From a637ae6ea3b654caf5de1dbe5951f9776a0c84d2 Mon Sep 17 00:00:00 2001
From: VC <veretcle+framagit@mateu.be>
Date: Wed, 2 Oct 2024 16:16:46 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=9A=A7:=20create=20temp=20stuff=20for=20U?=
 =?UTF-8?q?TC/DNSSEC=20Kata?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 group_vars/nsdservers.yml                   |  1 -
 roles/nsd/templates/zones/mateu.be.zone.j2  | 14 ++++++++------
 roles/nsd/templates/zones/monder.ch.zone.j2 | 20 ++++++++++++++++++++
 3 files changed, 28 insertions(+), 7 deletions(-)
 create mode 100644 roles/nsd/templates/zones/monder.ch.zone.j2

diff --git a/group_vars/nsdservers.yml b/group_vars/nsdservers.yml
index 7710e6d..ae34d48 100644
--- a/group_vars/nsdservers.yml
+++ b/group_vars/nsdservers.yml
@@ -6,7 +6,6 @@ zones:
   - name: libertus.eu
   - name: mateu.be
   - name: monder.ch
-    parking: true
   - name: nintendojo.fr
   - name: nintendojofr.com
   - name: nouvelempire.net
diff --git a/roles/nsd/templates/zones/mateu.be.zone.j2 b/roles/nsd/templates/zones/mateu.be.zone.j2
index fc97179..16ed673 100644
--- a/roles/nsd/templates/zones/mateu.be.zone.j2
+++ b/roles/nsd/templates/zones/mateu.be.zone.j2
@@ -69,14 +69,16 @@ nsd-master1.ext		IN A 51.158.245.194
 nsd-master1-v4.ext		IN A 51.158.245.194
 nsd-master1.ext		IN AAAA 2001:bc8:5090:79b:dc00:ff:fe25:ad75
 nsd-master1-v6.ext		IN AAAA 2001:bc8:5090:79b:dc00:ff:fe25:ad75
+nsd2.ext		IN A 51.158.245.181
+nsd2.ext		IN AAAA 2001:bc8:5090:98b:dc00:ff:fe29:cc5f
 patoche.ext		IN A 51.159.156.201
 patoche.ext		IN AAAA 2001:bc8:1210:2efc:dc00:ff:fe4e:ef53
-utcsto1.dmz		IN A 10.233.212.30
-utcsto1.dmz		IN AAAA 2a01:e0a:9bd:2811::30
-utcapp1.dmz		IN A 10.233.212.31
-utcapp1.dmz		IN AAAA 2a01:e0a:9bd:2811::31
-utcapp2.dmz		IN A 10.233.212.32
-utcapp2.dmz		IN AAAA 2a01:e0a:9bd:2811::32
+sto1.utc.dmz		IN A 10.233.212.30
+sto1.utc.dmz		IN AAAA 2a01:e0a:9bd:2811::30
+app1.utc.dmz		IN A 10.233.212.31
+app1.utc.dmz		IN AAAA 2a01:e0a:9bd:2811::31
+app2.utc.dmz		IN A 10.233.212.32
+app2.utc.dmz		IN AAAA 2a01:e0a:9bd:2811::32
 pt1.dmz		IN A 82.66.135.228
 pt1.dmz		IN AAAA 2a01:e0a:9bd:2811::20
 pt-runner1.ext		IN AAAA 2001:bc8:1d90:b77:dc00:ff:fe17:bc83
diff --git a/roles/nsd/templates/zones/monder.ch.zone.j2 b/roles/nsd/templates/zones/monder.ch.zone.j2
new file mode 100644
index 0000000..47fcbd1
--- /dev/null
+++ b/roles/nsd/templates/zones/monder.ch.zone.j2
@@ -0,0 +1,20 @@
+$TTL 86400
+@		IN SOA {{ groups['master_nsdservers'] | first }}. tech.ovh.net. (
+				{{ dns_serial }}; timestamp serial number
+				28800; Refresh
+				7200; Retry
+				864000; Expire
+				86400; Min TTL
+			)
+
+{% for server in groups['nsdservers'] %}
+@		IN NS {{ server }}.
+{% endfor %}
+
+$ORIGIN {{ item.name }}.
+@		IN CAA 0 issue ";"
+@		IN MX 0 .
+@		IN TXT "v=spf1 -all"
+@		IN TXT "spf2.0/mfrom -all"
+_dmarc		IN TXT "v=DMARC1;p=reject;pct=100;sp=reject;aspf=s;"
+dans		IN NS nsd2.ext.mateu.be.