The enough.community domain name is registered at Gandi under the user EC8591-GANDI.
After the bind-host virtual machine is created with molecule create -s preprod, click on Glue record management in the Gandi web interface and set ns1 to the IP, i.e. 220.127.116.11 and wait a few minutes. Click on Update DNS and set the DNS1 server to ns1.enough.community and click on Add Gandi’s secondary nameserver which should add a new entry in DNS2: it will automatically act as a secondary DNS.
The bind-host virtual machine should be initialized before any other because everything depends on it.
ansible-playbook -l bind-host \ --private-key infrastructure_key \ -i inventories/common \ enough-community-playbook.yml
The admin mail is hosted at Gandi and is used as the primary contact for all enough.community resources (hosting etc.). In case a password is lost this is the mail receiving the link to reset the password etc.
The enough.community zone is managed on a dedicated virtual machine ns1.enough.community. It is generated via the bind playbook.
- The port udp/53 is open to all but recursion is only allowed for IPs of the enough-community VMs
- An A record is created for all existing VM names
- A CNAME record is created for all VM names without the -host suffix
- Manually maintained records are added to the bind playbook.
- The SPF TXT record help send mail successfully.
The test.enough.community zone is managed on the same dedicated virtual machine ns1.enough.community. It is generated via the bind playbook.
It can be updated locally by the debian user via
nsupdate. This enables
any enough.community’s administrator to setup new preproduction testing
- E - debian@bind-host:~$ nsupdate <<EOF server localhost zone test.enough.community update add bling.test.enough.community. 1800 TXT "Updated by nsupdate" show send quit EOF