Commit graph

39 commits

Author SHA1 Message Date
s3lph
b1795f2e76 Add support for on-secondary signing 2023-04-04 20:46:54 +02:00
s3lph
ce27010642 Change default cds-cdnskey-publish to always 2022-06-14 21:17:14 +02:00
s3lph
e4e9e21e8c Make cds_cndskey_publish configurable per zone 2022-06-14 12:58:45 +02:00
s3lph
b9bb083f76 Make DNSSEC algorithms configurable per zone 2022-06-13 21:40:58 +02:00
s3lph
4fe9da8a6d Add option to install knot from the upstream cz.nic repository 2022-06-13 21:21:46 +02:00
s3lph
2abd8ccf02 Change default KSK/ZSK to ed25519 2022-06-04 00:33:07 +02:00
s3lph
35ed3e09f2 Apparently reloading knot is not enough with some config changes (e.g. listen-address), restart instead 2021-11-05 12:58:53 +01:00
s3lph
7ce38e0edf Fix loop in install.yml 2021-11-05 12:52:30 +01:00
s3lph
fbd4f1c5e7 Remove duplicate line from dnssec policies 2021-10-01 01:57:04 +02:00
s3lph
bf5b1d50fb Add dnssec policy propagation-delay option 2021-09-30 21:38:04 +02:00
s3lph
837832be9b Fix submission config error 2021-09-30 00:39:52 +02:00
s3lph
4680285605 Fix config file whitespaces 2021-09-30 00:37:26 +02:00
s3lph
a339290de7 Fix config file whitespaces 2021-09-30 00:36:27 +02:00
s3lph
83fc2ba1e8 Fix config file whitespaces 2021-09-30 00:35:41 +02:00
s3lph
0482dd69e3 Bugfix 3 2021-09-30 00:08:25 +02:00
s3lph
8b86782842 Bugfix 2 2021-09-29 23:57:40 +02:00
s3lph
a35e66049d Bugfix 2021-09-29 23:56:40 +02:00
s3lph
a9be647f84 Add support for configuring ZSK and KSK rollovers, including submission checks 2021-09-29 23:17:38 +02:00
s3lph
9402eee1c1 Prevent zone file from being overwritten on DNSSEC resigns 2021-09-29 22:45:26 +02:00
s3lph
1e19b6efc9 knot: install knot-dnsutils 2021-03-21 03:39:37 +01:00
s3lph
11d07d7089 knot: install knot-dnsutils 2021-03-21 03:37:47 +01:00
s3lph
05eab6666c fix typo 2021-02-06 00:17:38 +01:00
s3lph
e12a8f6981 only use tsig keys mutually 2021-02-06 00:16:19 +01:00
s3lph
0e587d61e4 🤦 actually use tsig keys for notifies/xfrs 2021-02-06 00:09:43 +01:00
s3lph
2541e4254d updaters dont need to be a remote 2021-02-05 23:27:51 +01:00
s3lph
9cbf45e958 add ip filter for transfers even if tsig key is present 2021-02-05 22:57:03 +01:00
s3lph
47bf844bf1 Work around a jinja2 bug in the map filter regarding default values (https://github.com/pallets/jinja/issues/1331) 2021-02-05 22:28:20 +01:00
s3lph
3200fe522a Make updaters zone key optional 2021-02-05 21:50:05 +01:00
s3lph
eab820a60a Make updaters zone key optional 2021-02-05 21:47:34 +01:00
s3lph
7cdd070ad4 split knot zonefiles and config tasks 2021-02-05 21:43:12 +01:00
s3lph
69cfc2ef81 Add support for TSIG keys 2021-02-05 21:36:46 +01:00
s3lph
9c329c8897 Add option to configure knot server nsid 2021-01-16 05:40:04 +01:00
s3lph
3dd19606f5 Add option to configure knot server identity 2021-01-16 05:23:09 +01:00
s3lph
3660754332 Fix missing variable for master zone files 2021-01-16 04:30:34 +01:00
s3lph
db202e39fe Spacing for readability 2021-01-16 03:36:01 +01:00
s3lph
486b0d1bed Minor fixes 2021-01-16 03:32:20 +01:00
s3lph
034f06b6c4 Fix loop syntax error 2021-01-16 02:11:49 +01:00
s3lph
033587f9d4 Change role tags 2021-01-16 02:02:16 +01:00
s3lph
f880e43321 knot monoculture 2021-01-16 02:00:19 +01:00