comment out "dead" zones; tweaks

2023-02-25 14:48:21 -05:00 · 2023-02-25 14:48:21 -05:00 · 6092f80cb2
parent 217a5b7d29
commit 6092f80cb2
4 changed files with 155 additions and 140 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,6 +1,8 @@
 cache
 log
 zones/secondary
 zones/*.signed
 zones/*.jnl
 # these were local development things
 reference
--- a/cfg/named.options.conf
+++ b/cfg/named.options.conf
@ -5,9 +5,9 @@ options {
    pid-file "/var/cache/bind/named.pid";
    lock-file "/var/cache/bind/named.lock";
-    listen-on { 127.0.0.1; 70.164.19.155; 70.164.19.156; };    
+    listen-on { any; };    
    listen-on-v6 { ::1; };
-    allow-recursion { 127.0.0.1; ::1; };
+    allow-recursion { 127.0.0.1; ::1;  host.docker.internal; };
 	dnssec-validation yes;
 };
--- a/cfg/named.primary.conf
+++ b/cfg/named.primary.conf
@ -29,88 +29,96 @@ zone "ecotroph.net" {
    };
 };
-zone "nortonbertram.com" {
+# Note: No longer registered
-    type primary;
+# zone "nortonbertram.com" {
-    file "/var/lib/bind/nortonbertram.com";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/nortonbertram.com";
-    allow-transfer {
+#     notify yes;
-        127.0.0.1;
+#     allow-transfer {
-        202.157.185.115;
+#         127.0.0.1;
-        202.157.182.142;
+#         202.157.185.115;
-        64.151.105.12;
+#         202.157.182.142;
-    };
+#         64.151.105.12;
-};
+#     };
 # };
-zone "hxr.us" {
+# Note: hosted by directnic.com
-    type primary;
+# zone "hxr.us" {
-    file "/var/lib/bind/hxr.us";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/hxr.us";
-    allow-transfer {
+#     notify yes;
-        127.0.0.1; 
+#     allow-transfer {
-        66.92.146.115; 
+#         127.0.0.1; 
-        204.109.61.194; 
+#         66.92.146.115; 
-        66.92.146.160; 
+#         204.109.61.194; 
-        64.151.105.12;
+#         66.92.146.160; 
-    };
+#         64.151.105.12;
-};
+#     };
 # };
-zone "fcdissident.us" {
+# Note: no longer registered
-    type primary;
+# zone "fcdissident.us" {
-    file "/var/lib/bind/fcdissident.us";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/fcdissident.us";
-    allow-transfer {
+#     notify yes;
-        127.0.0.1;
+#     allow-transfer {
-        66.92.146.115;
+#         127.0.0.1;
-        204.109.61.194;
+#         66.92.146.115;
-        66.92.146.160;
+#         204.109.61.194;
-        64.151.105.12;
+#         66.92.146.160;
-    };
+#         64.151.105.12;
-};
+#     };
 # };
 # Note: no longer registered
 zone "fallschurchdissident.us" {
-    type primary;
+#     type primary;
-    file "/var/lib/bind/fallschurchdissident.us";
+#     file "/var/lib/bind/fallschurchdissident.us";
-    notify yes;
+#     notify yes;
-    allow-transfer {
+#     allow-transfer {
-        127.0.0.1;
+#         127.0.0.1;
-        66.92.146.115;
+#         66.92.146.115;
-        204.109.61.194;
+#         204.109.61.194;
-        66.92.146.160;
+#         66.92.146.160;
-        64.151.105.12;
+#         64.151.105.12;
-    };
+#     };
-};
+# };
 # Note: no longer registered
 zone "fallschurchdissident.com" {
-    type primary;
+#     type primary;
-    file "/var/lib/bind/fallschurchdissident.com";
+#     file "/var/lib/bind/fallschurchdissident.com";
-    notify yes;
+#     notify yes;
-    allow-transfer { 
+#     allow-transfer { 
-        127.0.0.1;
+#         127.0.0.1;
-        66.92.146.115;
+#         66.92.146.115;
-        204.109.61.194;
+#         204.109.61.194;
-        66.92.146.160;
+#         66.92.146.160;
-        64.151.105.12;
+#         64.151.105.12;
-    };
+#     };
-};
+# };
-zone "t.hxr.us" {
+# Note: not registered
-    type primary;
+# zone "t.hxr.us" {
-    file "/var/lib/bind/t.hxr.us";
+#     type primary;
-    allow-transfer {
+#     file "/var/lib/bind/t.hxr.us";
-        127.0.0.1; 
+#     allow-transfer {
-        64.151.105.12;
+#         127.0.0.1; 
-    };
+#         64.151.105.12;
-};
+#     };
 # };
 # Note: not registered
 # zone "dyn.hxr.us" {
 #     type primary;
 #     file "/var/lib/bind/dyn/dyn.hxr.us";
 #     allow-transfer { 
 #         127.0.0.1; 
 #         64.151.105.12;
 #     };
 #     update-policy { grant * self * A; };
 # };
 zone "dyn.hxr.us" {
    type primary;
    file "/var/lib/bind/dyn/dyn.hxr.us";
    allow-transfer { 
        127.0.0.1; 
        64.151.105.12;
    };
    update-policy { grant * self * A; };
 };
 zone "kosters.net" {
    type primary;
@ -160,70 +168,75 @@ zone "bjmk.com" {
    };
 };
-zone "gracecrc.org" {
+# Note: hosted elsewhere
-    type primary;
+# zone "gracecrc.org" {
-    file "/var/lib/bind/gracecrc.org";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/gracecrc.org";
-    also-notify { 
+#     notify yes;
-        65.201.175.12; 
+#     also-notify { 
-        66.92.146.115; 
+#         65.201.175.12; 
-        204.109.61.194; 
+#         66.92.146.115; 
-    };
+#         204.109.61.194; 
-    allow-transfer { 
+#     };
-        127.0.0.1;
+#     allow-transfer { 
-        65.201.175.11;
+#         127.0.0.1;
-        65.201.175.12;
+#         65.201.175.11;
-        64.151.105.12;
+#         65.201.175.12;
-        64.22.125.99;
+#         64.151.105.12;
-        70.164.18.40;
+#         64.22.125.99;
-        70.164.18.41;
+#         70.164.18.40;
-        70.164.18.42;
+#         70.164.18.41;
-        207.234.133.162;
+#         70.164.18.42;
-        key zeke-ogud2.;
+#         207.234.133.162;
-        key zeke-ogud3.;
+#         key zeke-ogud2.;
-    };
+#         key zeke-ogud3.;
-};
+#     };
 # };
-zone "toscano.org" {
+# Note: hosted by gkg.net
-    type primary;
+# zone "toscano.org" {
-    file "/var/lib/bind/toscano.org";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/toscano.org";
-    allow-transfer { 
+#     notify yes;
-        127.0.0.1;
+#     allow-transfer { 
-        202.157.185.115;
+#         127.0.0.1;
-        202.157.182.142;
+#         202.157.185.115;
-    };
+#         202.157.182.142;
-};
+#     };
 # };
-zone "prevelige.org" {
+# Note: hosted by gkg.net
-    type primary;
+# zone "prevelige.org" {
-    file "/var/lib/bind/prevelige.org";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/prevelige.org";
-    allow-transfer { 
+#     notify yes;
-        127.0.0.1;
+#     allow-transfer { 
-        202.157.185.115;
+#         127.0.0.1;
-        202.157.182.142;
+#         202.157.185.115;
-    };
+#         202.157.182.142;
-};
+#     };
 # };
-zone "duffyfamily.me" {
+# Note: expired/directnic.com
-    type primary;
+# zone "duffyfamily.me" {
-    file "/var/lib/bind/duffyfamily.me";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/duffyfamily.me";
-    allow-transfer {
+#     notify yes;
-        127.0.0.1;
+#     allow-transfer {
-        202.157.185.115;
+#         127.0.0.1;
-        202.157.182.142;
+#         202.157.185.115;
-    };
+#         202.157.182.142;
-};
+#     };
 # };
-zone "littlebit.us" {
+# Note: hosted by worldnic(!).com
-    type primary;
+# zone "littlebit.us" {
-    file "/var/lib/bind/littlebit.us";
+#     type primary;
-    notify yes;
+#     file "/var/lib/bind/littlebit.us";
-    allow-transfer {
+#     notify yes;
-        127.0.0.1;
+#     allow-transfer {
-        202.157.185.115;
+#         127.0.0.1;
-        202.157.182.142;
+#         202.157.185.115;
-    };
+#         202.157.182.142;
-};
+#     };
 # };
--- a/run_bind.sh
+++ b/run_bind.sh
@ -7,9 +7,9 @@ BASE_CONF_DIR=/etc/bind
 # shellcheck disable=SC2086
 docker run $ARGS \
    -ti --entrypoint=/bin/bash \
    --rm \
    --name=bind9 \
    --add-host=host.docker.internal:host-gateway \
    --publish "$RNDC_PORT:953/tcp" \
    --publish "$DNS_PORT:53/udp" \
    --publish "$DNS_PORT:53/tcp" \