chiark
/
gitweb
/
~mdw
/
zones
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Domain keys support.
[zones]
/
distorted.lisp
diff --git
a/distorted.lisp
b/distorted.lisp
index 314fdc8b8f356531bf14f76cceadc4b90c976c26..0806e78534bc78281b5764d6970e32ff3a8df09f 100644
(file)
--- a/
distorted.lisp
+++ b/
distorted.lisp
@@
-25,9
+25,20
@@
(defzone distorted.org.uk
(chiark.ns :ip chiark.greenend.org.uk))
;; Mail servers.
(chiark.ns :ip chiark.greenend.org.uk))
;; Mail servers.
- ((@ mail
lists bugs cryptomail
)
+ ((@ mail)
:mx mail
:srv ((:smtp mail)))
:mx mail
:srv ((:smtp mail)))
+ ((lists bugs cryptomail)
+ :ttl 300
+ :mx mail
+ :srv ((:smtp old-mail)))
+
+ (stratocaster.20140403._domainkey
+ :dkim ("dkim-stratocaster.20140403.pub"
+ :v "DKIM1"
+ :k "rsa"
+ :h "sha256"
+ :s "email"))
;; Anycast services.
(dns0 (any :a dns0.any)
;; Anycast services.
(dns0 (any :a dns0.any)
@@
-84,8
+95,7
@@
(defzone distorted.org.uk
;; Entry is via little router box.
(dmz :net dmz)
;; Entry is via little router box.
(dmz :net dmz)
- (guvnor (inside :svc gate.dmz) (dmz :a guvnor.dmz))
- (anon (dmz :a anon.dmz))
+ (guvnor (dmz :a guvnor.dmz))
(gate (dmz :a gate.dmz))
(nat (dmz :a nat.dmz))
(gate (dmz :a gate.dmz))
(nat (dmz :a nat.dmz))
@@
-95,25
+105,31
@@
(defzone distorted.org.uk
(evolution :alias evo)
;; Colocated services.
(evolution :alias evo)
;; Colocated services.
- (
irc
(colo :svc jazz.colo)
- (jump :svc jazz.jump))
- ((git www) (colo :svc stratocaster.colo)
- (jump :svc stratocaster.jump))
+ (
(irc vox)
(colo :svc jazz.colo)
+
(jump :svc jazz.jump))
+ ((git www
mail
) (colo :svc stratocaster.colo)
+
(jump :svc stratocaster.jump))
:svc #+view/inside stratocaster.colo
#-view/inside stratocaster.jump
(cabal :svc stratocaster.colo)
:svc #+view/inside stratocaster.colo
#-view/inside stratocaster.jump
(cabal :svc stratocaster.colo)
+ ((db ftp) (colo :svc telecaster.colo)
+ (jump :svc telecaster.jump))
;; Local services.
;; Local services.
- (rawk (unsafe :svc artist.unsafe)
- (dmz :svc artist.dmz))
- ((ftp rsync wiki bugs mail db i2p vox) :svc vampire)
+ ((rawk pifi) (unsafe :svc artist.unsafe)
+ (dmz :svc artist.dmz))
+ (mirror (dmz :svc roadstar.dmz)
+ (unsafe :svc roadstar.unsafe))
+ ((wiki bugs old-mail i2p) :svc vampire)
;; Internal services.
#+view/inside ((news lpr) :svc vampire.unsafe)
;; Anonymity services.
;; Internal services.
#+view/inside ((news lpr) :svc vampire.unsafe)
;; Anonymity services.
- (tor :svc #+view/inside vampire.unsafe
- #-view/inside anon.dmz)
+ (anon (colo :svc jazz.colo)
+ (unsafe :svc vampire.unsafe)
+ (jump :a anon.jump)
+ (dmz :a anon.dmz))
;; Fancy connectivity.
(iodine (jump :a jazz.jump))
;; Fancy connectivity.
(iodine (jump :a jazz.jump))
@@
-135,6
+151,9
@@
(defzone distorted.org.uk
(jump :a jazz.jump)
(iodine :a jazz.iodine))
(jump :a jazz.jump)
(iodine :a jazz.iodine))
+ ;; Media server (on loan to Good Technology HSTG).
+ (jaguar (jump :a jaguar.jump))
+
;; Nicko's server.
(richmond (jump :a richmond.jump))
;; Nicko's server.
(richmond (jump :a richmond.jump))
@@
-157,7
+176,8
@@
(defzone distorted.org.uk
(jem (unsafe :a jem.unsafe)
(dmz :a jem.dmz))
(artist (unsafe :a artist.unsafe)
(jem (unsafe :a jem.unsafe)
(dmz :a jem.dmz))
(artist (unsafe :a artist.unsafe)
- (dmz :a artist.dmz))
+ (dmz :a artist.dmz)
+ (untrusted :a artist.untrusted))
;; DHCP hosts.
(gibson :cname gibson.dhcp)
;; DHCP hosts.
(gibson :cname gibson.dhcp)
@@
-171,7
+191,6
@@
(defzone distorted.org.uk
(crybaby (vpn :a crybaby.vpn))
(terror (vpn :a terror.vpn))
(orange (vpn :a orange.vpn))
(crybaby (vpn :a crybaby.vpn))
(terror (vpn :a terror.vpn))
(orange (vpn :a orange.vpn))
- (mango (vpn :a mango.vpn))
(iodine :net iodine)
;; ITS.
(iodine :net iodine)
;; ITS.
@@
-186,6
+205,9
@@
(defzone distorted.org.uk
(dhcp :ns ((radius.ns.dhcp :ip radius)
(precision.ns.dhcp :ip precision)
(vampire.ns.dhcp :ip vampire)))
(dhcp :ns ((radius.ns.dhcp :ip radius)
(precision.ns.dhcp :ip precision)
(vampire.ns.dhcp :ip vampire)))
+ (dyn :ns ((radius.ns.dyn :ip radius)
+ (precision.ns.dyn :ip precision)
+ (vampire.ns.dyn :ip vampire)))
(dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
(precision.ns.dnserr :ip precision.jump)
(vampire.ns.dnserr :ip vampire.dmz)))
(dnserr :ns ((radius.ns.dnserr :ip radius.dmz)
(precision.ns.dnserr :ip precision.jump)
(vampire.ns.dnserr :ip vampire.dmz)))