file that CoreDNS reads directly. Editing a record is just edit + bump SOA + commit. CoreDNS auto-reloads within 30s; HE pulls on its own 300s SOA-refresh cycle. Why: groundwork for the coredns-rfc2136 plugin to edit zones in place without juggling a source/prepared transformation step. Also reduces the mental model from "edit source, run prep, push" to just "edit". Changes: - zones/*.zone: 84 files migrated from Vultr-export form to RFC-compliant form (SOA injected, Vultr NS replaced with HE NS, CNAME/MX/NS rdata dot-terminated, apex lines get explicit @ prefix). Diff is mechanical and byte-count is unchanged (~340K) -- pure formatting promotion. - docker-compose.yml: bind ./zones:/zones:ro (was ./zones-prepared) - Makefile: dropped 'prep' target. 'reload' is now a no-op explainer. 'tls-up' no longer depends on prep. 'clean' no longer wipes prepared. - scripts/prepare-zones.sh moved to scripts/archive/ (kept for reference). - .gitignore: updated comment for zones-prepared/ (now legacy). NOT in this commit (follow-ups): - CLAUDE.md updates documenting the new workflow. - scripts/bump-serials.sh helper for manual-edit SOA bumping. - coredns-rfc2136 plugin refactor (Phase 2b in the plan).
54 lines
2.5 KiB
Dns
54 lines
2.5 KiB
Dns
; Auto-prepared by scripts/prepare-zones.sh on 2026-05-21T11:12:50-06:00
|
|
; Source: zones/demostar.io.zone
|
|
$ORIGIN demostar.io.
|
|
$TTL 3600
|
|
@ 3600 IN SOA ns1.he.net. admin.demostar.io. (
|
|
2026052102 ; serial — bump per change (SERIAL=YYYYMMDDNN make prep)
|
|
300 ; refresh (5 min) — slaves poll us this often;
|
|
; tightened from 3600 to nudge HE's internal
|
|
; puller→anycast replication
|
|
120 ; retry (2 min) — kept < refresh per RFC 1912
|
|
604800 ; expire (1 week)
|
|
60 ; minimum (1 min) — negative-cache TTL on public
|
|
; resolvers; shrinks the window when an old
|
|
; NXDOMAIN keeps showing after we add a name
|
|
)
|
|
|
|
@ 3600 IN NS ns1.he.net.
|
|
@ 3600 IN NS ns2.he.net.
|
|
@ 3600 IN NS ns3.he.net.
|
|
@ 3600 IN NS ns4.he.net.
|
|
@ 3600 IN NS ns5.he.net.
|
|
|
|
|
|
@ 300 IN A 74.91.22.230
|
|
ph 300 IN A 144.202.60.236
|
|
or 300 IN A 74.91.22.233
|
|
vdo 300 IN A 74.91.22.230
|
|
dev 300 IN CNAME rpm-bullet.mer.idahomuellers.net.
|
|
* 300 IN CNAME demostar.io.
|
|
shynet 300 IN CNAME demostar.io.
|
|
oo-sandbox 300 IN CNAME oo.demostar.io.
|
|
oo 300 IN CNAME demostar.io.
|
|
cw 3600 IN CNAME demostar.io.
|
|
@ 300 IN MX 10 mail.supported.systems.
|
|
@ 3600 IN TXT "v=spf1 mx a:mail.supported.systems ~all"
|
|
@ 3600 IN TXT "google-site-verification=2O9jXz4H-nx0oRi2hVdFCWnPudISRlpT2nWE0xF-U14"
|
|
_acme-challenge.meet 300 IN TXT "6ZSVw9yrMNjG2z-KqLP77_FW7w0I7embcfCLc9g6CRs"
|
|
_acme-challenge.oo-sandbox 300 IN TXT "o8a0j9u2-CmTCkAPJ9audd0SSh2KFv90vXPgLOoib_c"
|
|
_acme-challenge 300 IN TXT "xfcM1eMV0DRZMxHWzY5_l4v8sEHe064XmrJpBn7KZik"
|
|
_acme-challenge.oo 300 IN TXT "gAOPbIejEwGN7ezOSIcRfcVK074atnfDvJbwtfzM97w"
|
|
_acme-challenge.doom 300 IN TXT "MgsgpGJ5E5uWyoc8ajpVoIdtt_kPs1x9qwf6v83kEGU"
|
|
_acme-challenge.oo 300 IN TXT "FT54HjF0ts_30oroEBuyKQa1hnzh_D6mpFpEFGMjBTo"
|
|
_dmarc 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:reports@demostar.io; adkim=s; aspf=s;"
|
|
demostar.io._report._dmarc.mail 3600 IN TXT "v=DMARC1;"
|
|
_acme-challenge.shynet 300 IN TXT "y3fyKhW2Uiq1Nu9Zcd9detto90IvEZ852h2TvAIQCsA"
|
|
_acme-challenge.vdo 300 IN TXT "BlvVWIzjIj4o73qkYNfNdF_Q8MW13vxV6HTgO0-NzmM"
|
|
_acme-challenge.vdo 300 IN TXT "slcvr2gvi6ahNucyzfzLvInL-l0L1P93I2p3vQ3ytrU"
|
|
_acme-challenge.vdo 300 IN TXT "cGxfMICfHYD7QiQmsAuWuVN-hQQoZ38GcvDTigsioWQ"
|
|
_acme-challenge.cw.cw 300 IN TXT "Y0ahdJHcKysWxYNQG8aXQuWr0uSp7WVlwxkdWYHcrIM"
|
|
_acme-challenge.cw 300 IN TXT "e7IRkthq2cwpEJHEjbAsQwqkvQGHl831X6luH3ct6uc"
|
|
cw.cw 300 IN CNAME demostar.io.
|
|
doom 300 IN CNAME demostar.io.
|
|
meet 300 IN CNAME demostar.io.
|