Commit initial: récupération et tri rapide
This commit is contained in:
commit
a52829f96c
104 changed files with 11892 additions and 0 deletions
15
Makefile-dnssec-nsec3
Normal file
15
Makefile-dnssec-nsec3
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
# For NSEC3 records, we need 8 random bytes, which means a 16 hexa string
|
||||
SALT := $(shell dd if=/dev/random bs=13 count=1 2>/dev/null | hexdump -v -e '"%02x"' | cut -c 1-16 )
|
||||
|
||||
# There's no easy way to know if bind has been reloaded
|
||||
# after the .signed file has been generated so it will
|
||||
# always reload actually.
|
||||
reload: db.*.signed
|
||||
service bind9 reload
|
||||
# Ou nsdc rebuild && nsdc reload pour NSD
|
||||
|
||||
db.%.signed: db.%
|
||||
@echo Signing requires a lot of entropy in /dev/random, do not hesitate to load the machine...
|
||||
# 5356800 seconds = two months of validity
|
||||
#dnssec-signzone -e +5356800 $^
|
||||
dnssec-signzone -e +7776000 -o $* -K ../keys/ -3 $(SALT) $^
|
||||
Loading…
Add table
Add a link
Reference in a new issue