Commit graph

8 commits

Author SHA1 Message Date
bfb7b25fa6
dnscontrol: Add back the A record
Without an IPv4 address we seem to have trouble with some networks
being able to resolve our domain. We are not ready for IPv6 only
setting. This might also be creating problem of federating our
mastodon instance with other networks.

Would have loved to save 0.6 Euro on Hetzner by being IPv6 only.
2023-01-23 08:51:49 +05:30
54c13168f7
dnscontrol: Add TXT record for verification with keyoxide 2022-12-17 11:20:17 +05:30
64bcce439f dnscontrol: Add our public key as a TXT record 2022-12-16 17:01:14 +05:30
cb058dd515 dnscontrol: Use keys.openpgpkey.org for WKD as a service
keys.openpgp.org can act as a WKD server, with a CNAME record for
the subdomain ‘openpgpkey’ to their server.

See https://keys.openpgp.org/about/usage#wkd-as-a-service.

This helps us in getting/advertising our public key.

λ: curl 'https://wkd.keys.openpgp.org/status/?domain=openpgpkey.sanchayanmaity.net'
CNAME lookup ok: openpgpkey.sanchayanmaity.net resolves to wkd.keys.openpgp.org

λ: gpg --locate-keys --auto-key-locate clear,nodefault,wkd sanchayanmaity.net
2022-12-16 13:58:29 +05:30
16226ecfde dnscontrol: Add TLSA record
For reference
https://community.letsencrypt.org/t/tlsa-record-changes-with-every-renewal-process-which-breaks-dane/144145
https://gist.github.com/buffrr/609285c952e9cb28f76da168ef8c2ca6
https://www.huque.com/bin/gen_tlsa

Verify with
https://www.huque.com/bin/danecheck
2022-12-14 09:40:13 +05:30
4440f476fc dnscontrol: Use AAAA record
We switched our Hetzner server to use only IPv6 address which saves
us 0.6 euros per month. So switch to the use of AAAA record.
2022-12-12 10:11:20 +05:30
01fb124a49 dnscontrol: .net domain has been migrated to porkbun 2022-12-11 15:04:18 +05:30
49d126e023 dnscontrol: Automate & version control DNS management 2022-12-09 17:41:14 +05:30