X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/zones/blobdiff_plain/a1ab9d7efb02c2185980c2fd6a0a417a0f5a2b62..8c717a9f0421b32d0dbeb0b6c3d63efd75b703e7:/distorted.lisp

diff --git a/distorted.lisp b/distorted.lisp
index 4a4b05a..3c33a50 100644
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -82,10 +82,10 @@ (defzone distorted.org.uk
   ((@ mail blackhole)
    :mx mail
    :srv ((:smtp mail)))
-  ((lists bugs cryptomail)
+  ((lists)
    :ttl 300
-   :mx mail
-   :srv ((:smtp old-mail)))
+   :mx lists
+   :srv ((:smtp lists)))
 
   (stratocaster.20140403._domainkey
    :dkim ("stratocaster-20140403"
@@ -147,6 +147,8 @@ (defzone distorted.org.uk
   ;; Colocated services.
   ((irc vox keys) (colo :svc jazz.colo :sshfp "jazz")
 		  (jump :svc jazz.jump :sshfp "jazz"))
+  (lists (colo :svc telecaster.colo :sshfp "telecaster")
+	 (jump :svc telecaster.jump :sshfp "telecaster"))
   ((git www mail) (colo :svc stratocaster.colo :sshfp "stratocaster")
 		  (jump :svc stratocaster.jump :sshfp "stratocaster"))
   ((www @) :tlsa (:https (:service-certificate-constraint
@@ -155,6 +157,8 @@ (defzone distorted.org.uk
 		      :certificate :sha-256 #p"distorted-ca")))
   (www-cache :tlsa (3127 (:trust-anchor-assertion
 			  :certificate :sha-256 #p"distorted-ca")))
+  (lists :tlsa ((:smtp :https) (:trust-anchor-assertion
+				:certificate :sha-256 #p"distorted-ca")))
   (mail :tlsa ((:smtp :submission :imap)
 	       (:trust-anchor-assertion
 		:certificate :sha-256 #p"distorted-ca")))
@@ -170,7 +174,6 @@ (defzone distorted.org.uk
 	       (dmz :svc artist.dmz))
   (mirror (dmz :svc roadstar.dmz :sshfp "roadstar")
 	  (unsafe :svc roadstar.unsafe :sshfp "roadstar"))
-  ((wiki bugs old-mail i2p) :svc vampire :sshfp "vampire")
 
   ;; Internal services.
   #+view/inside ((news lpr) :svc vampire.unsafe :sshfp "vampire")
@@ -340,11 +343,11 @@ (defzone dhcp.distorted.org.uk
        (vampire.ns :ip vampire.dmz))
   (gibson :addr gibson.unsafe)
   (crybaby :addr crybaby.unsafe)
-  (lespaul :addr lespaul.safe)
-  (invader :addr invader.safe)
-  (marauder :addr marauder.safe)
+  (lespaul :addr lespaul.unsafe)
+  (gretsch :addr gretsch.unsafe)
   (haze :addr haze.unsafe)
-  (gretsch :addr gretsch.unsafe))
+  (invader :addr invader.safe)
+  (marauder :addr marauder.safe))
 
 (defzone nicko.org
   (richmond :addr richmond.jump))