-options {
- directory "/var/cache/bind";
- statistics-file "/var/cache/bind/named.stats.txt";
- session-keyfile "/var/cache/bind/session.key";
- pid-file "/var/cache/bind/named.pid";
- lock-file "/var/cache/bind/named.lock";
-
- listen-on { 127.0.0.1; };
- listen-on-v6 { ::1; };
- allow-recursion { 127.0.0.1; ::1; };
-
- dnssec-validation yes;
-};
-
-logging {
- channel "dnssec" {
- file "/var/log/named/dnssec.log";
- print-category yes;
- print-severity yes;
- print-time iso8601-utc;
- };
- channel "security" {
- file "/var/log/named/security.log";
- print-category yes;
- print-severity yes;
- print-time iso8601-utc;
- };
- channel "xfr-in" {
- file "/var/log/named/xfr-in.log";
- print-category yes;
- print-severity yes;
- print-time iso8601-utc;
- };
- channel "xfr-out" {
- file "/var/log/named/xfr-out.log";
- print-category yes;
- print-severity yes;
- print-time iso8601-utc;
- };
- channel "default" {
- file "/var/log/named/named.log";
- print-category yes;
- print-severity yes;
- print-time iso8601-utc;
- };
- category dnssec { dnssec; };
- category security { security; };
- category xfer-in { xfr-in; };
- category xfer-out { xfr-out; };
- category general { default; };
- category config { default; };
- category notify { xfr-out; };
- category zoneload { default; };
-};
-
-key "rndc-key" {
- algorithm hmac-sha256;
- secret "Divr3QQ1G6qBBuRAx1QPiE4hFwnC6of6z3o82PYf7TY=";
-};
-
-controls {
- inet 127.0.0.1 port 953
- allow { 127.0.0.1; } keys { "rndc-key"; };
-};
-
-include "/etc/bind/keys/zeke-tornado.keys";
-include "/etc/bind/keys/zeke-ogud.keys";
-include "/etc/bind/keys/named_hxr_us.keys";
-include "/etc/bind/keys/named_knitbot_org.keys";
-
-dnssec-policy "custom" {
- dnskey-ttl 7200;
- keys {
- csk lifetime unlimited algorithm ed25519;
- };
- nsec3param iterations 0 optout no salt-length 0;
-};
-
-include "/etc/bind/named.zones.conf";
+include "/etc/bind/named.options.conf";
+include "/etc/bind/named.logging.conf";
+include "/etc/bind/named.dnssec.conf";
+include "/etc/bind/named.rndc.conf";
+include "/etc/bind/named.keys.conf";
+include "/etc/bind/named.primary.conf";
+include "/etc/bind/named.secondary.conf";
--- /dev/null
+dnssec-policy "simple_alg15" {
+ dnskey-ttl 7200;
+ keys {
+ csk lifetime unlimited algorithm ed25519;
+ };
+ nsec3param iterations 0 optout no salt-length 0;
+};
\ No newline at end of file
--- /dev/null
+include "/etc/bind/keys/zeke-tornado.keys";
+include "/etc/bind/keys/zeke-ogud.keys";
+include "/etc/bind/keys/named_hxr_us.keys";
+include "/etc/bind/keys/named_knitbot_org.keys";
--- /dev/null
+logging {
+ channel "dnssec" {
+ file "/var/log/named/dnssec.log";
+ print-category yes;
+ print-severity yes;
+ print-time iso8601-utc;
+ };
+ channel "security" {
+ file "/var/log/named/security.log";
+ print-category yes;
+ print-severity yes;
+ print-time iso8601-utc;
+ };
+ channel "xfr-in" {
+ file "/var/log/named/xfr-in.log";
+ print-category yes;
+ print-severity yes;
+ print-time iso8601-utc;
+ };
+ channel "xfr-out" {
+ file "/var/log/named/xfr-out.log";
+ print-category yes;
+ print-severity yes;
+ print-time iso8601-utc;
+ };
+ channel "default" {
+ file "/var/log/named/named.log";
+ print-category yes;
+ print-severity yes;
+ print-time iso8601-utc;
+ };
+ category dnssec { dnssec; };
+ category security { security; };
+ category xfer-in { xfr-in; };
+ category xfer-out { xfr-out; };
+ category general { default; };
+ category config { default; };
+ category notify { xfr-out; };
+ category zoneload { default; };
+};
--- /dev/null
+options {
+ directory "/var/cache/bind";
+ statistics-file "/var/cache/bind/named.stats.txt";
+ session-keyfile "/var/cache/bind/session.key";
+ pid-file "/var/cache/bind/named.pid";
+ lock-file "/var/cache/bind/named.lock";
+
+ listen-on { 127.0.0.1; 70.164.19.155; 70.164.19.156; };
+ listen-on-v6 { ::1; };
+ allow-recursion { 127.0.0.1; ::1; };
+
+ dnssec-validation yes;
+};
--- /dev/null
+zone "blacka.com" {
+ type primary;
+ file "/var/lib/bind/blacka.com";
+ dnssec-policy "simple_alg15";
+ inline-signing yes;
+
+ notify yes;
+ also-notify {
+ 66.92.146.115;
+ 204.109.61.194;
+ };
+ allow-transfer {
+ 127.0.0.1;
+ key zeke-tornado.;
+ key zeke-ogud2.;
+ key zeke-ogud3;
+ };
+};
+
+zone "ecotroph.net" {
+ type primary;
+ file "/var/lib/bind/ecotroph.net";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ key zeke-tornado.;
+ key zeke-ogud2.;
+ key zeke-ogud3;
+ };
+};
+
+zone "nortonbertram.com" {
+ type primary;
+ file "/var/lib/bind/nortonbertram.com";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 202.157.185.115;
+ 202.157.182.142;
+ 64.151.105.12;
+ };
+};
+
+zone "hxr.us" {
+ type primary;
+ file "/var/lib/bind/hxr.us";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 66.92.146.115;
+ 204.109.61.194;
+ 66.92.146.160;
+ 64.151.105.12;
+ };
+};
+
+zone "fcdissident.us" {
+ type primary;
+ file "/var/lib/bind/fcdissident.us";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 66.92.146.115;
+ 204.109.61.194;
+ 66.92.146.160;
+ 64.151.105.12;
+ };
+};
+
+zone "fallschurchdissident.us" {
+ type primary;
+ file "/var/lib/bind/fallschurchdissident.us";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 66.92.146.115;
+ 204.109.61.194;
+ 66.92.146.160;
+ 64.151.105.12;
+ };
+};
+
+zone "fallschurchdissident.com" {
+ type primary;
+ file "/var/lib/bind/fallschurchdissident.com";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 66.92.146.115;
+ 204.109.61.194;
+ 66.92.146.160;
+ 64.151.105.12;
+ };
+};
+
+zone "t.hxr.us" {
+ type primary;
+ file "/var/lib/bind/t.hxr.us";
+ allow-transfer {
+ 127.0.0.1;
+ 64.151.105.12;
+ };
+};
+
+zone "dyn.hxr.us" {
+ type primary;
+ file "/var/lib/bind/dyn/dyn.hxr.us";
+ allow-transfer {
+ 127.0.0.1;
+ 64.151.105.12;
+ };
+ update-policy { grant * self * A; };
+};
+
+zone "kosters.net" {
+ type primary;
+ file "/var/lib/bind/kosters.net";
+ notify yes;
+ also-notify {
+ 65.201.175.12;
+ 66.92.146.115;
+ 204.109.61.194;
+ };
+ allow-transfer {
+ 127.0.0.1;
+ 65.201.175.11;
+ 65.201.175.12;
+ 64.151.105.12;
+ 64.22.125.99;
+ 70.164.18.40;
+ 70.164.18.41;
+ 70.164.18.42;
+ 207.234.133.162;
+ key zeke-ogud2.;
+ key zeke-ogud3;
+ };
+};
+
+zone "bjmk.com" {
+ type primary;
+ file "/var/lib/bind/bjmk.com";
+ notify yes;
+ also-notify {
+ 65.201.175.12;
+ 66.92.146.115;
+ 204.109.61.194;
+ };
+ allow-transfer {
+ 127.0.0.1;
+ 65.201.175.11;
+ 65.201.175.12;
+ 64.151.105.12;
+ 64.22.125.99;
+ 70.164.18.40;
+ 70.164.18.41;
+ 70.164.18.42;
+ 207.234.133.162;
+ key zeke-ogud2.;
+ key zeke-ogud3;
+ };
+};
+
+zone "gracecrc.org" {
+ type primary;
+ file "/var/lib/bind/gracecrc.org";
+ notify yes;
+ also-notify {
+ 65.201.175.12;
+ 66.92.146.115;
+ 204.109.61.194;
+ };
+ allow-transfer {
+ 127.0.0.1;
+ 65.201.175.11;
+ 65.201.175.12;
+ 64.151.105.12;
+ 64.22.125.99;
+ 70.164.18.40;
+ 70.164.18.41;
+ 70.164.18.42;
+ 207.234.133.162;
+ key zeke-ogud2.;
+ key zeke-ogud3.;
+ };
+};
+
+zone "toscano.org" {
+ type primary;
+ file "/var/lib/bind/toscano.org";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 202.157.185.115;
+ 202.157.182.142;
+ };
+};
+
+zone "prevelige.org" {
+ type primary;
+ file "/var/lib/bind/prevelige.org";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 202.157.185.115;
+ 202.157.182.142;
+ };
+};
+
+zone "duffyfamily.me" {
+ type primary;
+ file "/var/lib/bind/duffyfamily.me";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 202.157.185.115;
+ 202.157.182.142;
+ };
+};
+
+zone "littlebit.us" {
+ type primary;
+ file "/var/lib/bind/littlebit.us";
+ notify yes;
+ allow-transfer {
+ 127.0.0.1;
+ 202.157.185.115;
+ 202.157.182.142;
+ };
+};
--- /dev/null
+key "rndc-key" {
+ algorithm hmac-sha256;
+ secret "Divr3QQ1G6qBBuRAx1QPiE4hFwnC6of6z3o82PYf7TY=";
+};
+
+controls {
+ inet 127.0.0.1 port 953
+ allow { 127.0.0.1; } keys { "rndc-key"; };
+};
--- /dev/null
+zone "ogud.com" {
+ type secondary;
+ file "/var/lib/bind/secondary/ogud.com";
+ masters {
+ 104.225.12.28;
+ #204.109.61.194;
+ };
+};
+++ /dev/null
-zone "blacka.com" {
- type primary;
- file "/var/lib/bind/blacka.com";
- dnssec-policy "custom";
- inline-signing yes;
-
- notify yes;
- also-notify { 66.92.146.115; 204.109.61.194; };
- allow-transfer { 127.0.0.1; key zeke-tornado.; key zeke-ogud2.; key zeke-ogud3; };
-};
-
-zone "ecotroph.net" {
- type primary;
- file "/var/lib/bind/ecotroph.net";
- notify yes;
- allow-transfer { 127.0.0.1; key zeke-tornado.; key zeke-ogud2.; key zeke-ogud3; };
-};
-
-zone "nortonbertram.com" {
- type primary;
- file "/var/lib/bind/nortonbertram.com";
- notify yes;
- allow-transfer { 127.0.0.1; 202.157.185.115; 202.157.182.142; 64.151.105.12; };
-};
-
-zone "hxr.us" {
- type primary;
- file "/var/lib/bind/hxr.us";
- notify yes;
- allow-transfer { 127.0.0.1; 66.92.146.115; 204.109.61.194; 66.92.146.160; 64.151.105.12; };
-};
-
-zone "fcdissident.us" {
- type primary;
- file "/var/lib/bind/fcdissident.us";
- notify yes;
- allow-transfer { 127.0.0.1; 66.92.146.115; 204.109.61.194; 66.92.146.160; 64.151.105.12; };
-};
-
-zone "fallschurchdissident.us" {
- type primary;
- file "/var/lib/bind/fallschurchdissident.us";
- notify yes;
- allow-transfer { 127.0.0.1; 66.92.146.115; 204.109.61.194; 66.92.146.160; 64.151.105.12; };
-};
-
-zone "fallschurchdissident.com" {
- type primary;
- file "/var/lib/bind/fallschurchdissident.com";
- notify yes;
- allow-transfer { 127.0.0.1; 66.92.146.115; 204.109.61.194; 66.92.146.160; 64.151.105.12; };
-};
-
-zone "t.hxr.us" {
- type primary;
- file "/var/lib/bind/t.hxr.us";
- allow-transfer { 127.0.0.1; 64.151.105.12; };
-};
-
-zone "dyn.hxr.us" {
- type primary;
- file "/var/lib/bind/dyn/dyn.hxr.us";
- allow-transfer { 127.0.0.1; 64.151.105.12; };
- update-policy { grant * self * A; };
-};
-
-zone "kosters.net" {
- type primary;
- file "/var/lib/bind/kosters.net";
- notify yes;
- also-notify { 65.201.175.12; 66.92.146.115; 204.109.61.194; };
- allow-transfer { 127.0.0.1;
- 65.201.175.11;
- 65.201.175.12;
- 64.151.105.12;
- 64.22.125.99;
- 70.164.18.40;
- 70.164.18.41;
- 70.164.18.42;
- 207.234.133.162;
- key zeke-ogud2.; key zeke-ogud3;
- };
-};
-
-zone "bjmk.com" {
- type primary;
- file "/var/lib/bind/bjmk.com";
- notify yes;
- also-notify { 65.201.175.12; 66.92.146.115; 204.109.61.194; };
- allow-transfer { 127.0.0.1;
- 65.201.175.11;
- 65.201.175.12;
- 64.151.105.12;
- 64.22.125.99;
- 70.164.18.40;
- 70.164.18.41;
- 70.164.18.42;
- 207.234.133.162;
- key zeke-ogud2.; key zeke-ogud3;
- };
-};
-
-zone "gracecrc.org" {
- type primary;
- file "/var/lib/bind/gracecrc.org";
- notify yes;
- also-notify { 65.201.175.12; 66.92.146.115; 204.109.61.194; };
- allow-transfer { 127.0.0.1;
- 65.201.175.11;
- 65.201.175.12;
- 64.151.105.12;
- 64.22.125.99;
- 70.164.18.40;
- 70.164.18.41;
- 70.164.18.42;
- 207.234.133.162;
- key zeke-ogud2.; key zeke-ogud3.;
- };
-};
-
-zone "toscano.org" {
- type primary;
- file "/var/lib/bind/toscano.org";
- notify yes;
- allow-transfer { 127.0.0.1;
- 202.157.185.115;
- 202.157.182.142;
- };
-};
-
-zone "prevelige.org" {
- type primary;
- file "/var/lib/bind/prevelige.org";
- notify yes;
- allow-transfer { 127.0.0.1;
- 202.157.185.115;
- 202.157.182.142;
- };
-};
-
-zone "duffyfamily.me" {
- type primary;
- file "/var/lib/bind/duffyfamily.me";
- notify yes;
- allow-transfer { 127.0.0.1;
- 202.157.185.115;
- 202.157.182.142;
- };
-};
-
-zone "littlebit.us" {
- type primary;
- file "/var/lib/bind/littlebit.us";
- notify yes;
- allow-transfer { 127.0.0.1;
- 202.157.185.115;
- 202.157.182.142;
- };
-};
-
-zone "ogud.com" {
- type secondary;
- file "/var/lib/bind/secondary/ogud.com";
- masters {
- 104.225.12.28;
- #204.109.61.194;
- };
-};
--- /dev/null
+#! /bin/bash
+[ -x "$(which docker)" ] && DOCKER=docker
+[ -x "$(which podman)" ] && DOCKER=podman
+$DOCKER exec bind9 rndc "$@"
\ No newline at end of file