From a8ef96ee1883b9e1fdfe7268e508df8e3e5c0b37 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zolt=C3=A1n=20Felleg?= <zoltan.felleg@userrendszerhaz.hu>
Date: Thu, 11 Mar 2021 14:13:04 +0100
Subject: [PATCH] Updated ens.pm, pns.pm and pns.usr (all external DNS zones
 are now signed).

---
 .../ens.pm/postinstall/install/etc/named.conf |  6 ++--
 .../pns.pm/postinstall/install/etc/named.conf |  4 +--
 sources/pns.usr/postinstall/20_setupdnssec.sh |  4 +--
 .../postinstall/install/etc/named.conf        | 12 ++++----
 .../install/var/named/mediacube.hu.zone       |  3 +-
 .../install/var/named/useredms.hu.zone        |  3 +-
 .../install/var/named/useribm.hu.zone         | 30 ++++++++++---------
 .../install/var/named/userrendszerhaz.hu.zone | 30 ++++++++++---------
 8 files changed, 47 insertions(+), 45 deletions(-)

diff --git a/sources/ens.pm/postinstall/install/etc/named.conf b/sources/ens.pm/postinstall/install/etc/named.conf
index 1091c4f..e16912b 100644
--- a/sources/ens.pm/postinstall/install/etc/named.conf
+++ b/sources/ens.pm/postinstall/install/etc/named.conf
@@ -162,7 +162,7 @@ view "external" {
 	zone "useribm.hu" IN {
 		type slave;
 		masters { primary_ns_master; };
-		file "slaves/useribm.hu.zone";
+		file "slaves/useribm.hu.zone.signed";
 
 		allow-transfer		{ peep_bo_ns_key_acl; };
 		allow-notify		{ primary_ns_key_acl; };
@@ -172,7 +172,7 @@ view "external" {
 	zone "userrendszerhaz.hu" IN {
 		type slave;
 		masters { primary_ns_master; };
-		file "slaves/userrendszerhaz.hu.zone";
+		file "slaves/userrendszerhaz.hu.zone.signed";
 
 		allow-transfer		{ peep_bo_ns_key_acl; };
 		allow-notify		{ primary_ns_key_acl; };
@@ -184,7 +184,7 @@ view "external" {
 	zone "kolafirearms.com" IN {
 		type slave;
 		masters { peep_bo_ns_master; };
-		file "slaves/kolafirearms.com.zone";
+		file "slaves/kolafirearms.com.zone.signed";
 
 		allow-notify		{ peep_bo_ns_key_acl; };
 	};
diff --git a/sources/pns.pm/postinstall/install/etc/named.conf b/sources/pns.pm/postinstall/install/etc/named.conf
index 52c7e61..1bd795e 100644
--- a/sources/pns.pm/postinstall/install/etc/named.conf
+++ b/sources/pns.pm/postinstall/install/etc/named.conf
@@ -190,11 +190,11 @@ view "perimeter" {
 	zone "useribm.hu" IN {
 		type slave;
 		masters { primary_ns_master; };
-		file "slaves/useribm.hu.zone";
+		file "slaves/useribm.hu.zone.signed";
 	};
 	zone "userrendszerhaz.hu" IN {
 		type slave;
 		masters { primary_ns_master; };
-		file "slaves/userrendszerhaz.hu.zone";
+		file "slaves/userrendszerhaz.hu.zone.signed";
 	};
 };
diff --git a/sources/pns.usr/postinstall/20_setupdnssec.sh b/sources/pns.usr/postinstall/20_setupdnssec.sh
index bb6f1e3..42f33b6 100755
--- a/sources/pns.usr/postinstall/20_setupdnssec.sh
+++ b/sources/pns.usr/postinstall/20_setupdnssec.sh
@@ -90,7 +90,7 @@ fi
 cd /var/named
 dnssec-signzone -e +15552000 -N unixtime -o mediacube.hu mediacube.hu.zone
 dnssec-signzone -e +15552000 -N unixtime -o useredms.hu useredms.hu.zone
-#dnssec-signzone -e +15552000 -N unixtime -o useribm.hu useribm.hu.zone
-#dnssec-signzone -e +15552000 -N unixtime -o userrendszerhaz.hu userrendszerhaz.hu.zone
+dnssec-signzone -e +15552000 -N unixtime -o useribm.hu useribm.hu.zone
+dnssec-signzone -e +15552000 -N unixtime -o userrendszerhaz.hu userrendszerhaz.hu.zone
 #dnssec-signzone -e +15552000 -N unixtime -o usr.user.hu usr.user.hu.zone
 #dnssec-signzone -e +15552000 -N unixtime -o pm.user.hu pm.user.hu.zone
diff --git a/sources/pns.usr/postinstall/install/etc/named.conf b/sources/pns.usr/postinstall/install/etc/named.conf
index 1870c5b..3765d25 100644
--- a/sources/pns.usr/postinstall/install/etc/named.conf
+++ b/sources/pns.usr/postinstall/install/etc/named.conf
@@ -160,11 +160,11 @@ view "external" {
 	};
 	zone "useribm.hu" IN {
 		type master;
-		file "useribm.hu.zone";
+		file "useribm.hu.zone.signed";
 	};
 	zone "userrendszerhaz.hu" IN {
 		type master;
-		file "userrendszerhaz.hu.zone";
+		file "userrendszerhaz.hu.zone.signed";
 	};
 };
 
@@ -252,11 +252,11 @@ view "internal" {
 	};
 	zone "useribm.hu" IN {
 		type master;
-		file "useribm.hu.zone";
+		file "useribm.hu.zone.signed";
 	};
 	zone "userrendszerhaz.hu" IN {
 		type master;
-		file "userrendszerhaz.hu.zone";
+		file "userrendszerhaz.hu.zone.signed";
 	};
 };
 
@@ -328,10 +328,10 @@ view "perimeter" {
 	};
 	zone "useribm.hu" IN {
 		type master;
-		file "useribm.hu.zone";
+		file "useribm.hu.zone.signed";
 	};
 	zone "userrendszerhaz.hu" IN {
 		type master;
-		file "userrendszerhaz.hu.zone";
+		file "userrendszerhaz.hu.zone.signed";
 	};
 };
diff --git a/sources/pns.usr/postinstall/install/var/named/mediacube.hu.zone b/sources/pns.usr/postinstall/install/var/named/mediacube.hu.zone
index b1f4848..dd5a84c 100644
--- a/sources/pns.usr/postinstall/install/var/named/mediacube.hu.zone
+++ b/sources/pns.usr/postinstall/install/var/named/mediacube.hu.zone
@@ -1,5 +1,4 @@
-;$TTL	86400
-$TTL	3600
+$TTL	86400
 @	IN	SOA	ns1.mediacube.hu.	hostmaster.mx.mediacube.hu.	(
 					1		; Serial
 					86400		; Refresh (1 day)
diff --git a/sources/pns.usr/postinstall/install/var/named/useredms.hu.zone b/sources/pns.usr/postinstall/install/var/named/useredms.hu.zone
index 72242d6..cb62d16 100644
--- a/sources/pns.usr/postinstall/install/var/named/useredms.hu.zone
+++ b/sources/pns.usr/postinstall/install/var/named/useredms.hu.zone
@@ -1,5 +1,4 @@
-;$TTL	86400
-$TTL	3600
+$TTL	86400
 @	IN	SOA	ns1.useredms.hu.	hostmaster.mx.useredms.hu.	(
 					1		; Serial
 					86400		; Refresh (1 day)
diff --git a/sources/pns.usr/postinstall/install/var/named/useribm.hu.zone b/sources/pns.usr/postinstall/install/var/named/useribm.hu.zone
index 9d19192..666b487 100644
--- a/sources/pns.usr/postinstall/install/var/named/useribm.hu.zone
+++ b/sources/pns.usr/postinstall/install/var/named/useribm.hu.zone
@@ -1,7 +1,6 @@
-;$TTL	86400
-$TTL	3600
+$TTL	86400
 @	IN	SOA	ns1.useribm.hu.	hostmaster.mx.useribm.hu.	(
-					2021022501	; Serial
+					1		; Serial
 					86400		; Refresh (1 day)
 					7200		; Retry (2 hours)
 					2419200		; Expire (4 weeks)
@@ -13,12 +12,12 @@ $TTL	3600
 		IN	SPF	"v=spf1 +mx -all"
 
 ; Telekom
-efg		IN	A	194.149.40.146	; efg
+efg-tkom	IN	A	194.149.40.146	; efg
 mx		IN	A	194.149.40.147	; mail exchanger
-ns-telekom	IN	A	194.149.40.148	; primary name server
-ns1-telekom	IN	A	194.149.40.148	; primary name server
+ns-tkom		IN	A	194.149.40.148	; primary name server
+ns1-tkom	IN	A	194.149.40.148	; primary name server
 ns2		IN	A	46.107.213.35	; secondary name server
-vpn		IN	A	194.149.40.149	; OpenVPN server
+vpn-tkom	IN	A	194.149.40.149	; OpenVPN server
 hg		IN	A	194.149.40.150	; mercurial
 jtrac		IN	A	194.149.40.150	; jtrac
 minicrm		IN	A	194.149.40.150	; minicrm
@@ -34,16 +33,16 @@ unused154	IN	A	194.149.40.154	; unused
 unused155	IN	A	194.149.40.155	; unused
 unused156	IN	A	194.149.40.156	; unused
 zfdl360e	IN	A	194.149.40.157	; zfelleg DL360e
-fschnell	IN	A	194.149.40.158	; fschnell/zfelleg server
-zfelleg		IN	A	194.149.40.158	; fschnell/zfelleg server
-zfdl380e	IN	A	194.149.40.158	; zfelleg DL380e
+fschnell-tkom	IN	A	194.149.40.158	; fschnell/zfelleg server
+zfelleg-tkom	IN	A	194.149.40.158	; fschnell/zfelleg server
+zfdl380e-tkom	IN	A	194.149.40.158	; zfelleg DL380e
 
 ; ACE Telecom
-efg-ace		IN	A	37.220.137.97	; efg
+efg		IN	A	37.220.137.97	; efg
 mx-ace		IN	A	37.220.137.98	; mail exchanger
 ns		IN	A	37.220.137.99	; primary name server
 ns1		IN	A	37.220.137.99	; primary name server
-vpn-ace		IN	A	37.220.137.100	; OpenVPN server
+vpn		IN	A	37.220.137.100	; OpenVPN server
 hg-ace		IN	A	37.220.137.101	; mercurial
 jtrac-ace	IN	A	37.220.137.101	; jtrac
 minicrm-ace	IN	A	37.220.137.101	; minicrm
@@ -58,5 +57,8 @@ unused105-ace	IN	A	37.220.137.105	; unused
 unused106-ace	IN	A	37.220.137.106	; unused
 unused107-ace	IN	A	37.220.137.107	; unused
 zfdl360e-ace	IN	A	37.220.137.108	; zfelleg DL360e
-zfelleg-ace	IN	A	37.220.137.109	; zfelleg server
-zfdl380e-ace	IN	A	37.220.137.109	; zfelleg DL380e
+zfelleg		IN	A	37.220.137.109	; zfelleg server
+zfdl380e	IN	A	37.220.137.109	; zfelleg DL380e
+
+$INCLUDE	Kuseribm.hu.+008+24465.key
+$INCLUDE	Kuseribm.hu.+008+56797.key
diff --git a/sources/pns.usr/postinstall/install/var/named/userrendszerhaz.hu.zone b/sources/pns.usr/postinstall/install/var/named/userrendszerhaz.hu.zone
index 48af16b..cdcc911 100644
--- a/sources/pns.usr/postinstall/install/var/named/userrendszerhaz.hu.zone
+++ b/sources/pns.usr/postinstall/install/var/named/userrendszerhaz.hu.zone
@@ -1,7 +1,6 @@
-;$TTL	86400
-$TTL	3600
+$TTL	86400
 @	IN	SOA	ns1.userrendszerhaz.hu.	hostmaster.mx.userrendszerhaz.hu.	(
-					2021022501	; Serial
+					1		; Serial
 					86400		; Refresh (1 day)
 					7200		; Retry (2 hours)
 					2419200		; Expire (4 weeks)
@@ -17,12 +16,12 @@ $TTL	3600
 		IN	TXT	"v=spf1 include:_spf.google.com ~all"
 
 ; Telekom
-efg		IN	A	194.149.40.146	; efg
+efg-tkom	IN	A	194.149.40.146	; efg
 mx		IN	A	194.149.40.147	; mail exchanger
-ns-telekom	IN	A	194.149.40.148	; primary name server
-ns1-telekom	IN	A	194.149.40.148	; primary name server
+ns-tkom		IN	A	194.149.40.148	; primary name server
+ns1-tkom	IN	A	194.149.40.148	; primary name server
 ns2		IN	A	46.107.213.35	; secondary name server
-vpn		IN	A	194.149.40.149	; OpenVPN server
+vpn-tkom	IN	A	194.149.40.149	; OpenVPN server
 hg		IN	A	194.149.40.150	; mercurial
 jtrac		IN	A	194.149.40.150	; jtrac
 minicrm		IN	A	194.149.40.150	; minicrm
@@ -38,16 +37,16 @@ unused154	IN	A	194.149.40.154	; unused
 unused155	IN	A	194.149.40.155	; unused
 unused156	IN	A	194.149.40.156	; unused
 zfdl360e	IN	A	194.149.40.157	; zfelleg DL360e
-fschnell	IN	A	194.149.40.158	; fschnell/zfelleg server
-zfelleg		IN	A	194.149.40.158	; fschnell/zfelleg server
-zfdl380e	IN	A	194.149.40.158	; zfelleg DL380e
+fschnell-tkom	IN	A	194.149.40.158	; fschnell/zfelleg server
+zfelleg-tkom	IN	A	194.149.40.158	; fschnell/zfelleg server
+zfdl380e-tkom	IN	A	194.149.40.158	; zfelleg DL380e
 
 ; ACE Telecom
-efg-ace		IN	A	37.220.137.97	; efg
+efg		IN	A	37.220.137.97	; efg
 mx-ace		IN	A	37.220.137.98	; mail exchanger
 ns		IN	A	37.220.137.99	; primary name server
 ns1		IN	A	37.220.137.99	; primary name server
-vpn-ace		IN	A	37.220.137.100	; OpenVPN server
+vpn		IN	A	37.220.137.100	; OpenVPN server
 hg-ace		IN	A	37.220.137.101	; mercurial
 jtrac-ace	IN	A	37.220.137.101	; jtrac
 minicrm-ace	IN	A	37.220.137.101	; minicrm
@@ -62,8 +61,8 @@ unused105-ace	IN	A	37.220.137.105	; unused
 unused106-ace	IN	A	37.220.137.106	; unused
 unused107-ace	IN	A	37.220.137.107	; unused
 zfdl360e-ace	IN	A	37.220.137.108	; zfelleg DL360e
-zfelleg-ace	IN	A	37.220.137.109	; zfelleg server
-zfdl380e-ace	IN	A	37.220.137.109	; zfelleg DL380e
+zfelleg		IN	A	37.220.137.109	; zfelleg server
+zfdl380e	IN	A	37.220.137.109	; zfelleg DL380e
 
 ibmstorage	IN	A	52.178.40.45	; mszabo
 ibmdrsite	IN	A	52.178.40.45	; mszabo
@@ -75,3 +74,6 @@ mail		IN	CNAME	ghs.google.com.
 sites		IN	CNAME	ghs.google.com.
 
 googleffffffff963b8d47		IN	CNAME	google.com.
+
+$INCLUDE	Kuserrendszerhaz.hu.+008+06526.key
+$INCLUDE	Kuserrendszerhaz.hu.+008+23760.key
-- 
2.54.0