Hi Julien,
Julien Lepiller <address@hidden> skribis:
we've already discussed that multiple times, we'd like to have a DNS
delegation for guix.gnu.org, so that we can manage the zone ourselves
without having to rely too much on fsf sysadmins.
Here is a patch (untested) that aims at doing that. I've configured
bayfront and berlin to be DNS authoritative servers. bayfront is the
master (it is the one that needs to be updated when a change happens
in
the zone), and berlin is set as slave (it will automatically follow
changes in bayfront). I've enabled dnssec on bayfront, since it's the
one that's going to sign the zone, and transfer signatures to its
slave.
Cool, thanks for working on it!
Currently the zone (in modules/sysadmin/dns.scm) is incomplete. What
needs to be there?
I guess we’d need to have roughly the same entries as we currently have
on guix.info, so what you wrote is a good start and we can always
adjust
later.
From 331a85e469579c02a3fc338a6fb0bade3916c666 Mon Sep 17 00:00:00 2001
From: Julien Lepiller <address@hidden>
Date: Mon, 4 Mar 2019 22:00:22 +0100
Subject: [PATCH] hydra: Add dns services for guix.gnu.org.
* hydra/bayfront.scm (services): Add knot-service.
* hydra/berlin.scm (services): Add knot-service.
* hydra/modules/sysadmin/dns.scm: New file.
So it looks like this does the work on the Guix side.
We now need to get the gnu.org admins to delegate to both bayfront and
berlin, is that correct? Anything else we need to do?