From 5e5fd1b19a2f86a549ef82007a2fe48ff6500bed Mon Sep 17 00:00:00 2001 From: Francois Lesueur Date: Fri, 23 Dec 2022 14:32:08 +0100 Subject: [PATCH] switch domain from kaz.milxc to kaz.sns --- files/snster-kaz/isp-a/group.yml | 8 ++--- .../isp-a/home/clawsmail/claws-mail/clawsrc | 2 +- files/snster-kaz/isp-a/home/provision.sh | 12 +++---- files/snster-kaz/isp-a/infra/dns.conf | 10 +++--- files/snster-kaz/isp-a/infra/provision.sh | 6 ++-- files/snster-kaz/kaz/group.yml | 4 +-- files/snster-kaz/kaz/prod/dns.conf | 8 ++--- .../kaz/prod/kaz/config/dockers.env | 6 ++-- files/snster-kaz/kaz/prod/provision.sh | 2 +- files/snster-kaz/mica/group.yml | 4 +-- files/snster-kaz/mica/infra/dns.conf | 8 ++--- files/snster-kaz/mica/infra/provision.sh | 12 ++----- files/snster-kaz/opendns/group.yml | 4 +-- files/snster-kaz/root-p/group.yml | 4 +-- files/snster-kaz/{milxc => tld-sns}/group.yml | 12 +++---- .../{milxc => tld-sns}/ns/provision.sh | 32 +++++++++---------- files/snster-kaz/transit-a/group.yml | 2 +- .../snster-kaz/transit-a/router/provision.sh | 5 +-- files/templates/debian/rootns/provision.sh | 8 ++--- 19 files changed, 70 insertions(+), 79 deletions(-) rename files/snster-kaz/{milxc => tld-sns}/group.yml (81%) rename files/snster-kaz/{milxc => tld-sns}/ns/provision.sh (52%) diff --git a/files/snster-kaz/isp-a/group.yml b/files/snster-kaz/isp-a/group.yml index 7c24d76..ad86b2e 100644 --- a/files/snster-kaz/isp-a/group.yml +++ b/files/snster-kaz/isp-a/group.yml @@ -28,7 +28,7 @@ hosts: neighbors6: 2001:db8:b000::1 as 30 - resolv: nameserver: 100.100.100.100 - domain: isp-a.milxc + domain: isp-a.sns infra: network: @@ -41,10 +41,10 @@ hosts: gatewayv6: 2001:db8:120:1::1 templates: - mailserver: - domain: isp-a.milxc + domain: isp-a.sns - resolverns: - resolv: - domain: isp-a.milxc + domain: isp-a.sns ns: 100.120.1.2 home: @@ -57,5 +57,5 @@ hosts: templates: - updatecaroots: - resolv: - domain: isp-a.milxc + domain: isp-a.sns ns: 100.120.1.2 diff --git a/files/snster-kaz/isp-a/home/clawsmail/claws-mail/clawsrc b/files/snster-kaz/isp-a/home/clawsmail/claws-mail/clawsrc index 796ecdc..3efc0e6 100644 --- a/files/snster-kaz/isp-a/home/clawsmail/claws-mail/clawsrc +++ b/files/snster-kaz/isp-a/home/clawsmail/claws-mail/clawsrc @@ -366,7 +366,7 @@ hover_timeout=500 cache_max_mem_usage=4096 cache_min_keep_time=15 thread_by_subject_max_age=10 -last_opened_folder=#imap/hacker@isp-a.milxc/Trash +last_opened_folder=#imap/email@isp-a.sns/Trash goto_last_folder_on_startup=0 summary_quicksearch_sticky=1 summary_quicksearch_dynamic=0 diff --git a/files/snster-kaz/isp-a/home/provision.sh b/files/snster-kaz/isp-a/home/provision.sh index db931bb..a329a8d 100644 --- a/files/snster-kaz/isp-a/home/provision.sh +++ b/files/snster-kaz/isp-a/home/provision.sh @@ -1,7 +1,7 @@ #!/bin/bash # ISP-A infra set -e -if [ -z $MILXCGUARD ] ; then exit 1; fi +if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` @@ -15,11 +15,11 @@ DEBIAN_FRONTEND=noninteractive apt-get install -y claws-mail # On configure les comptes mail if [ -f /clawsmail/addclawsuser.sh ]; then - su debian /clawsmail/addclawsuser.sh contact1 kaz.milxc contact1@kaz.milxc toto 1 - su debian /clawsmail/addclawsuser.sh contact2 kaz.milxc contact2@kaz.milxc toto 2 - su debian /clawsmail/addclawsuser.sh contact3 kaz.milxc contact3@kaz.milxc toto 3 - su debian /clawsmail/addclawsuser.sh contact4 kaz.milxc contact4@kaz.milxc toto 4 - su debian /clawsmail/addclawsuser.sh email isp-a.milxc email email 5 + su debian /clawsmail/addclawsuser.sh contact1 kaz.sns contact1@kaz.sns toto 1 + su debian /clawsmail/addclawsuser.sh contact2 kaz.sns contact2@kaz.sns toto 2 + su debian /clawsmail/addclawsuser.sh contact3 kaz.sns contact3@kaz.sns toto 3 + su debian /clawsmail/addclawsuser.sh contact4 kaz.sns contact4@kaz.sns toto 4 + su debian /clawsmail/addclawsuser.sh email isp-a.sns email email 5 fi # On place les certifs diff --git a/files/snster-kaz/isp-a/infra/dns.conf b/files/snster-kaz/isp-a/infra/dns.conf index c077a6f..86b91b8 100644 --- a/files/snster-kaz/isp-a/infra/dns.conf +++ b/files/snster-kaz/isp-a/infra/dns.conf @@ -2,8 +2,8 @@ server: interface: 0.0.0.0 access-control: 100.64.0.0/10 allow - local-zone: "isp-a.milxc." static - local-data: "smtp.isp-a.milxc. IN A 100.120.1.2" - local-data: "mail.isp-a.milxc. IN A 100.120.1.2" - local-data: "ns.isp-a.milxc. IN A 100.120.1.2" - local-data: "isp-a.milxc. IN MX 10 smtp.isp-a.milxc." + local-zone: "isp-a.sns." static + local-data: "smtp.isp-a.sns. IN A 100.120.1.2" + local-data: "mail.isp-a.sns. IN A 100.120.1.2" + local-data: "ns.isp-a.sns. IN A 100.120.1.2" + local-data: "isp-a.sns. IN MX 10 smtp.isp-a.sns." diff --git a/files/snster-kaz/isp-a/infra/provision.sh b/files/snster-kaz/isp-a/infra/provision.sh index 26685a7..88f20d2 100644 --- a/files/snster-kaz/isp-a/infra/provision.sh +++ b/files/snster-kaz/isp-a/infra/provision.sh @@ -1,11 +1,11 @@ #!/bin/bash # ISP-A infra set -e -if [ -z $MILXCGUARD ] ; then exit 1; fi +if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` -# Email's mail account email@isp-a.milxc +# Email's mail account email@isp-a.sns useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 email` email || true addgroup email mail #mkdir /home/hacker/mail @@ -15,7 +15,7 @@ addgroup email mail echo "DNSStubListener=no" >> /etc/systemd/resolved.conf systemctl stop systemd-resolved -# manage isp-a.milxc zone +# manage isp-a.sns zone apt-get update DEBIAN_FRONTEND=noninteractive apt-get install -y unbound cp dns.conf /etc/unbound/unbound.conf.d/ diff --git a/files/snster-kaz/kaz/group.yml b/files/snster-kaz/kaz/group.yml index 7dd4c88..5d42fa0 100644 --- a/files/snster-kaz/kaz/group.yml +++ b/files/snster-kaz/kaz/group.yml @@ -27,7 +27,7 @@ hosts: neighbors6: 2001:db8:b000::1 as 30 - resolv: nameserver: 100.100.100.100 - domain: kaz.milxc + domain: kaz.sns prod: network: @@ -44,5 +44,5 @@ hosts: - authns: zonefile: dns.conf - resolv: - domain: kaz.milxc + domain: kaz.sns ns: 100.100.100.100 diff --git a/files/snster-kaz/kaz/prod/dns.conf b/files/snster-kaz/kaz/prod/dns.conf index c8ee9e0..b5db029 100644 --- a/files/snster-kaz/kaz/prod/dns.conf +++ b/files/snster-kaz/kaz/prod/dns.conf @@ -1,14 +1,14 @@ $TTL 86400 -$ORIGIN kaz.milxc. -@ 1D IN SOA ns.kaz.milxc. hostmaster.kaz.milxc. ( +$ORIGIN kaz.sns. +@ 1D IN SOA ns.kaz.sns. hostmaster.kaz.sns. ( 2002022401 ; serial 3H ; refresh 15 ; retry 1w ; expire 3h ; nxdomain ttl ) - IN NS ns.kaz.milxc. - IN MX 10 smtp.kaz.milxc. + IN NS ns.kaz.sns. + IN MX 10 smtp.kaz.sns. IN A 100.80.0.2 ns IN A 100.80.0.2 dmz IN A 100.80.0.2 diff --git a/files/snster-kaz/kaz/prod/kaz/config/dockers.env b/files/snster-kaz/kaz/prod/kaz/config/dockers.env index 05b2b08..63aff8b 100644 --- a/files/snster-kaz/kaz/prod/kaz/config/dockers.env +++ b/files/snster-kaz/kaz/prod/kaz/config/dockers.env @@ -9,12 +9,12 @@ mode=local ######################################## # choix du domaine # prod=kaz.bzh / dev=dev.kaz.bzh / local=kaz.local -domain=kaz.milxc +domain=kaz.sns ######################################## # choix du domaine des mails sympa # prod=kaz.bzh / dev=kaz2.ovh / local=kaz.local -domain_sympa=kaz.milxc +domain_sympa=kaz.sns ######################################## # choix d'un serveur partiel @@ -112,7 +112,7 @@ restartPolicy=no jirafeauDir=/var/jirafeauData/lkuDM16R5Sp4QHr/ -ldapRoot=dc=kaz,dc=milxc +ldapRoot=dc=kaz,dc=sns ######################################## # services activés par container.sh diff --git a/files/snster-kaz/kaz/prod/provision.sh b/files/snster-kaz/kaz/prod/provision.sh index 1571817..3337a2f 100644 --- a/files/snster-kaz/kaz/prod/provision.sh +++ b/files/snster-kaz/kaz/prod/provision.sh @@ -1,7 +1,7 @@ #!/bin/bash # Target DMZ set -e -if [ -z $MILXCGUARD ] ; then exit 1; fi +if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` diff --git a/files/snster-kaz/mica/group.yml b/files/snster-kaz/mica/group.yml index 897a743..0a16ebc 100644 --- a/files/snster-kaz/mica/group.yml +++ b/files/snster-kaz/mica/group.yml @@ -25,7 +25,7 @@ hosts: neighbors6: 2001:db8:b000::1 as 30 - resolv: nameserver: 100.100.100.100 - domain: mica.milxc + domain: mica.sns infra: network: @@ -38,5 +38,5 @@ hosts: gatewayv6: 2001:db8:82::1 templates: - resolv: - domain: mica.milxc + domain: mica.sns ns: 100.100.100.100 diff --git a/files/snster-kaz/mica/infra/dns.conf b/files/snster-kaz/mica/infra/dns.conf index 39473a8..60e35b3 100644 --- a/files/snster-kaz/mica/infra/dns.conf +++ b/files/snster-kaz/mica/infra/dns.conf @@ -2,7 +2,7 @@ server: interface: 0.0.0.0 access-control: 100.64.0.0/10 allow - local-zone: "mica.milxc." static - local-data: "ns.mica.milxc. IN A 100.82.0.2" - local-data: "www.mica.milxc. IN A 100.82.0.2" - local-data: "ca.mica.milxc. IN A 100.82.0.2" + local-zone: "mica.sns." static + local-data: "ns.mica.sns. IN A 100.82.0.2" + local-data: "www.mica.sns. IN A 100.82.0.2" + local-data: "ca.mica.sns. IN A 100.82.0.2" diff --git a/files/snster-kaz/mica/infra/provision.sh b/files/snster-kaz/mica/infra/provision.sh index e0340f6..c76e5ac 100644 --- a/files/snster-kaz/mica/infra/provision.sh +++ b/files/snster-kaz/mica/infra/provision.sh @@ -1,21 +1,15 @@ #!/bin/bash # MICA infra set -e -if [ -z $MILXCGUARD ] ; then exit 1; fi +if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` -# Hacker's mail account hacker@isp-a.milxc -useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 ca` ca || true -addgroup ca mail -#mkdir /home/hacker/mail -#touch /home/hacker/mail/Drafts /home/hacker/mail/Queue /home/hacker/mail/Sent /home/hacker/mail/Trash - # disable systemd-resolved which conflicts with nsd echo "DNSStubListener=no" >> /etc/systemd/resolved.conf systemctl stop systemd-resolved -# manage isp-a.milxc zone +# manage mica.sns zone apt-get update DEBIAN_FRONTEND=noninteractive apt-get install -y unbound cp dns.conf /etc/unbound/unbound.conf.d/ @@ -31,4 +25,4 @@ dpkg -i step-ca_0.17.2_amd64.deb # step ca init # step ca root root.crt # step ca provisioner add acme --type ACME -# certbot certonly -n --standalone -d www.target.milxc --server https://www.mica.milxc/acme/acme/directory --agree-tos --email "fr@fr.fr" +# certbot certonly -n --standalone -d www.target.sns --server https://www.mica.sns/acme/acme/directory --agree-tos --email "fr@fr.fr" diff --git a/files/snster-kaz/opendns/group.yml b/files/snster-kaz/opendns/group.yml index c19ea01..3ed3c8c 100644 --- a/files/snster-kaz/opendns/group.yml +++ b/files/snster-kaz/opendns/group.yml @@ -25,7 +25,7 @@ hosts: neighbors6: 2001:db8:b000::1 as 30 - resolv: nameserver: 100.100.100.100 - domain: opendns.milxc + domain: opendns.sns resolver: network: @@ -39,5 +39,5 @@ hosts: templates: - resolverns: - resolv: - domain: opendns.milxc + domain: opendns.sns ns: 100.100.100.100 diff --git a/files/snster-kaz/root-p/group.yml b/files/snster-kaz/root-p/group.yml index 0793937..a4540bb 100644 --- a/files/snster-kaz/root-p/group.yml +++ b/files/snster-kaz/root-p/group.yml @@ -25,7 +25,7 @@ hosts: neighbors6: 2001:db8:b000::1 as 30 - resolv: nameserver: 100.100.100.100 - domain: ns-root-p.milxc + domain: ns-root-p.sns rootns: network: @@ -39,5 +39,5 @@ hosts: templates: - rootns: - resolv: - domain: ns-root-p.milxc + domain: ns-root-p.sns ns: 100.100.100.100 diff --git a/files/snster-kaz/milxc/group.yml b/files/snster-kaz/tld-sns/group.yml similarity index 81% rename from files/snster-kaz/milxc/group.yml rename to files/snster-kaz/tld-sns/group.yml index daf4b36..6e63934 100644 --- a/files/snster-kaz/milxc/group.yml +++ b/files/snster-kaz/tld-sns/group.yml @@ -1,8 +1,8 @@ version: 1 header: - name: MILXC AS - comment: The .milxc TLD auth NS + name: TLD SNS AS + comment: The .sns TLD auth NS hosts: router: @@ -14,7 +14,7 @@ hosts: ipv4: 100.64.0.40/24 ipv6: 2001:db8:b000::40/48 eth1: - bridge: milxc-lan + bridge: tld-sns-lan ipv4: 100.100.20.1/24 ipv6: 2001:db8:a020::1/48 templates: @@ -25,18 +25,18 @@ hosts: neighbors6: 2001:db8:b000::1 as 30 - resolv: nameserver: 100.100.100.100 - domain: milxc.milxc + domain: tld-sns.sns ns: network: interfaces: eth0: - bridge: milxc-lan + bridge: tld-sns-lan ipv4: 100.100.20.10/24 ipv6: 2001:db8:a020::10/48 gatewayv4: 100.100.20.1 gatewayv6: 2001:db8:a020::1 templates: - resolv: - domain: milxc.milxc + domain: tld-sns.sns ns: 100.100.100.100 diff --git a/files/snster-kaz/milxc/ns/provision.sh b/files/snster-kaz/tld-sns/ns/provision.sh similarity index 52% rename from files/snster-kaz/milxc/ns/provision.sh rename to files/snster-kaz/tld-sns/ns/provision.sh index e7f23c2..24d6748 100644 --- a/files/snster-kaz/milxc/ns/provision.sh +++ b/files/snster-kaz/tld-sns/ns/provision.sh @@ -1,8 +1,8 @@ #!/bin/bash -# .milxc registry +# .sns registry set -e -if [ -z $MILXCGUARD ] ; then exit 1; fi +if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` @@ -14,28 +14,28 @@ apt-get update DEBIAN_FRONTEND=noninteractive apt-get install -y nsd echo -e "zone: - name: \"milxc.\" - zonefile: \"milxc.zone\" + name: \"sns.\" + zonefile: \"sns.zone\" " > /etc/nsd/nsd.conf echo -e "\$TTL 86400 -\$ORIGIN milxc. -@ 1D IN SOA ns.milxc. hostmaster.milxc. ( +\$ORIGIN sns. +@ 1D IN SOA ns.sns. hostmaster.sns. ( 2002022401 ; serial 3H ; refresh 15 ; retry 1w ; expire 3h ; nxdomain ttl ) - IN NS ns.milxc. + IN NS ns.sns. ns IN A 100.100.20.10 ;name server definition ns IN AAAA 2001:db8:a020::10 -kaz.milxc. IN NS ns.kaz.milxc. -ns.kaz.milxc. IN A 100.80.0.2 -isp-a.milxc. IN NS ns.isp-a.milxc. -ns.isp-a.milxc. IN A 100.120.1.2 -ns.isp-a.milxc. IN AAAA 2001:db8:120:1::2 -mica.milxc. IN NS ns.mica.milxc. -ns.mica.milxc. IN A 100.82.0.2 -ns.mica.milxc. IN AAAA 2001:db8:82::2 -" >> /etc/nsd/milxc.zone +kaz.sns. IN NS ns.kaz.sns. +ns.kaz.sns. IN A 100.80.0.2 +isp-a.sns. IN NS ns.isp-a.sns. +ns.isp-a.sns. IN A 100.120.1.2 +ns.isp-a.sns. IN AAAA 2001:db8:120:1::2 +mica.sns. IN NS ns.mica.sns. +ns.mica.sns. IN A 100.82.0.2 +ns.mica.sns. IN AAAA 2001:db8:82::2 +" >> /etc/nsd/sns.zone diff --git a/files/snster-kaz/transit-a/group.yml b/files/snster-kaz/transit-a/group.yml index 660c194..29833ef 100644 --- a/files/snster-kaz/transit-a/group.yml +++ b/files/snster-kaz/transit-a/group.yml @@ -24,4 +24,4 @@ hosts: neighbors6: 2001:db8:b000::10 as 10; 2001:db8:b000::30 as 7;2001:db8:b000::40 as 8; 2001:db8:b000::2 as 31; 2001:db8:b000::20 as 6; 2001:db8:b000::50 as 13; 2001:db8:b000::110 as 20; 2001:db8:b001::140 as 12 - resolv: nameserver: 100.100.100.100 - domain: transit-a.milxc + domain: transit-a.sns diff --git a/files/snster-kaz/transit-a/router/provision.sh b/files/snster-kaz/transit-a/router/provision.sh index 452efcb..0a5a112 100755 --- a/files/snster-kaz/transit-a/router/provision.sh +++ b/files/snster-kaz/transit-a/router/provision.sh @@ -1,7 +1,7 @@ #!/bin/sh # Transit A with alpine set -e -if [ -z $MILXCGUARD ] ; then exit 1; fi +if [ -z $SNSTERGUARD ] ; then exit 1; fi DIR=`dirname $0` cd `dirname $0` @@ -23,9 +23,6 @@ touch /etc/network/keepdhcp mkdir /etc/udhcpc echo "IF_METRIC=200" > /etc/udhcpc/udhcpc.conf -#echo "supersede domain-name-servers 10.10.10.10;" >> /etc/dhcp/dhclient.conf -#echo "supersede domain-name \"internet.milxc\";" >> /etc/dhcp/dhclient.conf - # customize bird config (BGP) sed -i "s/protocol kernel {/protocol kernel { metric 2000;/" /etc/bird.conf diff --git a/files/templates/debian/rootns/provision.sh b/files/templates/debian/rootns/provision.sh index 7657a21..eab67fd 100644 --- a/files/templates/debian/rootns/provision.sh +++ b/files/templates/debian/rootns/provision.sh @@ -26,10 +26,10 @@ p.root-servers.net 518400 IN AAAA 2001:db8:a001::10 " >> /etc/nsd/root.zone -# add .milxc TLD served by 100.100.20.10 -echo -e "milxc. 518400 IN NS ns.milxc. -ns.milxc. 518400 IN A 100.100.20.10 -ns.milxc. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone +# add .sns TLD served by 100.100.20.10 +echo -e "sns. 518400 IN NS ns.sns. +ns.sns. 518400 IN A 100.100.20.10 +ns.sns. 518400 IN AAAA 2001:db8:a020::10" >> /etc/nsd/root.zone # customize nsd config #echo -e "server: