[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS delegation

From: Ludovic Courtès
Subject: Re: DNS delegation
Date: Wed, 13 Mar 2019 16:00:34 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)

Hi Julien,

Julien Lepiller <address@hidden> skribis:

> we've already discussed that multiple times, we'd like to have a DNS
> delegation for, so that we can manage the zone ourselves
> without having to rely too much on fsf sysadmins.
> Here is a patch (untested) that aims at doing that. I've configured
> bayfront and berlin to be DNS authoritative servers. bayfront is the
> master (it is the one that needs to be updated when a change happens in
> the zone), and berlin is set as slave (it will automatically follow
> changes in bayfront). I've enabled dnssec on bayfront, since it's the
> one that's going to sign the zone, and transfer signatures to its slave.

Cool, thanks for working on it!

> Currently the zone (in modules/sysadmin/dns.scm) is incomplete. What
> needs to be there?

I guess we’d need to have roughly the same entries as we currently have
on, so what you wrote is a good start and we can always adjust

> From 331a85e469579c02a3fc338a6fb0bade3916c666 Mon Sep 17 00:00:00 2001
> From: Julien Lepiller <address@hidden>
> Date: Mon, 4 Mar 2019 22:00:22 +0100
> Subject: [PATCH] hydra: Add dns services for
> * hydra/bayfront.scm (services): Add knot-service.
> * hydra/berlin.scm (services): Add knot-service.
> * hydra/modules/sysadmin/dns.scm: New file.

So it looks like this does the work on the Guix side.

We now need to get the admins to delegate to both bayfront and
berlin, is that correct?  Anything else we need to do?

Thank you!


reply via email to

[Prev in Thread] Current Thread [Next in Thread]