Ryan Malloy 9e345fa488 Corefile: drop explicit cache 30, use plugin default (3600) ...

The cache 30 directive in the (common) snippet was clamping
authoritative TTLs to 30s max — every record HE pulled showed TTL≈5
because the cache plugin intercepts responses regardless of source
(auto plugin authoritative answers AND forward plugin resolver answers).

Switching to bare 'cache' uses the plugin's 3600s default, which
preserves our source TTLs: most records at 300s, _dmarc/dkim/SRV at
3600s, wildcards at 60s.

2026-05-20 16:28:50 -06:00

caddy

coredns: production Let's Encrypt cert via Caddy sidecar (DNS-01 + Vultr)

2026-05-14 01:34:57 -06:00

scripts

scripts: chmod +x notify-he.py

2026-05-20 11:39:25 -06:00

zones

supported.systems: git A → CNAME git.supportedsystems.net

2026-05-20 16:20:22 -06:00

.env

coredns: rename endpoint dns.l.supported.systems -> dns.supported.systems

2026-05-16 15:24:27 -06:00

.gitignore

coredns: production Let's Encrypt cert via Caddy sidecar (DNS-01 + Vultr)

2026-05-14 01:34:57 -06:00

CLAUDE.md

CLAUDE.md: project knowledge — architecture, NOTIFY, SSH deploy, HE quirks

2026-05-20 11:32:25 -06:00

Corefile

Corefile: drop explicit cache 30, use plugin default (3600)

2026-05-20 16:28:50 -06:00

docker-compose.yml

coredns: fix silently-broken healthcheck (distroless image has no wget)

2026-05-16 14:01:22 -06:00

Makefile

coredns: script-based NOTIFY to ns1.he.net on every prep

2026-05-18 16:57:54 -06:00

Description

Hidden-primary DNS for ~91 zones: CoreDNS + custom rfc2136 plugin for self-hosted ACME DNS-01. Source of truth for zones/, Corefile, deploy configs.

172 KiB

Languages

Shell 49.7%

Makefile 21.5%

Python 16.6%

Dockerfile 12.2%