From d2f95237a098abcb47525a4f0f2db5363f215023 Mon Sep 17 00:00:00 2001 From: lilly Date: Wed, 13 May 2026 15:11:23 +0200 Subject: [PATCH 1/2] add wieskes nameservers for reverse-dns zone transfers from auth-dns --- inventories/chaosknoten/host_vars/auth-dns.yaml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/inventories/chaosknoten/host_vars/auth-dns.yaml b/inventories/chaosknoten/host_vars/auth-dns.yaml index 970e2f8..badd093 100644 --- a/inventories/chaosknoten/host_vars/auth-dns.yaml +++ b/inventories/chaosknoten/host_vars/auth-dns.yaml @@ -7,6 +7,12 @@ knot__dnssec_key_id: "auth-dns.hamburg.ccc.de-1" knot__remotes: - id: ns-intern.hamburg.ccc.de address: [ "2a00:14b0:f000:23::53", "172.31.17.53" ] + - id: p-dns.irz42.net + address: [ "192.76.134.30", "2a00:14b0:4200:8600::30" ] + - id: s-dns.irz42.net + address: [ "212.12.50.130", "2a00:14b0:4200:3280::130" ] + - id: k-dns.irz42.net + address: [ "212.12.54.252", "2a00:14b0:4200:3600::252" ] knot__catalog_zones: - domain: "hamburg.ccc.de.catalog." @@ -38,7 +44,7 @@ knot__zones: content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/eh22.easterhegg.eu.zone') }}" - domain: "3.2.0.0.0.0.0.f.0.b.4.1.0.0.a.2.ip6.arpa." - notify_targets: [ "ns-intern.hamburg.ccc.de" ] + notify_targets: [ "ns-intern.hamburg.ccc.de", "p-dns.irz42.net", "s-dns.irz42.net", "k-dns.irz42.net" ] content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/3.2.0.0.0.0.0.f.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" - domain: "2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa." From 18ffa42358029d9135c35b36d35ea0de7f29a01c Mon Sep 17 00:00:00 2001 From: lilly Date: Wed, 13 May 2026 15:11:23 +0200 Subject: [PATCH 2/2] remove actually unused reverse-dns zones --- .../chaosknoten/host_vars/auth-dns.yaml | 20 ------------------- ....0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone | 16 --------------- ....0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone | 15 -------------- ....0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone | 15 -------------- ....0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone | 15 -------------- ....0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone | 15 -------------- 6 files changed, 96 deletions(-) delete mode 100644 resources/chaosknoten/auth-dns/zones/2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone delete mode 100644 resources/chaosknoten/auth-dns/zones/3.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone delete mode 100644 resources/chaosknoten/auth-dns/zones/4.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone delete mode 100644 resources/chaosknoten/auth-dns/zones/5.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone delete mode 100644 resources/chaosknoten/auth-dns/zones/6.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone diff --git a/inventories/chaosknoten/host_vars/auth-dns.yaml b/inventories/chaosknoten/host_vars/auth-dns.yaml index badd093..3efb85d 100644 --- a/inventories/chaosknoten/host_vars/auth-dns.yaml +++ b/inventories/chaosknoten/host_vars/auth-dns.yaml @@ -46,23 +46,3 @@ knot__zones: - domain: "3.2.0.0.0.0.0.f.0.b.4.1.0.0.a.2.ip6.arpa." notify_targets: [ "ns-intern.hamburg.ccc.de", "p-dns.irz42.net", "s-dns.irz42.net", "k-dns.irz42.net" ] content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/3.2.0.0.0.0.0.f.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" - - - domain: "2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa." - notify_targets: [ "ns-intern.hamburg.ccc.de" ] - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" - - - domain: "3.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa." - notify_targets: [ "ns-intern.hamburg.ccc.de" ] - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/3.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" - - - domain: "4.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa." - notify_targets: [ "ns-intern.hamburg.ccc.de" ] - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/4.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" - - - domain: "5.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa." - notify_targets: [ "ns-intern.hamburg.ccc.de" ] - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/5.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" - - - domain: "6.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa." - notify_targets: [ "ns-intern.hamburg.ccc.de" ] - content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/auth-dns/zones/6.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone') }}" diff --git a/resources/chaosknoten/auth-dns/zones/2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone b/resources/chaosknoten/auth-dns/zones/2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone deleted file mode 100644 index baacd63..0000000 --- a/resources/chaosknoten/auth-dns/zones/2.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,16 +0,0 @@ -$TTL 7200 - -@ IN SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( - 2023073001 - 10800 - 3600 - 3600000 - 86400 ) - - IN NS auth-dns.hamburg.ccc.de. - IN NS ns.vie.ccc.de. - -; 2a00:14b0:4200:3000:122::1 - -1.0.0.0.0.0.0.0.0.0.0.0 IN PTR turing.hamburg.ccc.de. - diff --git a/resources/chaosknoten/auth-dns/zones/3.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone b/resources/chaosknoten/auth-dns/zones/3.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone deleted file mode 100644 index 6972a51..0000000 --- a/resources/chaosknoten/auth-dns/zones/3.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 7200 - -@ IN SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( - 2023072900 - 10800 - 3600 - 3600000 - 86400 ) - - IN NS auth-dns.hamburg.ccc.de. - IN NS ns.vie.ccc.de. - -; 2a00:14b0:4200:3000:123::1 - -1.0.0.0.0.0.0.0.0.0.0.0 IN PTR unused.hamburg.ccc.de. diff --git a/resources/chaosknoten/auth-dns/zones/4.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone b/resources/chaosknoten/auth-dns/zones/4.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone deleted file mode 100644 index a43bc06..0000000 --- a/resources/chaosknoten/auth-dns/zones/4.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 7200 - -@ IN SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( - 2023072900 - 10800 - 3600 - 3600000 - 86400 ) - - IN NS auth-dns.hamburg.ccc.de. - IN NS ns.vie.ccc.de. - -; 2a00:14b0:4200:3000:124::1 - -1.0.0.0.0.0.0.0.0.0.0.0 IN PTR unused.hamburg.ccc.de. diff --git a/resources/chaosknoten/auth-dns/zones/5.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone b/resources/chaosknoten/auth-dns/zones/5.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone deleted file mode 100644 index b03dcc7..0000000 --- a/resources/chaosknoten/auth-dns/zones/5.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 7200 - -@ IN SOA auth-dns.hamburg.ccc.de. noc.hamburg.ccc.de. ( - 2023072900 - 10800 - 3600 - 3600000 - 86400 ) - - IN NS auth-dns.hamburg.ccc.de. - IN NS ns.vie.ccc.de. - -; 2a00:14b0:4200:3000:125::1 - -1.0.0.0.0.0.0.0.0.0.0.0 IN PTR public-reverse-proxy.hamburg.ccc.de. diff --git a/resources/chaosknoten/auth-dns/zones/6.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone b/resources/chaosknoten/auth-dns/zones/6.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone deleted file mode 100644 index 3de9e09..0000000 --- a/resources/chaosknoten/auth-dns/zones/6.2.1.0.0.0.0.3.0.0.2.4.0.b.4.1.0.0.a.2.ip6.arpa.zone +++ /dev/null @@ -1,15 +0,0 @@ -$TTL 7200 - -@ IN SOA ns.hamburg.ccc.de. haegar.ccc.de. ( - 2023073001 - 10800 - 3600 - 3600000 - 86400 ) - - IN NS auth-dns.hamburg.ccc.de. - IN NS ns.vie.ccc.de. - -; 2a00:14b0:4200:3000:126::1 - -1.0.0.0.0.0.0.0.0.0.0.0 IN PTR chaosknoten.hamburg.ccc.de.