KAZ/kaz-vagrant
12
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

switch domain from kaz.milxc to kaz.sns

Browse Source
This commit is contained in:
Francois Lesueur
2022-12-23 14:32:08 +01:00
parent 215e77c226
commit 5e5fd1b19a
19 changed files with 70 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
files/snster-kaz/mica/group.yml
View File

@ -25,7 +25,7 @@ hosts:
neighbors6: 2001:db8:b000::1 as 30
- resolv:
nameserver: 100.100.100.100
domain: mica.milxc
domain: mica.sns
infra:
network:
@ -38,5 +38,5 @@ hosts:
gatewayv6: 2001:db8:82::1
templates:
- resolv:
domain: mica.milxc
domain: mica.sns
ns: 100.100.100.100

8
files/snster-kaz/mica/infra/dns.conf
View File

@ -2,7 +2,7 @@ server:
interface: 0.0.0.0
access-control: 100.64.0.0/10 allow
local-zone: "mica.milxc." static
local-data: "ns.mica.milxc. IN A 100.82.0.2"
local-data: "www.mica.milxc. IN A 100.82.0.2"
local-data: "ca.mica.milxc. IN A 100.82.0.2"
local-zone: "mica.sns." static
local-data: "ns.mica.sns. IN A 100.82.0.2"
local-data: "www.mica.sns. IN A 100.82.0.2"
local-data: "ca.mica.sns. IN A 100.82.0.2"

12
files/snster-kaz/mica/infra/provision.sh
View File

@ -1,21 +1,15 @@
#!/bin/bash
# MICA infra
set -e
if [ -z $MILXCGUARD ] ; then exit 1; fi
if [ -z $SNSTERGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
# Hacker's mail account hacker@isp-a.milxc
useradd -m -s "/bin/bash" -p `mkpasswd --method=sha-512 ca` ca || true
addgroup ca mail
#mkdir /home/hacker/mail
#touch /home/hacker/mail/Drafts /home/hacker/mail/Queue /home/hacker/mail/Sent /home/hacker/mail/Trash
# disable systemd-resolved which conflicts with nsd
echo "DNSStubListener=no" >> /etc/systemd/resolved.conf
systemctl stop systemd-resolved
# manage isp-a.milxc zone
# manage mica.sns zone
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y unbound
cp dns.conf /etc/unbound/unbound.conf.d/
@ -31,4 +25,4 @@ dpkg -i step-ca_0.17.2_amd64.deb
# step ca init
# step ca root root.crt
# step ca provisioner add acme --type ACME
# certbot certonly -n --standalone -d www.target.milxc --server https://www.mica.milxc/acme/acme/directory --agree-tos --email "fr@fr.fr"
# certbot certonly -n --standalone -d www.target.sns --server https://www.mica.sns/acme/acme/directory --agree-tos --email "fr@fr.fr"