Include all other files, too

2014-09-15 21:02:49 +02:00 · 2014-09-15 21:02:49 +02:00 · 7c1f7f8300
parent b2c971db62
commit 7c1f7f8300
8 changed files with 242 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,7 +1,14 @@
 #alle Dateie ignorieren...
-*
+/secrets.conf
 *.private
 *.key
 /bind.keys
 db*
 /slave/ffa.zone
 /zones.rfc1918
 #ausser...
 !named.conf
 !/master
 !/master/*
 !.gitignore
--- a/ffhh.conf
+++ b/ffhh.conf
@ -0,0 +1,87 @@
 # Keys we allow for editing
 include "/etc/bind/secrets.conf";
 #Zones WE have authority over!
 #Apperantly for ffhh.
 zone "ffhh" IN {
    type master;
    file "/etc/bind/master/db.ffhh";
    allow-transfer { any; };
    also-notify {
        10.112.14.1;	fd51:2bb2:fd0d::e01; #gw01
        10.112.18.1;    fd51:2bb2:fd0d::d01; #gw05
 	10.112.16.1;	fd51:2bb2:fd0d::a01; #gw07
 	10.112.22.1;	fd51:2bb2:fd0d::b01; #gw08
 	10.112.24.1;	fd51:2bb2:fd0d::901; #gw09
 	10.112.30.1;	fd51:2bb2:fd0d::501; #gw12
 	10.112.32.1;	fd51:2bb2:fd0d::401; #gw13
    };
    allow-update { key srv01-zone-key.; key srv01-userdomain-key.; };
 };
 zone "hamburg.freifunk.net" IN {
    type master;
    allow-transfer {
        10.112.14.1;	fd51:2bb2:fd0d::e01; #gw01
        10.112.18.1;    fd51:2bb2:fd0d::d01; #gw05
 	10.112.16.1;	fd51:2bb2:fd0d::a01; #gw07
 	10.112.22.1;	fd51:2bb2:fd0d::b01; #gw08
 	10.112.24.1;	fd51:2bb2:fd0d::901; #gw09
 	10.112.30.1;	fd51:2bb2:fd0d::501; #gw12
 	10.112.32.1;	fd51:2bb2:fd0d::401; #gw13
 	81.7.15.101; # named.exosphere.de
 	78.47.49.236; # ns.ohrensessel.net
    };
    also-notify {
        10.112.14.1;	fd51:2bb2:fd0d::e01; #gw01
        10.112.18.1;    fd51:2bb2:fd0d::d01; #gw05
 	10.112.16.1;	fd51:2bb2:fd0d::a01; #gw07
 	10.112.22.1;	fd51:2bb2:fd0d::b01; #gw08
 	10.112.24.1;	fd51:2bb2:fd0d::901; #gw09
 	10.112.30.1;	fd51:2bb2:fd0d::501; #gw12
 	10.112.32.1;	fd51:2bb2:fd0d::401; #gw13
 	81.7.15.101; # named.exosphere.de
        78.47.49.236; # ns.ohrensessel.net
    };
    file "/etc/bind/master/db.net.freifunk.hamburg";
 };
 #And the reverse Zone for our IPv4 subnet
 zone "112.10.in-addr.arpa" IN {
    type master;
    file "/etc/bind/master/db.arpa.in-addr.10.112";
    allow-transfer { any; };
    also-notify {
        10.112.14.1;	fd51:2bb2:fd0d::e01; #gw01
        10.112.18.1;    fd51:2bb2:fd0d::d01; #gw05
 	10.112.16.1;	fd51:2bb2:fd0d::a01; #gw07
 	10.112.22.1;	fd51:2bb2:fd0d::b01; #gw08
 	10.112.24.1;	fd51:2bb2:fd0d::901; #gw09
 	10.112.30.1;	fd51:2bb2:fd0d::501; #gw12
 	10.112.32.1;	fd51:2bb2:fd0d::401; #gw13
    };
    allow-update { key srv01-zone-key.; };
 };
 #And the reverse Zone for our IPv6 prefix
 zone "d.0.d.f.2.b.b.2.1.5.d.f.ip6.arpa" IN {
    type master;
    file "/etc/bind/master/db.arpa.ip6.f.d.5.1.2.b.b.2.f.d.0.d";
    allow-transfer { any; };
    also-notify {
        10.112.14.1;	fd51:2bb2:fd0d::e01; #gw01
        10.112.18.1;    fd51:2bb2:fd0d::d01; #gw05
 	10.112.16.1;	fd51:2bb2:fd0d::a01; #gw07
 	10.112.22.1;	fd51:2bb2:fd0d::b01; #gw08
 	10.112.24.1;	fd51:2bb2:fd0d::901; #gw09
 	10.112.30.1;	fd51:2bb2:fd0d::501; #gw12
 	10.112.32.1;	fd51:2bb2:fd0d::401; #gw13
    };
    allow-update { key srv01-zone-key.; };
 };
 include "/etc/bind/forward-zones.conf";
 include "/etc/bind/mirror-zones.conf";
--- a/forward-zones.conf
+++ b/forward-zones.conf
@ -0,0 +1,50 @@
 ## Freifunk Augsburg
 zone "ffa" in {
 	type forward;
 	forwarders { 10.11.10.15; 10.11.0.8; };
 };
 #DN42
 zone "dn42" {
  type forward;
  forwarders { 172.22.0.53; };
 };
 zone "22.172.in-addr.arpa" {
  type forward;
  forwarders { 172.22.0.53; };
 };
 zone "23.172.in-addr.arpa" {
  type forward;
  forwarders { 172.22.0.53; };
 };
 zone "hack" IN {
  type static-stub; 
   server-addresses { 172.31.0.5; };      
 };
 zone "31.172.in-addr.arpa" IN {
  type static-stub;      
  server-addresses { 172.31.0.5; };
 };
 zone "100.10.in-addr.arpa" IN {
  type static-stub;      
  server-addresses { 172.31.0.5; };
 };
 zone "101.10.in-addr.arpa" IN {
  type static-stub;      
  server-addresses { 172.31.0.5; };
 };
 zone "102.10.in-addr.arpa" IN {
  type static-stub;      
  server-addresses { 172.31.0.5; };
 };
 zone "103.10.in-addr.arpa" IN {
  type static-stub;      
  server-addresses { 172.31.0.5; };
 };
 //Freifunk Chemnitz .ffc
 zone "ffc" in {
    type forward;
    forwarders { 10.8.6.6; };
 };
--- a/mirror-zones.conf
+++ b/mirror-zones.conf
@ -0,0 +1,18 @@
 #Freifunk Luebeck
 zone "ffhl" IN {
    type slave;
    file "/etc/bind/slave/db.ffhl";
    masters { fdef:ffc0:3dd7::a01; fdef:ffc0:3dd7::c01; fdef:ffc0:3dd7::e01; 10.130.10.1; 10.130.12.1; 10.130.14.1; }; 
    allow-transfer { any; };
    forwarders { };
 };
 #Freifunk Kiel
 zone "ffki" IN {
    type slave;
    file "/etc/bind/slave/db.ffki";
    masters { fda1:384a:74de:4242::1; fda1:384a:74de:4242::2; };
    allow-transfer { any; };
    forwarders { };
 };
--- a/named.conf
+++ b/named.conf
@ -0,0 +1,12 @@
 // This is the primary configuration file for the BIND DNS server named.
 //
 // Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
 // structure of BIND configuration files in Debian, *BEFORE* you customize 
 // this configuration file.
 //
 // If you are just adding zones, please do that in /etc/bind/named.conf.local
 include "/etc/bind/named.conf.options";
 include "/etc/bind/named.conf.local";
 include "/etc/bind/named.conf.default-zones";
 include "/etc/bind/ffhh.conf";
--- a/named.conf.default-zones
+++ b/named.conf.default-zones
@ -0,0 +1,30 @@
 // prime the server with knowledge of the root servers
 zone "." {
 	type hint;
 	file "/etc/bind/db.root";
 };
 // be authoritative for the localhost forward and reverse zones, and for
 // broadcast zones as per RFC 1912
 zone "localhost" {
 	type master;
 	file "/etc/bind/db.local";
 };
 zone "127.in-addr.arpa" {
 	type master;
 	file "/etc/bind/db.127";
 };
 zone "0.in-addr.arpa" {
 	type master;
 	file "/etc/bind/db.0";
 };
 zone "255.in-addr.arpa" {
 	type master;
 	file "/etc/bind/db.255";
 };
--- a/named.conf.local
+++ b/named.conf.local
@ -0,0 +1,8 @@
 //
 // Do any local configuration here
 //
 // Consider adding the 1918 zones here, if they are not used in your
 // organization
 //include "/etc/bind/zones.rfc1918";
 # Conflicts with DN42
--- a/named.conf.options
+++ b/named.conf.options
@ -0,0 +1,29 @@
 options {
 	directory "/var/cache/bind";
 	// If there is a firewall between you and nameservers you want
 	// to talk to, you may need to fix the firewall to allow multiple
 	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113
 	// If your ISP provided one or more IP addresses for stable 
 	// nameservers, you probably want to use them as forwarders.  
 	// Uncomment the following block, and insert the addresses replacing 
 	// the all-0's placeholder.
 	// forwarders {
 	// 	0.0.0.0;
 	// };
 	//========================================================================
 	// If BIND logs error messages about the root key being expired,
 	// you will need to update your keys.  See https://www.isc.org/bind-keys
 	//========================================================================
 	dnssec-validation no;
 	auth-nxdomain no;    # conform to RFC1035
 	listen-on-v6 { any; };
 	edns-udp-size 512;
 	max-udp-size 512;
 };