Haack's Wiki

User Tools

Site Tools

Trace:
computing:bind9dns

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
computing:bind9dns [2025/12/28 08:26] oemb1905computing:bind9dns [2026/05/16 23:28] (current) oemb1905
Line 256: Line 256:
     allow-transfer { 8.28.86.114; 8.28.86.115; 2604:fa40:0:10::12; 2604:fa40:0:10::13; };     allow-transfer { 8.28.86.114; 8.28.86.115; 2604:fa40:0:10::12; 2604:fa40:0:10::13; };
     also-notify { 8.28.86.114; 8.28.86.115; 2604:fa40:0:10::12; 2604:fa40:0:10::13; };     also-notify { 8.28.86.114; 8.28.86.115; 2604:fa40:0:10::12; 2604:fa40:0:10::13; };
 +    };
 </code> </code>
  
Line 459: Line 460:
 {{ :computing:screenshot_from_2025-12-27_21-16-25.png?direct&800 |}} {{ :computing:screenshot_from_2025-12-27_21-16-25.png?direct&800 |}}
  
-Of course, you could also shell into the slaves and remove those transfer rules via the CLI, this is just to show that both methods work and are dealing with the exact same bind9 underbelly. +Of course, you could also shell into the slaves and remove those transfer rules via the CLI, this is just to show that both methods work and are dealing with the exact same bind9 underbelly. Once we do that, we can !!FINALLY!! create A, AAAA, dmarc, spf, and or any other records we need. Here's what the zone's landing page looks like and what the record pages within it look like:
- +
-  image?? +
- +
-Once we do that, we can create A, AAAA, dmarc, spf, and or any other records we need. Here's what the zone's landing page looks like and what the record pages within it look like:+
  
 {{ :computing:screenshot_from_2025-12-27_22-37-52.png?direct&800 |}} {{ :computing:screenshot_from_2025-12-27_22-37-52.png?direct&800 |}}
Line 619: Line 616:
   * [[https://matrix.to/#/@haacksnetworking:gnulinux.club|Haack's Networking on Matrix]]   * [[https://matrix.to/#/@haacksnetworking:gnulinux.club|Haack's Networking on Matrix]]
  
- --- //[[alerts@haacksnetworking.org|oemb1905]] 2025/12/28 08:26//+Updates ... tmp directory was too small: 
 + 
 +  sudo mkdir -p /webmin/tmp 
 +  sudo chown root:root /webmin/tmp 
 +  sudo chmod 700 /webmin/tmp 
 +   
 +After that, navigate to Webmin Settings > Webmin Configuration and then specify custom tmp directory and enter ''/webmin/tmp''. Even if/when fail2ban is setup, enough brute force attempts can still trigger webmin's internal security. In order to stop that from happening, you can specify approved IPs in your vhost in apache: 
 + 
 +<code> 
 +<VirtualHost *:80> 
 +    ServerName ns1.haacksnetworking.com 
 +        <Location /> 
 +                Require ip 185.242.226.78 
 +                Require ip 2606:4700:3037::6815:4f2f 
 +        </Location>     
 +    RewriteEngine On 
 +    RewriteCond %{HTTPS} off 
 +    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] 
 +    ProxyPass /.well-known ! 
 +</VirtualHost> 
 +</code> 
 + 
 + --- //[[alerts@haacksnetworking.org|oemb1905]] 2026/05/16 23:25//
computing/bind9dns.1766910412.txt.gz · Last modified: by oemb1905

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki