[pdns] Allow AXFR to dns.fedcom.net

2025-01-25 00:19:41 +01:00 · 2025-01-25 00:19:41 +01:00 · 885afc244b
commit 885afc244b
parent b968aaff53
1 changed files with 6 additions and 1 deletions
--- a/lib/pdns.sh
+++ b/lib/pdns.sh
@ -57,7 +57,9 @@ PDNS_webserver_password=$PDNS_WEBSERVER_PASSWORD
 PDNS_version_string=anonymous
 PDNS_default_ttl=1500
 PDNS_allow_notify_from=0.0.0.0
-PDNS_allow_axfr_ips=127.0.0.1
+PDNS_allow_axfr_ips=5.161.216.170/32
+PDNS_also_notify=5.161.216.170
+PDNS_disable_axfr=no
 PDNS_default_soa_content=ns1.@ hostmaster.@ 0 10800 3600 604800 3600
 PDNS_allow_dnsupdate_from=127.0.0.0/8,::1,192.168.0.0/16
 PDNS_dnsupdate=yes
@ -90,6 +92,9 @@ curl -X PATCH --data '{"rrsets": [ {"name": "*.$DOMAIN.", "type": "CNAME", "ttl"
 pdnsutil add-record $DOMAIN @ NS ns1.$DOMAIN
 pdnsutil add-record $DOMAIN @ NS ns2.$DOMAIN
 pdnsutil add-record $DOMAIN @ A 86400 $EXTERNALIP
+
+pdnsutil import-tsig-key fedcomdns hmac-sha512 2BJrbNNmy5Hl+uFO1QcvQBpXx+Kbv9IdbyrHpwK7lYWDKmgTOmJu7eR0srfRNSVpTOnK6bQWOm4BxkrrQxd6Gw==
+pdnsutil activate-tsig-key $DOMAIN fedcomdns primary
 EOF
 chmod +x /federated/apps/pdns/data/root/createrecords.sh