Commit graph

5 commits

Author SHA1 Message Date
cb058dd515 dnscontrol: Use keys.openpgpkey.org for WKD as a service
keys.openpgp.org can act as a WKD server, with a CNAME record for
the subdomain ‘openpgpkey’ to their server.

See https://keys.openpgp.org/about/usage#wkd-as-a-service.

This helps us in getting/advertising our public key.

λ: curl 'https://wkd.keys.openpgp.org/status/?domain=openpgpkey.sanchayanmaity.net'
CNAME lookup ok: openpgpkey.sanchayanmaity.net resolves to wkd.keys.openpgp.org

λ: gpg --locate-keys --auto-key-locate clear,nodefault,wkd sanchayanmaity.net
2022-12-16 13:58:29 +05:30
16226ecfde dnscontrol: Add TLSA record
For reference
https://community.letsencrypt.org/t/tlsa-record-changes-with-every-renewal-process-which-breaks-dane/144145
https://gist.github.com/buffrr/609285c952e9cb28f76da168ef8c2ca6
https://www.huque.com/bin/gen_tlsa

Verify with
https://www.huque.com/bin/danecheck
2022-12-14 09:40:13 +05:30
4440f476fc dnscontrol: Use AAAA record
We switched our Hetzner server to use only IPv6 address which saves
us 0.6 euros per month. So switch to the use of AAAA record.
2022-12-12 10:11:20 +05:30
01fb124a49 dnscontrol: .net domain has been migrated to porkbun 2022-12-11 15:04:18 +05:30
49d126e023 dnscontrol: Automate & version control DNS management 2022-12-09 17:41:14 +05:30