From e5d4fcc712c6d2015d1c9ec3827b62bb7e6719df Mon Sep 17 00:00:00 2001 From: Marcin Rataj Date: Fri, 10 Jan 2025 16:56:54 +0100 Subject: [PATCH] chore: prep for ipv6 glue records (#35) Part of #13 --- zones/libp2p.direct | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/zones/libp2p.direct b/zones/libp2p.direct index b63c3b1..c75f1ea 100644 --- a/zones/libp2p.direct +++ b/zones/libp2p.direct @@ -3,7 +3,7 @@ $ORIGIN libp2p.direct. ;; SOA Records @ 86400 IN SOA ns1.libp2p.direct. domains.ipshipyard.com. ( - 2024121101 ; serial + 2025011001 ; serial 86400 ; refresh 2400 ; retry 604800 ; expire @@ -11,29 +11,32 @@ $ORIGIN libp2p.direct. ) ;; DNS Service +;; NOTE: using subdomain here works because we have Glue Records set up at Registrar libp2p.direct. 86400 IN NS ns1.libp2p.direct. libp2p.direct. 86400 IN NS ns2.libp2p.direct. libp2p.direct. 86400 IN NS ns3.libp2p.direct. -libp2p.direct. 86400 IN NS ns1.p2p-forge.dwebops.net. -libp2p.direct. 86400 IN NS ns2.p2p-forge.dwebops.net. ns1.libp2p.direct. 86400 IN A 40.160.8.207 -;ns1.p2p-forge.dwebops.net. 86400 IN AAAA 2604:2dc0:101:100::265 +ns1.libp2p.direct. 86400 IN AAAA 2604:2dc0:101:100::265 ns2.libp2p.direct. 86400 IN A 15.204.28.76 -;ns2.p2p-forge.dwebops.net. 86400 IN AAAA 2604:2dc0:202:200::64e +ns2.libp2p.direct. 86400 IN AAAA 2604:2dc0:202:200::64e ns3.libp2p.direct. 86400 IN A 18.188.47.119 -;ns3.libp2p.direct. 86400 IN AAAA 2600:1f16:f2:9800:9fe5:445b:d8ae:efe3 +ns3.libp2p.direct. 86400 IN AAAA 2600:1f16:f2:9800:9fe5:445b:d8ae:efe3 -;; TLS Provider +;; Limit allowed CAs to Let's Encrypt, we discussed feasibility with them and no concerns were raised: +;; https://community.letsencrypt.org/t/feedback-on-raising-certificates-per-registered-domain-to-enable-peer-to-peer-networking/223003 libp2p.direct. 86400 IN CAA 0 issue "letsencrypt.org" ;; HTTP Service +;; NOTE: HTTP endpoints MUST have cert from LE due to the CAA record above. +;; Cloudflare has setting for specifying CA provider, and me pinned it to LE. registration.libp2p.direct. 86400 IN NS hera.ns.cloudflare.com. registration.libp2p.direct. 86400 IN NS lloyd.ns.cloudflare.com. ;; PSL Records +;; This makes libp2p.direct an eTLD, meaning verious permissions and limits are applied per peerid.libp2p.direct _psl.libp2p.direct. 86400 IN TXT "https://github.com/publicsuffix/list/pull/2084" _psl.libp2p.direct. 86400 IN TXT "https://github.com/publicsuffix/list/pull/2105"