p2p-forge/zones/libp2p.direct at cd58175f7b764d00437da992be1c408f247347ed · ipshipyard/p2p-forge · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
$TTL 300
$ORIGIN libp2p.direct.

;; SOA Records
@                               86400   IN      SOA     aws1.libp2p.direct. domains.ipshipyard.com. (
                                                        2026032701  ; serial
                                                        86400       ; refresh
                                                        2400        ; retry
                                                        604800      ; expire
                                                        86400       ; minimum (TTL for "no record" responses)
                                                        )

;; DNS Service
;; NOTE: using foo.libp2p.direct subdomain here works because we have Glue Records set up at Registrar

;; waterworks-infra
libp2p.direct.                  86400   IN      NS      aws1.libp2p.direct.
libp2p.direct.                  86400   IN      NS      aws2.libp2p.direct.
libp2p.direct.                  86400   IN      NS      ovh1.libp2p.direct.
libp2p.direct.                  86400   IN      NS      ovh2.libp2p.direct.

;; manual legacy dev
;libp2p.direct.                  86400   IN      NS      ns1.libp2p.direct.
;libp2p.direct.                  86400   IN      NS      ns2.libp2p.direct.

;; aws-libp2p-direct-01
aws1.libp2p.direct.             86400   IN      A       18.188.47.119
aws1.libp2p.direct.             86400   IN      AAAA    2600:1f16:f2:9800:9fe5:445b:d8ae:efe3

;; aws-libp2p-direct-02
aws2.libp2p.direct.             86400   IN      A       18.219.153.245
aws2.libp2p.direct.             86400   IN      AAAA    2600:1f16:f2:9801:e482:8ee0:dfba:9157

;; ovh-libp2p-direct-01
ovh1.libp2p.direct.             86400   IN      A       15.204.30.239
ovh1.libp2p.direct.             86400   IN      AAAA    2604:2dc0:202:200::80d

;; ovh-libp2p-direct-02
ovh2.libp2p.direct.             86400   IN      A       147.135.78.6
ovh2.libp2p.direct.             86400   IN      AAAA    2604:2dc0:101:100::16d9

;; dev1
ns1.libp2p.direct.              86400   IN      A       40.160.8.207
ns1.libp2p.direct.              86400   IN      AAAA    2604:2dc0:101:100::265

;; dev2
ns2.libp2p.direct.              86400   IN      A       15.204.28.76
ns2.libp2p.direct.              86400   IN      AAAA    2604:2dc0:202:200::64e

;; Limit allowed CAs to Let's Encrypt, we discussed feasibility with them and no concerns were raised:
;; https://community.letsencrypt.org/t/feedback-on-raising-certificates-per-registered-domain-to-enable-peer-to-peer-networking/223003
libp2p.direct.                                    86400   IN        CAA     0 issue "letsencrypt.org"

;; HTTP Service
;; NOTE: HTTP endpoints MUST have cert from LE due to the CAA record above.
;; Cloudflare has setting for specifying CA provider, and me pinned it to LE.
registration.libp2p.direct.     86400   IN      NS      hera.ns.cloudflare.com.
registration.libp2p.direct.     86400   IN      NS      lloyd.ns.cloudflare.com.

;; PSL Records
;; This makes libp2p.direct an eTLD, meaning verious permissions and limits are applied per peerid.libp2p.direct
_psl.libp2p.direct.             86400   IN      TXT     "https://github.com/publicsuffix/list/pull/2084"
_psl.libp2p.direct.             86400   IN      TXT     "https://github.com/publicsuffix/list/pull/2105"

;; Email blocking
libp2p.direct.                  86400   IN      MX      0 .
libp2p.direct.                  86400   IN      TXT     "v=spf1 -all"
_dmarc.libp2p.direct.           86400   IN      TXT     "v=DMARC1;p=reject;sp=reject;adkim=s;aspf=s"
*._domainkey.libp2p.direct.     86400   IN      TXT     "v=DKIM1; p="

; vim: ts=2 sw=2 et :