switch domain from kaz.milxc to kaz.sns
This commit is contained in:
Francois Lesueur
parent
215e77c226
commit
5e5fd1b19a
@ -28,7 +28,7 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::1 as 30
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: isp-a.milxc
|
||||
domain: isp-a.sns
|
||||
|
||||
infra:
|
||||
network:
|
||||
@ -41,10 +41,10 @@ hosts:
|
||||
gatewayv6: 2001:db8:120:1::1
|
||||
templates:
|
||||
- mailserver:
|
||||
domain: isp-a.milxc
|
||||
domain: isp-a.sns
|
||||
- resolverns:
|
||||
- resolv:
|
||||
domain: isp-a.milxc
|
||||
domain: isp-a.sns
|
||||
ns: 100.120.1.2
|
||||
|
||||
home:
|
||||
@ -57,5 +57,5 @@ hosts:
|
||||
templates:
|
||||
- updatecaroots:
|
||||
- resolv:
|
||||
domain: isp-a.milxc
|
||||
domain: isp-a.sns
|
||||
ns: 100.120.1.2
|
||||
|
||||
@ -366,7 +366,7 @@ hover_timeout=500
|
||||
cache_max_mem_usage=4096
|
||||
cache_min_keep_time=15
|
||||
thread_by_subject_max_age=10
|
||||
last_opened_folder=#imap/hacker@isp-a.milxc/Trash
|
||||
last_opened_folder=#imap/email@isp-a.sns/Trash
|
||||
goto_last_folder_on_startup=0
|
||||
summary_quicksearch_sticky=1
|
||||
summary_quicksearch_dynamic=0
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
# ISP-A infra
|
||||
set -e
|
||||
if [ -z $MILXCGUARD ] ; then exit 1; fi
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
||||
DIR=`dirname $0`
|
||||
cd `dirname $0`
|
||||
|
||||
@ -15,11 +15,11 @@ DEBIAN_FRONTEND=noninteractive apt-get install -y claws-mail
|
||||
|
||||
# On configure les comptes mail
|
||||
if [ -f /clawsmail/addclawsuser.sh ]; then
|
||||
su debian /clawsmail/addclawsuser.sh contact1 kaz.milxc contact1@kaz.milxc toto 1
|
||||
su debian /clawsmail/addclawsuser.sh contact2 kaz.milxc contact2@kaz.milxc toto 2
|
||||
su debian /clawsmail/addclawsuser.sh contact3 kaz.milxc contact3@kaz.milxc toto 3
|
||||
su debian /clawsmail/addclawsuser.sh contact4 kaz.milxc contact4@kaz.milxc toto 4
|
||||
su debian /clawsmail/addclawsuser.sh email isp-a.milxc email email 5
|
||||
su debian /clawsmail/addclawsuser.sh contact1 kaz.sns contact1@kaz.sns toto 1
|
||||
su debian /clawsmail/addclawsuser.sh contact2 kaz.sns contact2@kaz.sns toto 2
|
||||
su debian /clawsmail/addclawsuser.sh contact3 kaz.sns contact3@kaz.sns toto 3
|
||||
su debian /clawsmail/addclawsuser.sh contact4 kaz.sns contact4@kaz.sns toto 4
|
||||
su debian /clawsmail/addclawsuser.sh email isp-a.sns email email 5
|
||||
fi
|
||||
|
||||
# On place les certifs
|
||||
|
||||
@ -2,8 +2,8 @@ server:
|
||||
interface: 0.0.0.0
|
||||
access-control: 100.64.0.0/10 allow
|
||||
|
||||
local-zone: "isp-a.milxc." static
|
||||
local-data: "smtp.isp-a.milxc. IN A 100.120.1.2"
|
||||
local-data: "mail.isp-a.milxc. IN A 100.120.1.2"
|
||||
local-data: "ns.isp-a.milxc. IN A 100.120.1.2"
|
||||
local-data: "isp-a.milxc. IN MX 10 smtp.isp-a.milxc."
|
||||
local-zone: "isp-a.sns." static
|
||||
local-data: "smtp.isp-a.sns. IN A 100.120.1.2"
|
||||
local-data: "mail.isp-a.sns. IN A 100.120.1.2"
|
||||
local-data: "ns.isp-a.sns. IN A 100.120.1.2"
|
||||
local-data: "isp-a.sns. IN MX 10 smtp.isp-a.sns."
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
#!/bin/bash
|
||||
# ISP-A infra
|
||||
set -e
|
||||
if [ -z $MILXCGUARD ] ; then exit 1; fi
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
||||
DIR=`dirname $0`
|
||||
cd `dirname $0`
|
||||
|
||||
# Email's mail account email@isp-a.milxc
|
||||
# Email's mail account email@isp-a.sns
|
||||
useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 email` email || true
|
||||
addgroup email mail
|
||||
#mkdir /home/hacker/mail
|
||||
@ -15,7 +15,7 @@ addgroup email mail
|
||||
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
|
||||
systemctl stop systemd-resolved
|
||||
|
||||
# manage isp-a.milxc zone
|
||||
# manage isp-a.sns zone
|
||||
apt-get update
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y unbound
|
||||
cp dns.conf /etc/unbound/unbound.conf.d/
|
||||
|
||||
@ -27,7 +27,7 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::1 as 30
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: kaz.milxc
|
||||
domain: kaz.sns
|
||||
|
||||
prod:
|
||||
network:
|
||||
@ -44,5 +44,5 @@ hosts:
|
||||
- authns:
|
||||
zonefile: dns.conf
|
||||
- resolv:
|
||||
domain: kaz.milxc
|
||||
domain: kaz.sns
|
||||
ns: 100.100.100.100
|
||||
|
||||
@ -1,14 +1,14 @@
|
||||
$TTL 86400
|
||||
$ORIGIN kaz.milxc.
|
||||
@ 1D IN SOA ns.kaz.milxc. hostmaster.kaz.milxc. (
|
||||
$ORIGIN kaz.sns.
|
||||
@ 1D IN SOA ns.kaz.sns. hostmaster.kaz.sns. (
|
||||
2002022401 ; serial
|
||||
3H ; refresh
|
||||
15 ; retry
|
||||
1w ; expire
|
||||
3h ; nxdomain ttl
|
||||
)
|
||||
IN NS ns.kaz.milxc.
|
||||
IN MX 10 smtp.kaz.milxc.
|
||||
IN NS ns.kaz.sns.
|
||||
IN MX 10 smtp.kaz.sns.
|
||||
IN A 100.80.0.2
|
||||
ns IN A 100.80.0.2
|
||||
dmz IN A 100.80.0.2
|
||||
|
||||
@ -9,12 +9,12 @@ mode=local
|
||||
########################################
|
||||
# choix du domaine
|
||||
# prod=kaz.bzh / dev=dev.kaz.bzh / local=kaz.local
|
||||
domain=kaz.milxc
|
||||
domain=kaz.sns
|
||||
|
||||
########################################
|
||||
# choix du domaine des mails sympa
|
||||
# prod=kaz.bzh / dev=kaz2.ovh / local=kaz.local
|
||||
domain_sympa=kaz.milxc
|
||||
domain_sympa=kaz.sns
|
||||
|
||||
########################################
|
||||
# choix d'un serveur partiel
|
||||
@ -112,7 +112,7 @@ restartPolicy=no
|
||||
|
||||
jirafeauDir=/var/jirafeauData/lkuDM16R5Sp4QHr/
|
||||
|
||||
ldapRoot=dc=kaz,dc=milxc
|
||||
ldapRoot=dc=kaz,dc=sns
|
||||
|
||||
########################################
|
||||
# services activés par container.sh
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
# Target DMZ
|
||||
set -e
|
||||
if [ -z $MILXCGUARD ] ; then exit 1; fi
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
||||
DIR=`dirname $0`
|
||||
cd `dirname $0`
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::1 as 30
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: mica.milxc
|
||||
domain: mica.sns
|
||||
|
||||
infra:
|
||||
network:
|
||||
@ -38,5 +38,5 @@ hosts:
|
||||
gatewayv6: 2001:db8:82::1
|
||||
templates:
|
||||
- resolv:
|
||||
domain: mica.milxc
|
||||
domain: mica.sns
|
||||
ns: 100.100.100.100
|
||||
|
||||
@ -2,7 +2,7 @@ server:
|
||||
interface: 0.0.0.0
|
||||
access-control: 100.64.0.0/10 allow
|
||||
|
||||
local-zone: "mica.milxc." static
|
||||
local-data: "ns.mica.milxc. IN A 100.82.0.2"
|
||||
local-data: "www.mica.milxc. IN A 100.82.0.2"
|
||||
local-data: "ca.mica.milxc. IN A 100.82.0.2"
|
||||
local-zone: "mica.sns." static
|
||||
local-data: "ns.mica.sns. IN A 100.82.0.2"
|
||||
local-data: "www.mica.sns. IN A 100.82.0.2"
|
||||
local-data: "ca.mica.sns. IN A 100.82.0.2"
|
||||
|
||||
@ -1,21 +1,15 @@
|
||||
#!/bin/bash
|
||||
# MICA infra
|
||||
set -e
|
||||
if [ -z $MILXCGUARD ] ; then exit 1; fi
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
||||
DIR=`dirname $0`
|
||||
cd `dirname $0`
|
||||
|
||||
# Hacker's mail account hacker@isp-a.milxc
|
||||
useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 ca` ca || true
|
||||
addgroup ca mail
|
||||
#mkdir /home/hacker/mail
|
||||
#touch /home/hacker/mail/Drafts /home/hacker/mail/Queue /home/hacker/mail/Sent /home/hacker/mail/Trash
|
||||
|
||||
# disable systemd-resolved which conflicts with nsd
|
||||
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
|
||||
systemctl stop systemd-resolved
|
||||
|
||||
# manage isp-a.milxc zone
|
||||
# manage mica.sns zone
|
||||
apt-get update
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y unbound
|
||||
cp dns.conf /etc/unbound/unbound.conf.d/
|
||||
@ -31,4 +25,4 @@ dpkg -i step-ca_0.17.2_amd64.deb
|
||||
# step ca init
|
||||
# step ca root root.crt
|
||||
# step ca provisioner add acme --type ACME
|
||||
# certbot certonly -n --standalone -d www.target.milxc --server https://www.mica.milxc/acme/acme/directory --agree-tos --email "fr@fr.fr"
|
||||
# certbot certonly -n --standalone -d www.target.sns --server https://www.mica.sns/acme/acme/directory --agree-tos --email "fr@fr.fr"
|
||||
|
||||
@ -25,7 +25,7 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::1 as 30
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: opendns.milxc
|
||||
domain: opendns.sns
|
||||
|
||||
resolver:
|
||||
network:
|
||||
@ -39,5 +39,5 @@ hosts:
|
||||
templates:
|
||||
- resolverns:
|
||||
- resolv:
|
||||
domain: opendns.milxc
|
||||
domain: opendns.sns
|
||||
ns: 100.100.100.100
|
||||
|
||||
@ -25,7 +25,7 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::1 as 30
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: ns-root-p.milxc
|
||||
domain: ns-root-p.sns
|
||||
|
||||
rootns:
|
||||
network:
|
||||
@ -39,5 +39,5 @@ hosts:
|
||||
templates:
|
||||
- rootns:
|
||||
- resolv:
|
||||
domain: ns-root-p.milxc
|
||||
domain: ns-root-p.sns
|
||||
ns: 100.100.100.100
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
version: 1
|
||||
|
||||
header:
|
||||
name: MILXC AS
|
||||
comment: The .milxc TLD auth NS
|
||||
name: TLD SNS AS
|
||||
comment: The .sns TLD auth NS
|
||||
|
||||
hosts:
|
||||
router:
|
||||
@ -14,7 +14,7 @@ hosts:
|
||||
ipv4: 100.64.0.40/24
|
||||
ipv6: 2001:db8:b000::40/48
|
||||
eth1:
|
||||
bridge: milxc-lan
|
||||
bridge: tld-sns-lan
|
||||
ipv4: 100.100.20.1/24
|
||||
ipv6: 2001:db8:a020::1/48
|
||||
templates:
|
||||
@ -25,18 +25,18 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::1 as 30
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: milxc.milxc
|
||||
domain: tld-sns.sns
|
||||
|
||||
ns:
|
||||
network:
|
||||
interfaces:
|
||||
eth0:
|
||||
bridge: milxc-lan
|
||||
bridge: tld-sns-lan
|
||||
ipv4: 100.100.20.10/24
|
||||
ipv6: 2001:db8:a020::10/48
|
||||
gatewayv4: 100.100.20.1
|
||||
gatewayv6: 2001:db8:a020::1
|
||||
templates:
|
||||
- resolv:
|
||||
domain: milxc.milxc
|
||||
domain: tld-sns.sns
|
||||
ns: 100.100.100.100
|
||||
@ -1,8 +1,8 @@
|
||||
#!/bin/bash
|
||||
# .milxc registry
|
||||
# .sns registry
|
||||
|
||||
set -e
|
||||
if [ -z $MILXCGUARD ] ; then exit 1; fi
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
||||
DIR=`dirname $0`
|
||||
cd `dirname $0`
|
||||
|
||||
@ -14,28 +14,28 @@ apt-get update
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y nsd
|
||||
|
||||
echo -e "zone:
|
||||
name: \"milxc.\"
|
||||
zonefile: \"milxc.zone\"
|
||||
name: \"sns.\"
|
||||
zonefile: \"sns.zone\"
|
||||
" > /etc/nsd/nsd.conf
|
||||
|
||||
echo -e "\$TTL 86400
|
||||
\$ORIGIN milxc.
|
||||
@ 1D IN SOA ns.milxc. hostmaster.milxc. (
|
||||
\$ORIGIN sns.
|
||||
@ 1D IN SOA ns.sns. hostmaster.sns. (
|
||||
2002022401 ; serial
|
||||
3H ; refresh
|
||||
15 ; retry
|
||||
1w ; expire
|
||||
3h ; nxdomain ttl
|
||||
)
|
||||
IN NS ns.milxc.
|
||||
IN NS ns.sns.
|
||||
ns IN A 100.100.20.10 ;name server definition
|
||||
ns IN AAAA 2001:db8:a020::10
|
||||
kaz.milxc. IN NS ns.kaz.milxc.
|
||||
ns.kaz.milxc. IN A 100.80.0.2
|
||||
isp-a.milxc. IN NS ns.isp-a.milxc.
|
||||
ns.isp-a.milxc. IN A 100.120.1.2
|
||||
ns.isp-a.milxc. IN AAAA 2001:db8:120:1::2
|
||||
mica.milxc. IN NS ns.mica.milxc.
|
||||
ns.mica.milxc. IN A 100.82.0.2
|
||||
ns.mica.milxc. IN AAAA 2001:db8:82::2
|
||||
" >> /etc/nsd/milxc.zone
|
||||
kaz.sns. IN NS ns.kaz.sns.
|
||||
ns.kaz.sns. IN A 100.80.0.2
|
||||
isp-a.sns. IN NS ns.isp-a.sns.
|
||||
ns.isp-a.sns. IN A 100.120.1.2
|
||||
ns.isp-a.sns. IN AAAA 2001:db8:120:1::2
|
||||
mica.sns. IN NS ns.mica.sns.
|
||||
ns.mica.sns. IN A 100.82.0.2
|
||||
ns.mica.sns. IN AAAA 2001:db8:82::2
|
||||
" >> /etc/nsd/sns.zone
|
||||
@ -24,4 +24,4 @@ hosts:
|
||||
neighbors6: 2001:db8:b000::10 as 10; 2001:db8:b000::30 as 7;2001:db8:b000::40 as 8; 2001:db8:b000::2 as 31; 2001:db8:b000::20 as 6; 2001:db8:b000::50 as 13; 2001:db8:b000::110 as 20; 2001:db8:b001::140 as 12
|
||||
- resolv:
|
||||
nameserver: 100.100.100.100
|
||||
domain: transit-a.milxc
|
||||
domain: transit-a.sns
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#!/bin/sh
|
||||
# Transit A with alpine
|
||||
set -e
|
||||
if [ -z $MILXCGUARD ] ; then exit 1; fi
|
||||
if [ -z $SNSTERGUARD ] ; then exit 1; fi
|
||||
DIR=`dirname $0`
|
||||
cd `dirname $0`
|
||||
|
||||
@ -23,9 +23,6 @@ touch /etc/network/keepdhcp
|
||||
mkdir /etc/udhcpc
|
||||
echo "IF_METRIC=200" > /etc/udhcpc/udhcpc.conf
|
||||
|
||||
#echo "supersede domain-name-servers 10.10.10.10;" >> /etc/dhcp/dhclient.conf
|
||||
#echo "supersede domain-name \"internet.milxc\";" >> /etc/dhcp/dhclient.conf
|
||||
|
||||
|
||||
# customize bird config (BGP)
|
||||
sed -i "s/protocol kernel {/protocol kernel { metric 2000;/" /etc/bird.conf
|
||||
|
||||
@ -26,10 +26,10 @@ p.root-servers.net 518400 IN AAAA 2001:db8:a001::10
|
||||
" >> /etc/nsd/root.zone
|
||||
|
||||
|
||||
# add .milxc TLD served by 100.100.20.10
|
||||
echo -e "milxc. 518400 IN NS ns.milxc.
|
||||
ns.milxc. 518400 IN A 100.100.20.10
|
||||
ns.milxc. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone
|
||||
# add .sns TLD served by 100.100.20.10
|
||||
echo -e "sns. 518400 IN NS ns.sns.
|
||||
ns.sns. 518400 IN A 100.100.20.10
|
||||
ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone
|
||||
|
||||
# customize nsd config
|
||||
#echo -e "server:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user