comment out "dead" zones; tweaks

diff --git a/.gitignore b/.gitignore
index 6440bef..b6e3246 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,8 @@
 cache
 log
 zones/secondary
+zones/*.signed
+zones/*.jnl
 
 # these were local development things
 reference

diff --git a/cfg/named.options.conf b/cfg/named.options.conf
index b469e4c..971d7e9 100644 (file)
--- a/cfg/named.options.conf
+++ b/cfg/named.options.conf
@@ -5,9 +5,9 @@ options {
     pid-file "/var/cache/bind/named.pid";
     lock-file "/var/cache/bind/named.lock";
 
-    listen-on { 127.0.0.1; 70.164.19.155; 70.164.19.156; };    
+    listen-on { any; };    
     listen-on-v6 { ::1; };
-    allow-recursion { 127.0.0.1; ::1; };
+    allow-recursion { 127.0.0.1; ::1;  host.docker.internal; };
 
        dnssec-validation yes;
 };

diff --git a/cfg/named.primary.conf b/cfg/named.primary.conf
index 0d351bf..6271875 100644 (file)
--- a/cfg/named.primary.conf
+++ b/cfg/named.primary.conf
@@ -29,88 +29,96 @@ zone "ecotroph.net" {
     };
 };
 
-zone "nortonbertram.com" {
-    type primary;
-    file "/var/lib/bind/nortonbertram.com";
-    notify yes;
-    allow-transfer {
-        127.0.0.1;
-        202.157.185.115;
-        202.157.182.142;
-        64.151.105.12;
-    };
-};
+# Note: No longer registered
+# zone "nortonbertram.com" {
+#     type primary;
+#     file "/var/lib/bind/nortonbertram.com";
+#     notify yes;
+#     allow-transfer {
+#         127.0.0.1;
+#         202.157.185.115;
+#         202.157.182.142;
+#         64.151.105.12;
+#     };
+# };
 
-zone "hxr.us" {
-    type primary;
-    file "/var/lib/bind/hxr.us";
-    notify yes;
-    allow-transfer {
-        127.0.0.1; 
-        66.92.146.115; 
-        204.109.61.194; 
-        66.92.146.160; 
-        64.151.105.12;
-    };
-};
+# Note: hosted by directnic.com
+# zone "hxr.us" {
+#     type primary;
+#     file "/var/lib/bind/hxr.us";
+#     notify yes;
+#     allow-transfer {
+#         127.0.0.1; 
+#         66.92.146.115; 
+#         204.109.61.194; 
+#         66.92.146.160; 
+#         64.151.105.12;
+#     };
+# };
 
-zone "fcdissident.us" {
-    type primary;
-    file "/var/lib/bind/fcdissident.us";
-    notify yes;
-    allow-transfer {
-        127.0.0.1;
-        66.92.146.115;
-        204.109.61.194;
-        66.92.146.160;
-        64.151.105.12;
-    };
-};
+# Note: no longer registered
+# zone "fcdissident.us" {
+#     type primary;
+#     file "/var/lib/bind/fcdissident.us";
+#     notify yes;
+#     allow-transfer {
+#         127.0.0.1;
+#         66.92.146.115;
+#         204.109.61.194;
+#         66.92.146.160;
+#         64.151.105.12;
+#     };
+# };
 
+# Note: no longer registered
 zone "fallschurchdissident.us" {
-    type primary;
-    file "/var/lib/bind/fallschurchdissident.us";
-    notify yes;
-    allow-transfer {
-        127.0.0.1;
-        66.92.146.115;
-        204.109.61.194;
-        66.92.146.160;
-        64.151.105.12;
-    };
-};
+#     type primary;
+#     file "/var/lib/bind/fallschurchdissident.us";
+#     notify yes;
+#     allow-transfer {
+#         127.0.0.1;
+#         66.92.146.115;
+#         204.109.61.194;
+#         66.92.146.160;
+#         64.151.105.12;
+#     };
+# };
 
+# Note: no longer registered
 zone "fallschurchdissident.com" {
-    type primary;
-    file "/var/lib/bind/fallschurchdissident.com";
-    notify yes;
-    allow-transfer { 
-        127.0.0.1;
-        66.92.146.115;
-        204.109.61.194;
-        66.92.146.160;
-        64.151.105.12;
-    };
-};
+#     type primary;
+#     file "/var/lib/bind/fallschurchdissident.com";
+#     notify yes;
+#     allow-transfer { 
+#         127.0.0.1;
+#         66.92.146.115;
+#         204.109.61.194;
+#         66.92.146.160;
+#         64.151.105.12;
+#     };
+# };
 
-zone "t.hxr.us" {
-    type primary;
-    file "/var/lib/bind/t.hxr.us";
-    allow-transfer {
-        127.0.0.1; 
-        64.151.105.12;
-    };
-};
+# Note: not registered
+# zone "t.hxr.us" {
+#     type primary;
+#     file "/var/lib/bind/t.hxr.us";
+#     allow-transfer {
+#         127.0.0.1; 
+#         64.151.105.12;
+#     };
+# };
+
+# Note: not registered
+# zone "dyn.hxr.us" {
+#     type primary;
+#     file "/var/lib/bind/dyn/dyn.hxr.us";
+#     allow-transfer { 
+#         127.0.0.1; 
+#         64.151.105.12;
+#     };
+#     update-policy { grant * self * A; };
+# };
 
-zone "dyn.hxr.us" {
-    type primary;
-    file "/var/lib/bind/dyn/dyn.hxr.us";
-    allow-transfer { 
-        127.0.0.1; 
-        64.151.105.12;
-    };
-    update-policy { grant * self * A; };
-};
 
 zone "kosters.net" {
     type primary;
@@ -160,70 +168,75 @@ zone "bjmk.com" {
     };
 };
 
-zone "gracecrc.org" {
-    type primary;
-    file "/var/lib/bind/gracecrc.org";
-    notify yes;
-    also-notify { 
-        65.201.175.12; 
-        66.92.146.115; 
-        204.109.61.194; 
-    };
-    allow-transfer { 
-        127.0.0.1;
-        65.201.175.11;
-        65.201.175.12;
-        64.151.105.12;
-        64.22.125.99;
-        70.164.18.40;
-        70.164.18.41;
-        70.164.18.42;
-        207.234.133.162;
-        key zeke-ogud2.;
-        key zeke-ogud3.;
-    };
-};
+# Note: hosted elsewhere
+# zone "gracecrc.org" {
+#     type primary;
+#     file "/var/lib/bind/gracecrc.org";
+#     notify yes;
+#     also-notify { 
+#         65.201.175.12; 
+#         66.92.146.115; 
+#         204.109.61.194; 
+#     };
+#     allow-transfer { 
+#         127.0.0.1;
+#         65.201.175.11;
+#         65.201.175.12;
+#         64.151.105.12;
+#         64.22.125.99;
+#         70.164.18.40;
+#         70.164.18.41;
+#         70.164.18.42;
+#         207.234.133.162;
+#         key zeke-ogud2.;
+#         key zeke-ogud3.;
+#     };
+# };
 
-zone "toscano.org" {
-    type primary;
-    file "/var/lib/bind/toscano.org";
-    notify yes;
-    allow-transfer { 
-        127.0.0.1;
-        202.157.185.115;
-        202.157.182.142;
-    };
-};
+# Note: hosted by gkg.net
+# zone "toscano.org" {
+#     type primary;
+#     file "/var/lib/bind/toscano.org";
+#     notify yes;
+#     allow-transfer { 
+#         127.0.0.1;
+#         202.157.185.115;
+#         202.157.182.142;
+#     };
+# };
 
-zone "prevelige.org" {
-    type primary;
-    file "/var/lib/bind/prevelige.org";
-    notify yes;
-    allow-transfer { 
-        127.0.0.1;
-        202.157.185.115;
-        202.157.182.142;
-    };
-};
+# Note: hosted by gkg.net
+# zone "prevelige.org" {
+#     type primary;
+#     file "/var/lib/bind/prevelige.org";
+#     notify yes;
+#     allow-transfer { 
+#         127.0.0.1;
+#         202.157.185.115;
+#         202.157.182.142;
+#     };
+# };
 
-zone "duffyfamily.me" {
-    type primary;
-    file "/var/lib/bind/duffyfamily.me";
-    notify yes;
-    allow-transfer {
-        127.0.0.1;
-        202.157.185.115;
-        202.157.182.142;
-    };
-};
+# Note: expired/directnic.com
+# zone "duffyfamily.me" {
+#     type primary;
+#     file "/var/lib/bind/duffyfamily.me";
+#     notify yes;
+#     allow-transfer {
+#         127.0.0.1;
+#         202.157.185.115;
+#         202.157.182.142;
+#     };
+# };
 
-zone "littlebit.us" {
-    type primary;
-    file "/var/lib/bind/littlebit.us";
-    notify yes;
-    allow-transfer {
-        127.0.0.1;
-        202.157.185.115;
-        202.157.182.142;
-    };
-};
+# Note: hosted by worldnic(!).com
+# zone "littlebit.us" {
+#     type primary;
+#     file "/var/lib/bind/littlebit.us";
+#     notify yes;
+#     allow-transfer {
+#         127.0.0.1;
+#         202.157.185.115;
+#         202.157.182.142;
+#     };
+# };

diff --git a/run_bind.sh b/run_bind.sh
index 5ff5bd6..2ddda78 100755 (executable)
--- a/run_bind.sh
+++ b/run_bind.sh
@@ -7,9 +7,9 @@ BASE_CONF_DIR=/etc/bind
 
 # shellcheck disable=SC2086
 docker run $ARGS \
-    -ti --entrypoint=/bin/bash \
     --rm \
     --name=bind9 \
+    --add-host=host.docker.internal:host-gateway \
     --publish "$RNDC_PORT:953/tcp" \
     --publish "$DNS_PORT:53/udp" \
     --publish "$DNS_PORT:53/tcp" \