Ryan Malloy
618e9504e7
Adds a second non-HE public secondary that pulls AXFR from dell01 (the
hidden primary at 154.27.180.210) and answers public queries on
ns.supported.systems (64.177.113.227, 2001:19f0:5c00:4daa:5400:6ff:fe2d:38fa).
secondary/
Corefile generated, 84 zones + REFUSED catch-all
docker-compose.yml CoreDNS in host-net mode
Makefile up/down/logs/regen/test/axfr-test
.env / .env.example image pin + bind IPs
scripts/generate-secondary-corefile.sh reads ../zones/*.zone
scripts/notify-he.py → notify-secondaries.py
adds 64.177.113.227 as a second
NOTIFY target alongside HE's
216.218.130.2
Uses CoreDNS's `bind` plugin to avoid colliding with systemd-resolved
on loopback :53. Authoritative-only — non-listed zones get REFUSED, no
recursion. AXFR pull requires opening TCP/53 on dell01's FortiWiFi for
the secondary's IP (manual step, separate from this commit).
13 lines
514 B
Plaintext
13 lines
514 B
Plaintext
COMPOSE_PROJECT_NAME=coredns-secondary
|
|
|
|
# CoreDNS image — match the primary's pin for consistency.
|
|
COREDNS_IMAGE=coredns/coredns:1.11.3
|
|
|
|
# Public addresses this secondary advertises and listens on. Leave both
|
|
# empty to bind every interface (the default). Set them when another
|
|
# process already owns loopback :53 (e.g. systemd-resolved). The
|
|
# generator script reads these and emits a `bind` directive in the
|
|
# Corefile when either is set.
|
|
BIND_V4=64.177.113.227
|
|
BIND_V6=2001:19f0:5c00:4daa:5400:06ff:fe2d:38fa
|