:mx mail
:srv ((:smtp mail)))
- ;; Kerberos.
- (_kerberos :txt "DISTORTED.ORG.UK")
- :srv (((:kerberos :protocol :udp) krb)
- ((:kerberos-master :protocol :udp :port 88) krb)
- (:kerberos-adm krb)
- ((:kpasswd :protocol :udp) krb))
-
;; Anycast services.
(dns0 (any :a dns0.any)
(jump :svc precision.jump)
(dmz :svc vampire.dmz)
(unsafe :svc vampire.unsafe)
(colo :svc telecaster.colo))
+ (dns :cname dns0)
+
(ntp0 (any :a ntp0.any)
(jump :svc fender.jump)
(dmz :svc ibanez.dmz)
(ntp1 (any :a ntp1.any)
(dmz :svc vampire.dmz)
(unsafe :svc vampire.unsafe))
+ (ntp :cname ntp0)
+
(www-cache (any :a www-cache.any)
(jump :svc telecaster.jump)
(dmz :svc roadstar.dmz)
(unsafe :svc roadstar.unsafe)
(colo :svc telecaster.colo))
- (dns :cname dns0)
- (ntp :cname ntp0)
(wpad :cname www-cache)
+ (_kerberos :txt "DISTORTED.ORG.UK")
+ (krb0 (any :a krb0.any)
+ (jump :svc precision.jump)
+ (dmz :svc radius.dmz)
+ (unsafe :svc radius.unsafe)
+ (colo :svc precision.colo))
+ (krb1 (any :a krb1.any)
+ (dmz :svc vampire.dmz)
+ (unsafe :svc vampire.unsafe))
+ (krb-master (unsafe :svc radius.unsafe)
+ (dmz :svc radius.dmz))
+ :srv (((:kerberos :protocol :udp)
+ krb0
+ (krb1 :prio 100))
+ ((:kerberos-master :protocol :udp :port 88) krb-master)
+ (:kerberos-adm krb-master)
+ ((:kpasswd :protocol :udp) krb-master))
+ (krb :cname krb0)
+
;; Other services.
:srv ((:http www)
(:ftp ftp))
;; Entry is via little router box.
(dmz :net dmz)
- (guvnor (inside :svc gate.dmz) (dmz :a guvnor.dmz))
- (anon (dmz :a anon.dmz))
+ (guvnor (dmz :a guvnor.dmz))
(gate (dmz :a gate.dmz))
(nat (dmz :a nat.dmz))
(evolution :alias evo)
;; Colocated services.
- (irc (colo :svc jazz.colo)
- (jump :svc jazz.jump))
+ ((irc vox) (colo :svc jazz.colo)
+ (jump :svc jazz.jump))
+ ((git www) (colo :svc stratocaster.colo)
+ (jump :svc stratocaster.jump))
+ :svc #+view/inside stratocaster.colo
+ #-view/inside stratocaster.jump
+ (cabal :svc stratocaster.colo)
;; Local services.
- :svc vampire
- ((www krb ftp rsync wiki git bugs mail db i2p rawk vox)
- :svc vampire)
+ (rawk (unsafe :svc artist.unsafe)
+ (dmz :svc artist.dmz))
+ (pifi (vpn :svc orange.vpn)
+ (dmz :svc artist.dmz))
+ ((ftp rsync wiki bugs mail db i2p) :svc vampire)
;; Internal services.
#+view/inside ((news lpr) :svc vampire.unsafe)
;; Anonymity services.
- (tor :svc #+view/inside vampire.unsafe
- #-view/inside anon.dmz)
+ (anon (colo :svc jazz.colo)
+ (unsafe :svc vampire.unsafe)
+ (jump :a anon.jump)
+ (dmz :a anon.dmz))
;; Fancy connectivity.
(iodine (jump :a jazz.jump))
(jem (unsafe :a jem.unsafe)
(dmz :a jem.dmz))
(artist (unsafe :a artist.unsafe)
- (dmz :a artist.dmz))
+ (dmz :a artist.dmz)
+ (untrusted :a artist.untrusted))
;; DHCP hosts.
(gibson :cname gibson.dhcp)
(vpn :net vpn)
(crybaby (vpn :a crybaby.vpn))
(terror (vpn :a terror.vpn))
+ (orange (vpn :a orange.vpn))
(iodine :net iodine)
;; ITS.
(dhcp :ns ((radius.ns.dhcp :ip radius)
(precision.ns.dhcp :ip precision)
(vampire.ns.dhcp :ip vampire)))
+ (dyn :ns ((radius.ns.dyn :ip radius)
+ (precision.ns.dyn :ip precision)
+ (vampire.ns.dyn :ip vampire)))
(dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
(precision.ns.dnserr :ip precision.jump)
(vampire.ns.dnserr :ip vampire.dmz)))
~mdw / zones / blobdiff