From c38adbdf7bc02c0cedbcb8f3d664a62de35c87fc Mon Sep 17 00:00:00 2001 From: julien Date: Tue, 14 Jan 2025 17:58:47 +0100 Subject: [PATCH] first commit --- Dockerfile | 11 +++++++++ README.md | 6 +++++ compose.yml | 13 ++++++++++ conf/nsd.conf.d/zone.conf | 7 ++++++ conf/zones/komun.are.bzh | 38 ++++++++++++++++++++++++++++++ conf/zones/taal-academie.arree.bzh | 28 ++++++++++++++++++++++ nsd.conf | 18 ++++++++++++++ 7 files changed, 121 insertions(+) create mode 100644 Dockerfile create mode 100755 README.md create mode 100644 compose.yml create mode 100644 conf/nsd.conf.d/zone.conf create mode 100644 conf/zones/komun.are.bzh create mode 100644 conf/zones/taal-academie.arree.bzh create mode 100644 nsd.conf diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..208c07d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,11 @@ +FROM debian:stable-slim + +RUN apt update && apt -y install nsd && apt clean + +RUN nsd-control-setup + +RUN mkdir -p /etc/nsd/zones + +COPY nsd.conf /etc/nsd/ + +CMD /usr/sbin/nsd -d -P "" diff --git a/README.md b/README.md new file mode 100755 index 0000000..8c29ac2 --- /dev/null +++ b/README.md @@ -0,0 +1,6 @@ +# ns1.netig.net + +Generate the image before launching. +``` +# docker compose build +``` diff --git a/compose.yml b/compose.yml new file mode 100644 index 0000000..8cda778 --- /dev/null +++ b/compose.yml @@ -0,0 +1,13 @@ +services: + nsd: + build: . + image: nsd:latest + container_name: ns1netignet_nsd + hostname: ns1netignet + volumes: + - ./conf/zones:/etc/nsd/zones + - ./conf/nsd.conf.d:/etc/nsd/nsd.conf.d + ports: + - "53:53" + - "53:53/udp" + restart: unless-stopped diff --git a/conf/nsd.conf.d/zone.conf b/conf/nsd.conf.d/zone.conf new file mode 100644 index 0000000..d9e4e5d --- /dev/null +++ b/conf/nsd.conf.d/zone.conf @@ -0,0 +1,7 @@ +zone: + name: taal-academie.arree.bzh + zonefile: taal-academie.arree.bzh + +zone: + name: komun.are.bzh + zonefile: komun.are.bzh diff --git a/conf/zones/komun.are.bzh b/conf/zones/komun.are.bzh new file mode 100644 index 0000000..7385764 --- /dev/null +++ b/conf/zones/komun.are.bzh @@ -0,0 +1,38 @@ +$ORIGIN komun.are.bzh. +$TTL 3600 + +; SOA RECORD +@ IN SOA ns1.netig.net. hostmaster.netig.net. ( + 1679578861 ;Serial + 7200 ;Refresh + 1800 ;Retry + 1209600 ;Expire + 86400 ;Negative response caching TTL +) + +; NAMESERVERS +@ IN NS ns1.netig.net. + +; A RECORDS +@ IN A 103.177.249.4 +www IN A 103.177.249.4 +mail IN A 103.177.249.4 +list IN A 103.177.249.4 + +; AAAA RECORDS +@ IN AAAA 2a13:7c81:157::2 +www IN AAAA 2a13:7c81:157::2 +mail IN AAAA 2a13:7c81:157::2 +list IN AAAA 2a13:7c81:157::2 + +; MX RECORDS +@ IN MX 10 mail.komun.are.bzh. + +; TXT RECORDS +mail._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; " + "p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzgKbDT51MeeqT34qx340IaHIwfkMxqA4v4Ht3Fu1kmcRbnY3THbXSpYctQ7cRFQIGgpe11TP3fi9iz5pAG+w1qL/lM1gyDT1tYZo/wNDZI+uEUFq1nZwRHsyGUv8wpa05Y44iPg+5q+tiEDZnFzx2vbJekwYFGMiBEyJDzvkKugsgEkPJiB0/2jq2vJK7FFWZxQKtIN2fcVyD5" + "8rkZwlFGIL6uTRJMbnFuKITTDa34OoANO101YDGeBoYXKtWlMthPWeC5GWxYaOUaqK0n07bnoYI9RZ5q1WUGBAod3wZFV8Ub29aRUIJJUeZUhqkNYCGr73OCBc7mQs3xxm62/kPeStpsV70n4cXbUelfa8HJsP2erDz7lgHHiTXfOlbtrXIn/MLBSYGejWzEvhk9NAUmYqITDgUpK0hjmgwKV+ocPGKn0PO2MEsCGzLbzuwLLO2VS+I5pB" + "m+Fdbzqj68pmUUV2CHvqMCk9qX8Q3Lk3qP0J3dUUd3DVgZiZw/quzsoXRwTigj7ryMRQkL7obK4EwQzdxLZyB0zlAhUxequk0yOvYHWX7x5PXpuq+PCp6Jp387mBcVysqbGhKLBOjPSJMHEsy+tLZru0SiopxfyTMJJrCVTzsRjBQBElbcvovknIqo5v3A7QJMiPwzDeReRA4q0u6nW9WAIuJEI+aj6eaVcCAwEAAQ==" ) ; ----- DKIM key mail for komun.are.bzh +@ IN TXT "v=spf1 mx ~all" +_dmarc IN TXT "v=DMARC1; p=reject" +@ IN TXT "google-site-verification=UfPmbUaaUGN51Oq_vBj2ffIq59DARRQ3OW5MpL-2dy8" diff --git a/conf/zones/taal-academie.arree.bzh b/conf/zones/taal-academie.arree.bzh new file mode 100644 index 0000000..80cf146 --- /dev/null +++ b/conf/zones/taal-academie.arree.bzh @@ -0,0 +1,28 @@ +$ORIGIN taal-academie.arree.bzh. +$TTL 3600 + +; SOA RECORD +@ IN SOA ns1.netig.net. hostmaster.netig.net. ( + 1679578861 ;Serial + 7200 ;Refresh + 1800 ;Retry + 1209600 ;Expire + 86400 ;Negative response caching TTL +) + +; NAMESERVERS +@ IN NS ns1.netig.net. + +; A RECORDS +@ IN A 103.177.249.4 +www IN A 103.177.249.4 + +; AAAA RECORDS +@ IN AAAA 2a13:7c81:157::2 +www IN AAAA 2a13:7c81:157::2 + +; MX RECORDS +@ IN MX 10 mail.taal-academie.arree.bzh. + +; TXT RECORDS +@ IN TXT google-site-verification=N02jVJPn94NIlJXIg2b0Bh5hbdjFZdn3NIOIfxYqPUo diff --git a/nsd.conf b/nsd.conf new file mode 100644 index 0000000..6d2363d --- /dev/null +++ b/nsd.conf @@ -0,0 +1,18 @@ +server: + server-count: 1 + verbosity: 1 + hide-version: yes + zonesdir: "/etc/nsd/zones" + +remote-control: + # this allows the use of 'nsd-control' to control NSD. The default is "no" + control-enable: yes + # the interface NSD listens to for nsd-control. The default is 127.0.0.1 + control-interface: 127.0.0.1 + # the key files that allow the use of 'nsd-control'. The default path is "/etc/nsd/". Create these using the 'nsd-control-setup' utility + server-key-file: /etc/nsd/nsd_server.key + server-cert-file: /etc/nsd/nsd_server.pem + control-key-file: /etc/nsd/nsd_control.key + control-cert-file: /etc/nsd/nsd_control.pem + +include: "/etc/nsd/nsd.conf.d/zone.conf"