(dolist (provider (list* any-provider default-provider other-providers))
(zone-set-address #'rec (cdr provider)
:make-ptr-p (eq provider any-provider)
- :name (concatenate 'string prefix "."
- (string-downcase (car provider))
- "." (string-downcase zname))))))
+ :name (domain-name-concat prefix
+ (zone-parse-host
+ (car provider)
+ zname))))))
;;;--------------------------------------------------------------------------
;;; Other definitions.
(chiark.ns :ip chiark.greenend.org.uk))
;; Mail servers.
- ((@ mail)
+ ((@ mail blackhole)
:mx mail
:srv ((:smtp mail)))
((lists bugs cryptomail)
(evolution :alias evo)
;; Colocated services.
- ((irc vox) (colo :svc jazz.colo :sshfp "jazz")
- (jump :svc jazz.jump :sshfp "jazz"))
+ ((irc vox keys) (colo :svc jazz.colo :sshfp "jazz")
+ (jump :svc jazz.jump :sshfp "jazz"))
((git www mail) (colo :svc stratocaster.colo :sshfp "stratocaster")
(jump :svc stratocaster.jump :sshfp "stratocaster"))
+ ((www @) :tlsa (:https (:service-certificate-constraint
+ :certificate :sha-256 #p"http-server-www#1")))
+ (git :tlsa (:https (:trust-anchor-assertion
+ :certificate :sha-256 #p"distorted-ca")))
+ (www-cache :tlsa (3127 (:trust-anchor-assertion
+ :certificate :sha-256 #p"distorted-ca")))
+ (mail :tlsa ((:smtp :submission :imap)
+ (:trust-anchor-assertion
+ :certificate :sha-256 #p"distorted-ca")))
:svc #+view/inside stratocaster.colo
#-view/inside stratocaster.jump
(cabal :svc stratocaster.colo :sshfp "stratocaster")
- ((db ftp dyndns) (colo :svc telecaster.colo :sshfp "telecaster")
- (jump :svc telecaster.jump :sshfp "telecaster"))
+ ((db ftp) (colo :svc telecaster.colo :sshfp "telecaster")
+ (jump :svc telecaster.jump :sshfp "telecaster"))
+ (dyndns :svc telecaster.jump :sshfp "telecaster")
;; Local services.
((rawk pifi) (unsafe :svc artist.unsafe)
(dmz :addr anon.dmz))
;; Fancy connectivity.
- (iodine (jump :addr jazz.jump))
+ (iodine (jump :svc jazz.jump))
;; Colocated hosts.
(colo :net colo)
(iodine :addr jazz.iodine :sshfp "jazz"))
;; Media server (on loan to Good Technology HSTG).
- (jaguar (jump :addr jaguar.jump))
+ (jaguar (jump :addr jaguar.jump :sshfp "jaguar"))
;; Nicko's server.
- (richmond (jump :addr richmond.jump))
+ (richmond (jump :svc richmond.jump))
;; Wired ethernet.
(unsafe :net unsafe)
(firebird :cname firebird.dhcp)
(marauder :cname marauder.dhcp)
(invader :cname invader.dhcp)
+ (gretsch :cname gretsch.dhcp)
;; Virtual network.
(vpn :net vpn)
(crybaby (vpn :addr crybaby.vpn :sshfp "crybaby"))
(terror (vpn :addr terror.vpn :sshfp "terror"))
(orange (vpn :addr orange.vpn :sshfp "orange"))
+ (haze (vpn :addr haze.vpn :sshfp "haze"))
+ (groove (vpn :addr groove.vpn :sshfp "groove"))
(iodine :net iodine)
;; ITS.
(invader :addr invader.safe)
(marauder :addr marauder.safe))
+(defzone nicko.org
+ (richmond :addr richmond.jump))
+
(defrevzone trusted
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
vampire.distorted.org.uk.))
:multi (((dhcp safe) :family :ipv4 :suffix "199.29.172.dhcp") :cname *))
-(defrevzone dmz
+(defrevzone (dmz :family :ipv6)
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
vampire.distorted.org.uk.)
:reverse dmz)
-(defrevzone jump
+(defrevzone (dmz :family :ipv4)
+ (144-159 :ns (radius.distorted.org.uk.
+ precision.distorted.org.uk.
+ telecaster.distorted.org.uk.
+ vampire.distorted.org.uk.))
+ :multi ((dmz :suffix "144-159") :cname *))
+
+(defzone 144-159.204.49.62.in-addr.arpa
+ :ns (radius.distorted.org.uk.
+ precision.distorted.org.uk.
+ telecaster.distorted.org.uk.
+ vampire.distorted.org.uk.)
+ :reverse ((((:ipv4 dmz)))))
+
+(defrevzone (jump :family :ipv6)
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.
telecaster.distorted.org.uk.
vampire.distorted.org.uk.)
:reverse jump)
+(defrevzone (jump :family :ipv4)
+ (64-79 :ns (radius.distorted.org.uk.
+ precision.distorted.org.uk.
+ telecaster.distorted.org.uk.
+ vampire.distorted.org.uk.))
+ :multi ((jump :suffix "64-79") :cname *))
+
+(defzone 64-79.198.13.212.in-addr.arpa
+ :ns (radius.distorted.org.uk.
+ precision.distorted.org.uk.
+ telecaster.distorted.org.uk.
+ vampire.distorted.org.uk.)
+ :reverse ((((:ipv4 jump)))))
+
(defrevzone distorted.org.uk-he
:ns (radius.distorted.org.uk.
precision.distorted.org.uk.