kaz-vagrant/files/templates/debian/rootns/provision.sh

#!/bin/bash
# Root NS template
set -e
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`

# disable systemd-resolved which conflicts with nsd
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
systemctl stop systemd-resolved

apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y nsd

# get root zone
wget "http://www.internic.net/domain/root.zone" -O /etc/nsd/root.zone

# customize root zone
# remove official roots
sed -i -e 's/^\.\s.*NS.*[a-m].root-servers.net.*//' /etc/nsd/root.zone
# add alternative milxc root

echo -e ".	518400	IN	NS	p.root-servers.net
p.root-servers.net	518400	IN	A 100.100.1.10
p.root-servers.net	518400	IN	AAAA     2001:db8:a001::10
" >> /etc/nsd/root.zone


# add .sns TLD served by 100.100.20.10
echo -e "sns.	518400	IN	NS	ns.sns.
ns.sns.	518400	IN	A 100.100.20.10
ns.sns.	518400	IN	AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone

# customize nsd config
#echo -e "server:
#	ip-address: 127.0.0.1
echo -e "zone:
	name: \".\"
	zonefile: \"root.zone\"
" > /etc/nsd/nsd.conf

# Reverse DNS
#sed -i -e 's/^arpa.*//' /etc/nsd/root.zone
#sed -i -e 's/^.\.ns\.arpa.*.*//' /etc/nsd/root.zone

## Racine
sed -i -e '/NSEC.*/d' /etc/nsd/root.zone
sed -i -e '/RRSIG.*/d' /etc/nsd/root.zone
sed -i -e '/DNSKEY.*/d' /etc/nsd/root.zone
sed -i -e '/DS.*/d' /etc/nsd/root.zone
sed -i -e '/^arpa.*/d' /etc/nsd/root.zone
sed -i -e '/^.\.ns\.arpa.*.*/d' /etc/nsd/root.zone
echo -e "arpa.	172800  IN      NS      p.ns.arpa.
p.ns.arpa.              172800  IN      A       100.100.1.10
p.ns.arpa.              172800  IN      AAAA     2001:db8:a001::10
" >> /etc/nsd/root.zone

## .arpa
wget "https://www.internic.net/domain/arpa.zone" -O /etc/nsd/arpa.zone
sed -i -e '/NSEC.*/d' /etc/nsd/arpa.zone
sed -i -e '/RRSIG.*/d' /etc/nsd/arpa.zone
sed -i -e '/DNSKEY.*/d' /etc/nsd/arpa.zone
sed -i -e '/DS.*/d' /etc/nsd/arpa.zone
sed -i -e '/^arpa\.\s.*NS.*[a-m].ns.arpa.*/d' /etc/nsd/arpa.zone
sed -i -e '/^in-addr.*/d' /etc/nsd/arpa.zone
sed -i -e '/^.\.in-addr.*/d' /etc/nsd/arpa.zone
echo -e "arpa.	172800  IN      NS      p.ns.arpa.
p.ns.arpa.              172800  IN      A       100.100.1.10
p.ns.arpa.              172800  IN      AAAA     2001:db8:a001::10
in-addr.arpa.		172800	IN	NS	p.in-addr-servers.arpa.
p.in-addr-servers.arpa.              172800  IN      A       100.100.1.10
p.in-addr-servers.arpa.              172800  IN      AAAA     2001:db8:a001::10
" >> /etc/nsd/arpa.zone

echo -e "zone:
	name: \"arpa.\"
	zonefile: \"arpa.zone\"
" >> /etc/nsd/nsd.conf

## .in-addr.arpa
wget "https://www.internic.net/domain/in-addr.arpa.zone" -O /etc/nsd/in-addr.arpa.zone
sed -i -e '/SOA.*/d' /etc/nsd/in-addr.arpa.zone
sed -i -e '/NSEC.*/d' /etc/nsd/in-addr.arpa.zone
sed -i -e '/RRSIG.*/d' /etc/nsd/in-addr.arpa.zone
sed -i -e '/DNSKEY.*/d' /etc/nsd/in-addr.arpa.zone
sed -i -e '/DS.*/d' /etc/nsd/in-addr.arpa.zone
sed -i -e '/^in-addr\.arpa\.\s.*NS.*[a-m].in-addr-servers.arpa.*/d' /etc/nsd/in-addr.arpa.zone
sed -i -e '/^100.*/d' /etc/nsd/in-addr.arpa.zone
echo -e "in-addr.arpa.	172800  IN      NS      p.ns.in-addr.arpa.
p.ns.in-addr.arpa.              172800  IN      A       100.100.1.10
p.ns.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
100.in-addr.arpa.		172800	IN	NS	p.100.in-addr.arpa.
p.100.in-addr.arpa.              172800  IN      A       100.100.1.10
p.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
" >> /etc/nsd/in-addr.arpa.zone

echo -e "zone:
	name: \"in-addr.arpa.\"
	zonefile: \"in-addr.arpa.zone\"
" >> /etc/nsd/nsd.conf


# 100.in-addr.arpa
echo -e "100.in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
100.in-addr.arpa.	172800  IN      NS      p.ns.100.in-addr.arpa.
p.ns.100.in-addr.arpa.              172800  IN      A       100.100.1.10
p.ns.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
120.100.in-addr.arpa.		172800	IN	NS	p.120.100.in-addr.arpa.
p.120.100.in-addr.arpa.              172800  IN      A       100.120.1.2
p.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:120:1::2
" > /etc/nsd/100.in-addr.arpa.zone

echo -e "zone:
	name: \"100.in-addr.arpa.\"
	zonefile: \"100.in-addr.arpa.zone\"
" >> /etc/nsd/nsd.conf

#
# # 120.100.in-addr.arpa
# echo -e "120.100.in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
# 120.100.in-addr.arpa.	172800  IN      NS      p.ns.120.100.in-addr.arpa.
# p.ns.120.100.in-addr.arpa.              172800  IN      A       100.100.1.10
# p.ns.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
# 1.120.100.in-addr.arpa.		172800	IN	NS	p.1.120.100.in-addr.arpa.
# p.1.120.100.in-addr.arpa.              172800  IN      A       100.100.1.10
# p.1.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
# " > /etc/nsd/120.100.in-addr.arpa.zone
#
# echo -e "zone:
# 	name: \"120.100.in-addr.arpa.\"
# 	zonefile: \"120.100.in-addr.arpa.zone\"
# " >> /etc/nsd/nsd.conf
#
# # 1.120.100.in-addr.arpa
# echo -e "1.120.100.in-addr.arpa.           3600    IN      SOA     b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600
# 1.120.100.in-addr.arpa.	172800  IN      NS      p.ns.1.120.100.in-addr.arpa.
# p.ns.1.120.100.in-addr.arpa.              172800  IN      A       100.100.1.10
# p.ns.1.120.100.in-addr.arpa.              172800  IN      AAAA     2001:db8:a001::10
# 2.1.120.100.in-addr.arpa.		172800	IN	PTR  smtp.isp-a.sns.
# " > /etc/nsd/1.120.100.in-addr.arpa.zone
#
# echo -e "zone:
# 	name: \"1.120.100.in-addr.arpa.\"
# 	zonefile: \"1.120.100.in-addr.arpa.zone\"
# " >> /etc/nsd/nsd.conf


# 2.1.120.100.in-addr.arpa.		172800  IN      PTR       smtp.isp-a.sns
# 100.120.1.2


#service nsd restart
snster bootstrap 2022-12-22 17:25:05 +01:00			`#!/bin/bash`
			`# Root NS template`
			`set -e`
			`if [ -z $SNSTERGUARD ] ; then exit 1; fi`
			DIR=`dirname $0`
			cd `dirname $0`

			`# disable systemd-resolved which conflicts with nsd`
			`echo "DNSStubListener=no" >> /etc/systemd/resolved.conf`
			`systemctl stop systemd-resolved`

			`apt-get update`
			`DEBIAN_FRONTEND=noninteractive apt-get install -y nsd`

			`# get root zone`
			`wget "http://www.internic.net/domain/root.zone" -O /etc/nsd/root.zone`

			`# customize root zone`
			`# remove official roots`
			`sed -i -e 's/^\.\s.NS.[a-m].root-servers.net.*//' /etc/nsd/root.zone`
			`# add alternative milxc root`

			`echo -e ". 518400 IN NS p.root-servers.net`
			`p.root-servers.net 518400 IN A 100.100.1.10`
			`p.root-servers.net 518400 IN AAAA 2001:db8:a001::10`
			`" >> /etc/nsd/root.zone`


switch domain from kaz.milxc to kaz.sns 2022-12-23 14:32:08 +01:00			`# add .sns TLD served by 100.100.20.10`
			`echo -e "sns. 518400 IN NS ns.sns.`
			`ns.sns. 518400 IN A 100.100.20.10`
			`ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone`
snster bootstrap 2022-12-22 17:25:05 +01:00
			`# customize nsd config`
			`#echo -e "server:`
			`# ip-address: 127.0.0.1`
			`echo -e "zone:`
			`name: \".\"`
			`zonefile: \"root.zone\"`
			`" > /etc/nsd/nsd.conf`

reverse DNS ok 2023-01-18 20:09:29 +01:00			`# Reverse DNS`
			`#sed -i -e 's/^arpa.*//' /etc/nsd/root.zone`
			`#sed -i -e 's/^.\.ns\.arpa..//' /etc/nsd/root.zone`

			`## Racine`
			`sed -i -e '/NSEC.*/d' /etc/nsd/root.zone`
			`sed -i -e '/RRSIG.*/d' /etc/nsd/root.zone`
			`sed -i -e '/DNSKEY.*/d' /etc/nsd/root.zone`
			`sed -i -e '/DS.*/d' /etc/nsd/root.zone`
			`sed -i -e '/^arpa.*/d' /etc/nsd/root.zone`
			`sed -i -e '/^.\.ns\.arpa../d' /etc/nsd/root.zone`
			`echo -e "arpa. 172800 IN NS p.ns.arpa.`
			`p.ns.arpa. 172800 IN A 100.100.1.10`
			`p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`" >> /etc/nsd/root.zone`

			`## .arpa`
			`wget "https://www.internic.net/domain/arpa.zone" -O /etc/nsd/arpa.zone`
			`sed -i -e '/NSEC.*/d' /etc/nsd/arpa.zone`
			`sed -i -e '/RRSIG.*/d' /etc/nsd/arpa.zone`
			`sed -i -e '/DNSKEY.*/d' /etc/nsd/arpa.zone`
			`sed -i -e '/DS.*/d' /etc/nsd/arpa.zone`
			`sed -i -e '/^arpa\.\s.NS.[a-m].ns.arpa.*/d' /etc/nsd/arpa.zone`
			`sed -i -e '/^in-addr.*/d' /etc/nsd/arpa.zone`
			`sed -i -e '/^.\.in-addr.*/d' /etc/nsd/arpa.zone`
			`echo -e "arpa. 172800 IN NS p.ns.arpa.`
			`p.ns.arpa. 172800 IN A 100.100.1.10`
			`p.ns.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`in-addr.arpa. 172800 IN NS p.in-addr-servers.arpa.`
			`p.in-addr-servers.arpa. 172800 IN A 100.100.1.10`
			`p.in-addr-servers.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`" >> /etc/nsd/arpa.zone`

			`echo -e "zone:`
			`name: \"arpa.\"`
			`zonefile: \"arpa.zone\"`
			`" >> /etc/nsd/nsd.conf`

			`## .in-addr.arpa`
			`wget "https://www.internic.net/domain/in-addr.arpa.zone" -O /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/SOA.*/d' /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/NSEC.*/d' /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/RRSIG.*/d' /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/DNSKEY.*/d' /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/DS.*/d' /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/^in-addr\.arpa\.\s.NS.[a-m].in-addr-servers.arpa.*/d' /etc/nsd/in-addr.arpa.zone`
			`sed -i -e '/^100.*/d' /etc/nsd/in-addr.arpa.zone`
			`echo -e "in-addr.arpa. 172800 IN NS p.ns.in-addr.arpa.`
			`p.ns.in-addr.arpa. 172800 IN A 100.100.1.10`
			`p.ns.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`100.in-addr.arpa. 172800 IN NS p.100.in-addr.arpa.`
			`p.100.in-addr.arpa. 172800 IN A 100.100.1.10`
			`p.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600`
			`" >> /etc/nsd/in-addr.arpa.zone`

			`echo -e "zone:`
			`name: \"in-addr.arpa.\"`
			`zonefile: \"in-addr.arpa.zone\"`
			`" >> /etc/nsd/nsd.conf`



			`# 100.in-addr.arpa`
			`echo -e "100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600`
			`100.in-addr.arpa. 172800 IN NS p.ns.100.in-addr.arpa.`
			`p.ns.100.in-addr.arpa. 172800 IN A 100.100.1.10`
			`p.ns.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`120.100.in-addr.arpa. 172800 IN NS p.120.100.in-addr.arpa.`
			`p.120.100.in-addr.arpa. 172800 IN A 100.120.1.2`
			`p.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:120:1::2`
			`" > /etc/nsd/100.in-addr.arpa.zone`

			`echo -e "zone:`
			`name: \"100.in-addr.arpa.\"`
			`zonefile: \"100.in-addr.arpa.zone\"`
			`" >> /etc/nsd/nsd.conf`

			`#`
			`# # 120.100.in-addr.arpa`
			`# echo -e "120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600`
			`# 120.100.in-addr.arpa. 172800 IN NS p.ns.120.100.in-addr.arpa.`
			`# p.ns.120.100.in-addr.arpa. 172800 IN A 100.100.1.10`
			`# p.ns.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`# 1.120.100.in-addr.arpa. 172800 IN NS p.1.120.100.in-addr.arpa.`
			`# p.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10`
			`# p.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`# " > /etc/nsd/120.100.in-addr.arpa.zone`
			`#`
			`# echo -e "zone:`
			`# name: \"120.100.in-addr.arpa.\"`
			`# zonefile: \"120.100.in-addr.arpa.zone\"`
			`# " >> /etc/nsd/nsd.conf`
			`#`
			`# # 1.120.100.in-addr.arpa`
			`# echo -e "1.120.100.in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2022090676 1800 900 604800 3600`
			`# 1.120.100.in-addr.arpa. 172800 IN NS p.ns.1.120.100.in-addr.arpa.`
			`# p.ns.1.120.100.in-addr.arpa. 172800 IN A 100.100.1.10`
			`# p.ns.1.120.100.in-addr.arpa. 172800 IN AAAA 2001:db8:a001::10`
			`# 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns.`
			`# " > /etc/nsd/1.120.100.in-addr.arpa.zone`
			`#`
			`# echo -e "zone:`
			`# name: \"1.120.100.in-addr.arpa.\"`
			`# zonefile: \"1.120.100.in-addr.arpa.zone\"`
			`# " >> /etc/nsd/nsd.conf`



			`# 2.1.120.100.in-addr.arpa. 172800 IN PTR smtp.isp-a.sns`
			`# 100.120.1.2`



snster bootstrap 2022-12-22 17:25:05 +01:00			`#service nsd restart`