configure hh.ccc.de on auth-dns

2026-04-30 22:53:07 +02:00 · 2026-04-30 22:53:07 +02:00 · 38cad40790
commit 38cad40790
parent 9fcb359a35
3 changed files with 25 additions and 3 deletions
--- a/inventories/chaosknoten/host_vars/auth-dns.sops.yaml
+++ b/inventories/chaosknoten/host_vars/auth-dns.sops.yaml
@ -1,4 +1,5 @@
 ansible_pull__age_private_key: ENC[AES256_GCM,data:2kBG8j8JHa/dlXgWMdbSobulFdVunf052T1QQfm1X2vpEZx2HPCL87fWea+O0WOg7+eoMYbiShu0Vw1eTjb+687LjU8l4cj2JWIajnYfDGH+ipWXojxj613C3RZV3JfDOclVTwP8fCHu7z7P3fKrsKWb5d3t2ohTT+sGdVdimakAOf192CkufcVIthq2imiWbntiMTOdMGJxyIjqT2Io2H89nSbJXkONsuHCF/PbxhryB2LZbl8aZV32knk=,iv:hpscVc7iO4r/h31vS6Zno2pkEsgA2uR7wD/1PjH1znM=,tag:ypiwFtgeXuj4gOsgTCRTBw==,type:str]
 knot__dnssec_key_secret: ENC[AES256_GCM,data:WPFTLyJIttFtqqTZV2fGN0Tt1vRS318TGmd2YqNzYisE3TBi6Z2aClxuYh56Q+j7TUQwCvga3jd5w017sEz3kA==,iv:umaFHBCy9AZgNFv7uXLCtO0o/NZDAZ1QNg5DcGHWEW8=,tag:oR92C1Uj5iXU9L02MqzGSQ==,type:str]
 sops:
  age:
    - recipient: age18zgt4y2sd75hxnpe333zz39048ctxpr0q8a3uqh3jajjkyawsdrq8yg5ve
@ -10,8 +11,8 @@ sops:
        MEZQTHZXNExsSnl0WW9Vb29sajE1YzAKoYU7rGuR+52+U02uf3eTH9hkIECWdcJv
        wN9JTwsUn0c6mi/d4AHgv5O04Uw7NxUyGVmFlDZzjxLwPzZyR73SvA==
        -----END AGE ENCRYPTED FILE-----
-  lastmodified: "2026-04-29T19:21:55Z"
+  lastmodified: "2026-05-01T17:08:09Z"
-  mac: ENC[AES256_GCM,data:RLXsIsSdrCuElYQ3x2YpwYzQx0V0zoYP6h9FLD+RqmZ1pWhlk6Ijp9WxCAlEWps9n5rPYYyhZ3ldSJluTVeroPwpzrmwW+xXCGsCC0BFk6PuB4UynfHwWR/3jEK47nAdPbNfONhzGfOeTObYp22c3iHiKL8YochOSlBToA8mFr4=,iv:fZZEa3C/BsNKGdTKlR/hexrzhmLxiMVxgL9nXjX2Q1E=,tag:I5M8SNbSw4w1crsl0z/5+Q==,type:str]
+  mac: ENC[AES256_GCM,data:TaMWf1ESs8nYzxkElMYtsz+/Be0PtI7FA0q6IFK+ob4dl/EN+AeTD7Pp0MZF8zcRvZ4hF0Ybimet5bwVR+d7UIXlXz3qP//pX68JDCvcLMQuhNtm6Ws+mwVxkpxEvBr1PtxlSvcQ76vH3ryEsXkP84gmlCDEdX1GAZYZ9ZS3Cfk=,iv:g3tzUfTPNUQyOAxWJEFPHg0IAPAzQgwYABHm4mFOOrI=,tag:C6KE/bg/3jS7Wc56y6YOJQ==,type:str]
  pgp:
    - created_at: "2026-04-29T19:18:43Z"
      enc: |-
--- a/inventories/chaosknoten/host_vars/auth-dns.yaml
+++ b/inventories/chaosknoten/host_vars/auth-dns.yaml
@ -1,2 +1,19 @@
 ---
 deploy_systemd_resolved_config__enable: false
 knot__dnssec_key_id: "auth-dns.hamburg.ccc.de-1"
 knot__remotes:
  - id: ns-intern.hamburg.ccc.de
    address: [ "2a00:14b0:f000:23::53", "172.31.17.53" ]
 knot__catalog_zones:
  - domain: "hamburg.ccc.de.catalog."
 knot__zones:
  # - domain: "hamburg.ccc.de."
  #   catalog_member: "hamburg.ccc.de.catalog."
  #   content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/hamburg.ccc.de.zone') }}"
  - domain: "hh.ccc.de."
    catalog_member: "hamburg.ccc.de.catalog."
    notify_targets: [ "ns-intern.hamburg.ccc.de" ]
    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/hh.ccc.de.zone') }}"
--- a/resources/chaosknoten/auth-dns/zones/hh.ccc.de.zone
+++ b/resources/chaosknoten/auth-dns/zones/hh.ccc.de.zone
@ -8,7 +8,7 @@ $TTL 7200
 ; ich hoffe diese aenderung arbeitet um diesen bug herum.
 ; - haegar 2001.11.14
-@               IN      SOA     ns.hamburg.ccc.de. haegar.ccc.de. (
+@               IN      SOA     auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. (
 		2024012601
                10800
                3600
@ -67,3 +67,7 @@ uucp		IN	A	192.76.134.7
 ; ChaosVPN
 hack		IN	NS	cvpn-dns.hack
 cvpn-dns.hack	IN	A	172.31.0.5
 ; tmp test
 merz.leck.eier IN TXT "kann er mal"