|
|
# -*- ispell-local-dictionary: "english" -*-
#+TITLE: Bind v9 Domain name server
* Usage
** Example =compose.yml=
#+begin_src yaml dns: charm: bind
options: vars: ## these vars are a facility to allow using `$var` in domain defs myip: 1.2.3.4 zones: ## __all__ will be applied to all domains defined here __all__: ns: ## '_' is translated to '@' in BIND v9 zone definition, which in ## in turn refers to the current domain being defined. _: (dns.mycompany.com,sdns1.ovh.net,ns6.gandi.net) mx: _: (1 ,(5 alt(1,2),10 alt(3,4)).)aspmx.l.google.com. mycompany.com: mx: news: 10 news
## Names will generate IN A/CNAME depending if an IP is detected or a name name: ## key and values can be expanded, the syntax uses the same logic ## than shell expansion with `{`, `}` and `,`. So this: ## `(_,dns,core(,-01))` will demux to `_ dns core core-01`, so all ## these keys will receive the following value. (_,dns,core(,-01)): $myip core-02: 4.5.6.7
## You can specify after a space, a TTL that will be applied to all ## definitions inside the section: name 3h: ## `www` required not to be an IP by zonecheck (www,admin,smtp,beta,alpha,erp(,-beta)): core-01 news: 77.32.131.26 r.news: r.mailin.fr. img.news: img.mailin.fr.
spf 3h: ## Remember that this is YAML that also offer nice syntaxic ## feature to avoid repeating values. _: &spf >- v=spf1 a a:smtp.free.fr a:smtp.mycompany.com include:spf.sendinblue.com mx ?all txt 3h: _: - *spf - Sendinblue-code:xxx - google-site-verification=yyy
news: "v=spf1 include:spf.sendinblue.com mx ~all" mail._domainkey(,.news): "k=rsa;p=zzz"
_dmarc.news: >- v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400
(othercompany.com,other-company.com): name: (_,www,mail): $myip (admin,beta): www#+end_src
* Persistence
backup will keep:- /etc/bind/rndc.key- /etc/bind/.db.$DOMAIN files keeping a hash of the configuration along with the given serial that matches the zone file. This is to be sure to advertise the same serial after a recovery.
|
