switch domain from kaz.milxc to kaz.sns

This commit is contained in:
Francois Lesueur 2022-12-23 14:32:08 +01:00
parent 215e77c226
commit 5e5fd1b19a
19 changed files with 70 additions and 79 deletions

View File

@ -28,7 +28,7 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: isp-a.milxc
domain: isp-a.sns
infra:
network:
@ -41,10 +41,10 @@ hosts:
gatewayv6: 2001:db8:120:1::1
templates:
- mailserver:
domain: isp-a.milxc
domain: isp-a.sns
- resolverns:
- resolv:
domain: isp-a.milxc
domain: isp-a.sns
ns: 100.120.1.2
home:
@ -57,5 +57,5 @@ hosts:
templates:
- updatecaroots:
- resolv:
domain: isp-a.milxc
domain: isp-a.sns
ns: 100.120.1.2

View File

@ -366,7 +366,7 @@ hover_timeout=500
cache_max_mem_usage=4096
cache_min_keep_time=15
thread_by_subject_max_age=10
last_opened_folder=#imap/hacker@isp-a.milxc/Trash
last_opened_folder=#imap/email@isp-a.sns/Trash
goto_last_folder_on_startup=0
summary_quicksearch_sticky=1
summary_quicksearch_dynamic=0

View File

@ -1,7 +1,7 @@
#!/bin/bash
# ISP-A infra
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
@ -15,11 +15,11 @@ DEBIAN_FRONTEND=noninteractive apt-get install -y claws-mail
# On configure les comptes mail
if [ -f /clawsmail/addclawsuser.sh ]; then
su debian /clawsmail/addclawsuser.sh contact1 kaz.milxc contact1@kaz.milxc toto 1
su debian /clawsmail/addclawsuser.sh contact2 kaz.milxc contact2@kaz.milxc toto 2
su debian /clawsmail/addclawsuser.sh contact3 kaz.milxc contact3@kaz.milxc toto 3
su debian /clawsmail/addclawsuser.sh contact4 kaz.milxc contact4@kaz.milxc toto 4
su debian /clawsmail/addclawsuser.sh email isp-a.milxc email email 5
su debian /clawsmail/addclawsuser.sh contact1 kaz.sns contact1@kaz.sns toto 1
su debian /clawsmail/addclawsuser.sh contact2 kaz.sns contact2@kaz.sns toto 2
su debian /clawsmail/addclawsuser.sh contact3 kaz.sns contact3@kaz.sns toto 3
su debian /clawsmail/addclawsuser.sh contact4 kaz.sns contact4@kaz.sns toto 4
su debian /clawsmail/addclawsuser.sh email isp-a.sns email email 5
fi
# On place les certifs

View File

@ -2,8 +2,8 @@ server:
interface: 0.0.0.0
access-control: 100.64.0.0/10 allow
local-zone: "isp-a.milxc." static
local-data: "smtp.isp-a.milxc. IN A 100.120.1.2"
local-data: "mail.isp-a.milxc. IN A 100.120.1.2"
local-data: "ns.isp-a.milxc. IN A 100.120.1.2"
local-data: "isp-a.milxc. IN MX 10 smtp.isp-a.milxc."
local-zone: "isp-a.sns." static
local-data: "smtp.isp-a.sns. IN A 100.120.1.2"
local-data: "mail.isp-a.sns. IN A 100.120.1.2"
local-data: "ns.isp-a.sns. IN A 100.120.1.2"
local-data: "isp-a.sns. IN MX 10 smtp.isp-a.sns."

View File

@ -1,11 +1,11 @@
#!/bin/bash
# ISP-A infra
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
# Email's mail account email@isp-a.milxc
# Email's mail account email@isp-a.sns
useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 email` email || true
addgroup email mail
#mkdir /home/hacker/mail
@ -15,7 +15,7 @@ addgroup email mail
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
systemctl stop systemd-resolved
# manage isp-a.milxc zone
# manage isp-a.sns zone
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y unbound
cp dns.conf /etc/unbound/unbound.conf.d/

View File

@ -27,7 +27,7 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: kaz.milxc
domain: kaz.sns
prod:
network:
@ -44,5 +44,5 @@ hosts:
- authns:
zonefile: dns.conf
- resolv:
domain: kaz.milxc
domain: kaz.sns
ns: 100.100.100.100

View File

@ -1,14 +1,14 @@
$TTL 86400
$ORIGIN kaz.milxc.
@ 1D IN SOA ns.kaz.milxc. hostmaster.kaz.milxc. (
$ORIGIN kaz.sns.
@ 1D IN SOA ns.kaz.sns. hostmaster.kaz.sns. (
2002022401 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; nxdomain ttl
)
IN NS ns.kaz.milxc.
IN MX 10 smtp.kaz.milxc.
IN NS ns.kaz.sns.
IN MX 10 smtp.kaz.sns.
IN A 100.80.0.2
ns IN A 100.80.0.2
dmz IN A 100.80.0.2

View File

@ -9,12 +9,12 @@ mode=local
########################################
# choix du domaine
# prod=kaz.bzh / dev=dev.kaz.bzh / local=kaz.local
domain=kaz.milxc
domain=kaz.sns
########################################
# choix du domaine des mails sympa
# prod=kaz.bzh / dev=kaz2.ovh / local=kaz.local
domain_sympa=kaz.milxc
domain_sympa=kaz.sns
########################################
# choix d'un serveur partiel
@ -112,7 +112,7 @@ restartPolicy=no
jirafeauDir=/var/jirafeauData/lkuDM16R5Sp4QHr/
ldapRoot=dc=kaz,dc=milxc
ldapRoot=dc=kaz,dc=sns
########################################
# services activés par container.sh

View File

@ -1,7 +1,7 @@
#!/bin/bash
# Target DMZ
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`

View File

@ -25,7 +25,7 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: mica.milxc
domain: mica.sns
infra:
network:
@ -38,5 +38,5 @@ hosts:
gatewayv6: 2001:db8:82::1
templates:
- resolv:
domain: mica.milxc
domain: mica.sns
ns: 100.100.100.100

View File

@ -2,7 +2,7 @@ server:
interface: 0.0.0.0
access-control: 100.64.0.0/10 allow
local-zone: "mica.milxc." static
local-data: "ns.mica.milxc. IN A 100.82.0.2"
local-data: "www.mica.milxc. IN A 100.82.0.2"
local-data: "ca.mica.milxc. IN A 100.82.0.2"
local-zone: "mica.sns." static
local-data: "ns.mica.sns. IN A 100.82.0.2"
local-data: "www.mica.sns. IN A 100.82.0.2"
local-data: "ca.mica.sns. IN A 100.82.0.2"

View File

@ -1,21 +1,15 @@
#!/bin/bash
# MICA infra
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
# Hacker's mail account hacker@isp-a.milxc
useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 ca` ca || true
addgroup ca mail
#mkdir /home/hacker/mail
#touch /home/hacker/mail/Drafts /home/hacker/mail/Queue /home/hacker/mail/Sent /home/hacker/mail/Trash
# disable systemd-resolved which conflicts with nsd
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
systemctl stop systemd-resolved
# manage isp-a.milxc zone
# manage mica.sns zone
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y unbound
cp dns.conf /etc/unbound/unbound.conf.d/
@ -31,4 +25,4 @@ dpkg -i step-ca_0.17.2_amd64.deb
# step ca init
# step ca root root.crt
# step ca provisioner add acme --type ACME
# certbot certonly -n --standalone -d www.target.milxc --server https://www.mica.milxc/acme/acme/directory --agree-tos --email "fr@fr.fr"
# certbot certonly -n --standalone -d www.target.sns --server https://www.mica.sns/acme/acme/directory --agree-tos --email "fr@fr.fr"

View File

@ -25,7 +25,7 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: opendns.milxc
domain: opendns.sns
resolver:
network:
@ -39,5 +39,5 @@ hosts:
templates:
- resolverns:
- resolv:
domain: opendns.milxc
domain: opendns.sns
ns: 100.100.100.100

View File

@ -25,7 +25,7 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: ns-root-p.milxc
domain: ns-root-p.sns
rootns:
network:
@ -39,5 +39,5 @@ hosts:
templates:
- rootns:
- resolv:
domain: ns-root-p.milxc
domain: ns-root-p.sns
ns: 100.100.100.100

View File

@ -1,8 +1,8 @@
version: 1
header:
name: MILXC AS
comment: The .milxc TLD auth NS
name: TLD SNS AS
comment: The .sns TLD auth NS
hosts:
router:
@ -14,7 +14,7 @@ hosts:
ipv4: 100.64.0.40/24
ipv6: 2001:db8:b000::40/48
eth1:
bridge: milxc-lan
bridge: tld-sns-lan
ipv4: 100.100.20.1/24
ipv6: 2001:db8:a020::1/48
templates:
@ -25,18 +25,18 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: milxc.milxc
domain: tld-sns.sns
ns:
network:
interfaces:
eth0:
bridge: milxc-lan
bridge: tld-sns-lan
ipv4: 100.100.20.10/24
ipv6: 2001:db8:a020::10/48
gatewayv4: 100.100.20.1
gatewayv6: 2001:db8:a020::1
templates:
- resolv:
domain: milxc.milxc
domain: tld-sns.sns
ns: 100.100.100.100

View File

@ -1,8 +1,8 @@
#!/bin/bash
# .milxc registry
# .sns registry
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
@ -14,28 +14,28 @@ apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y nsd
echo -e "zone:
name: \"milxc.\"
zonefile: \"milxc.zone\"
name: \"sns.\"
zonefile: \"sns.zone\"
" > /etc/nsd/nsd.conf
echo -e "\$TTL 86400
\$ORIGIN milxc.
@ 1D IN SOA ns.milxc. hostmaster.milxc. (
\$ORIGIN sns.
@ 1D IN SOA ns.sns. hostmaster.sns. (
2002022401 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; nxdomain ttl
)
IN NS ns.milxc.
IN NS ns.sns.
ns IN A 100.100.20.10 ;name server definition
ns IN AAAA 2001:db8:a020::10
kaz.milxc. IN NS ns.kaz.milxc.
ns.kaz.milxc. IN A 100.80.0.2
isp-a.milxc. IN NS ns.isp-a.milxc.
ns.isp-a.milxc. IN A 100.120.1.2
ns.isp-a.milxc. IN AAAA 2001:db8:120:1::2
mica.milxc. IN NS ns.mica.milxc.
ns.mica.milxc. IN A 100.82.0.2
ns.mica.milxc. IN AAAA 2001:db8:82::2
" >> /etc/nsd/milxc.zone
kaz.sns. IN NS ns.kaz.sns.
ns.kaz.sns. IN A 100.80.0.2
isp-a.sns. IN NS ns.isp-a.sns.
ns.isp-a.sns. IN A 100.120.1.2
ns.isp-a.sns. IN AAAA 2001:db8:120:1::2
mica.sns. IN NS ns.mica.sns.
ns.mica.sns. IN A 100.82.0.2
ns.mica.sns. IN AAAA 2001:db8:82::2
" >> /etc/nsd/sns.zone

View File

@ -24,4 +24,4 @@ hosts:
neighbors6: 2001:db8:b000::10 as 10; 2001:db8:b000::30 as 7;2001:db8:b000::40 as 8; 2001:db8:b000::2 as 31; 2001:db8:b000::20 as 6; 2001:db8:b000::50 as 13; 2001:db8:b000::110 as 20; 2001:db8:b001::140 as 12
- resolv:
nameserver: 100.100.100.100
domain: transit-a.milxc
domain: transit-a.sns

View File

@ -1,7 +1,7 @@
#!/bin/sh
# Transit A with alpine
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
@ -23,9 +23,6 @@ touch /etc/network/keepdhcp
mkdir /etc/udhcpc
echo "IF_METRIC=200" > /etc/udhcpc/udhcpc.conf
#echo "supersede domain-name-servers 10.10.10.10;" >> /etc/dhcp/dhclient.conf
#echo "supersede domain-name \"internet.milxc\";" >> /etc/dhcp/dhclient.conf
# customize bird config (BGP)
sed -i "s/protocol kernel {/protocol kernel { metric 2000;/" /etc/bird.conf

View File

@ -26,10 +26,10 @@ p.root-servers.net 518400 IN AAAA 2001:db8:a001::10
" >> /etc/nsd/root.zone
# add .milxc TLD served by 100.100.20.10
echo -e "milxc. 518400 IN NS ns.milxc.
ns.milxc. 518400 IN A 100.100.20.10
ns.milxc. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone
# add .sns TLD served by 100.100.20.10
echo -e "sns. 518400 IN NS ns.sns.
ns.sns. 518400 IN A 100.100.20.10
ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone
# customize nsd config
#echo -e "server: