]> git.openstreetmap.org Git - dns.git/blob - src/openstreetmap.js
projects / dns.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix SPF for osmfoundation (otrs). Remove record duplication
[dns.git] / src / openstreetmap.js
1 D(DOMAIN, REGISTRAR, DnsProvider(PROVIDER),
2
3   // Publish CAA records indicating that only letsencrypt and globalsign (Fastly) should issue certificates
4
5   CAA_BUILDER({
6     label: "@",
7     ttl: "1h",
8     iodef: "mailto:hostmaster@openstreetmap.org",
9     issue: [
10       "letsencrypt.org",
11       "globalsign.com",   // Used by Fastly for CDN certificates
12     ],
13     issuewild: [
14       "letsencrypt.org",
15       "globalsign.com",   // Used by Fastly for CDN certificates
16     ],
17   }),
18
19   // Mail service
20
21   MX("@", 10, QUALIFY("a.mx")),
22   MX("messages", 10, QUALIFY("a.mx")),
23   MX("noreply", 10, QUALIFY("a.mx")),
24   MX("otrs", 10, QUALIFY("a.mx")),
25   MX("community", 10, QUALIFY("a.mx")),
26   MX("supporting", 10, QUALIFY("a.mx")),
27
28   A("a.mx", IPV4["fafnir.he"]),
29   AAAA("a.mx", IPV6["fafnir.he"]),
30   A("mail", IPV4["fafnir.he"]),
31   AAAA("mail", IPV6["fafnir.he"]),
32   A("mta-sts", IPV4["fafnir.he"]),
33   AAAA("mta-sts", IPV6["fafnir.he"]),
34
35   // Publish SPF records indicating that only shenron sends mail
36
37   SPF_BUILDER({
38     label: "@",
39     parts: [
40       "v=spf1",
41       "ip4:184.104.226.98",         // fafnir ipv4 (he.net)
42       "ip6:2001:470:1:b3b::2",      // fafnir ipv6 (he.net)
43       "ip4:87.252.214.98",          // fafnir ipv4 (equinix)
44       "ip6:2001:4d78:fe03:1c::2",   // fafnir ipv6 (equinix)
45       "ip4:193.60.236.0/24",        // ucl external
46       "ip4:82.199.86.96/27",        // amsterdam external (equinix)
47       "ip6:2001:4d78:500:5e3::/64", // amsterdam external (equinix)
48       "ip4:87.252.214.96/27",       // dublin external (equinix)
49       "ip6:2001:4d78:fe03:1c::/64", // dublin external (equinix)
50       "ip4:184.104.179.128/27",     // amsterdam external (he.net)
51       "ip6:2001:470:1:fa1::/64",    // amsterdam external (he.net)
52       "ip4:184.104.226.96/27",      // dublin external (he.net)
53       "ip6:2001:470:1:b3b::/64",    // dublin external (he.net)
54       "mx",                         // safety net if we change mx
55       "-all"
56     ]
57   }),
58
59   SPF_BUILDER({
60     label: "messages",
61     parts: [
62       "v=spf1",
63       "include:openstreetmap.org",  // main openstreetmap.org spf record
64       "-all"
65     ]
66   }),
67
68   SPF_BUILDER({
69     label: "noreply",
70     parts: [
71       "v=spf1",
72       "include:openstreetmap.org",  // main openstreetmap.org spf record
73       "-all"
74     ]
75   }),
76
77   SPF_BUILDER({
78     label: "otrs",
79     parts: [
80       "v=spf1",
81       "include:openstreetmap.org",  // main openstreetmap.org spf record
82       "-all"
83     ]
84   }),
85
86   SPF_BUILDER({
87     label: "community",
88     parts: [
89       "v=spf1",
90       "include:openstreetmap.org",  // main openstreetmap.org spf record
91       "-all"
92     ]
93   }),
94
95   SPF_BUILDER({
96     label: "supporting",
97     parts: [
98       "v=spf1",
99       "include:openstreetmap.org",  // main openstreetmap.org spf record
100       "-all"
101     ]
102   }),
103
104   // Publish DKIM public key
105
106   TXT("20200301._domainkey", "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvoNZVOGfw1V4A171hxHMhzVTAnIUQVJ8iX3wbqCld8A5iIaXeTGYvBmewymax/cYJS4QqzbpUzkgrrTA9avuZhd+QGJDgjADgx4VyMOaOS6FwAxS0uXtLrt+lsixRDx/feKyZHaxjzJAQy46ok77xXL4UXIaaovw6G6eZpIScMzZQ2zkKNJxTICzzSOduIilHhMWte4XP+/2PdRmD7Ge9jb0U4bZjswX0AqKSGzDKYw+yxVna9l53adeCnklqg2ofoXu+ResiH+kt05aCUOMo8en3em6yBnRCMalgi1E3Tt7I5BWcYFRkT/8agUGW4gGC6XMV9IskOsYL0emG0kGwIDAQAB", AUTOSPLIT),
107
108   // Publish DMARC report-only policy
109
110   DMARC_BUILDER({
111     policy: "none",
112     rua: [
113       "mailto:openstreetmap-d@dmarc.report-uri.com"
114     ],
115     failureOptions: 1
116   }),
117
118   // Announce MTA-STS policy and TLSRPT policy for error reports
119
120   TXT("_mta-sts", "v=STSv1; id=202001291805Z"),
121   TXT("_smtp._tls", "v=TLSRPTv1; rua=mailto:openstreetmap-d@tlsrpt.report-uri.com"),
122
123   // Fastly cert domain ownership confirmation
124
125   TXT("@", "_globalsign-domain-verification=ps00GlW1BzY9c2_cwH_pFqRkvzZyaCVZ-3RLssRG6S"),
126   TXT("@", "_globalsign-domain-verification=W0buKB5ZmL-VwwHw2oQyQImk3I1q3hSemf2qmB1hjP"),
127
128   // Facebook Business domain verification
129
130   TXT("@", "facebook-domain-verification=j5hix5i8r0kortfugqf2p9wx9x9by0"),
131
132   // Bluesky domain verification
133
134   TXT("_atproto", "did=did:plc:i6llv7iwybeipknl57v4dalb"),
135
136   // Delegate MTA-STS policy for subdomains
137
138   CNAME("_mta-sts.messages", QUALIFY("_mta-sts")),
139   CNAME("_mta-sts.noreply", QUALIFY("_mta-sts")),
140   CNAME("_mta-sts.otrs", QUALIFY("_mta-sts")),
141   CNAME("_mta-sts.community", QUALIFY("_mta-sts")),
142   CNAME("_mta-sts.supporting", QUALIFY("_mta-sts")),
143
144   // Google postmaster tools verification
145
146   CNAME("af323lytato5", "gv-o4v3qh5pfayqex.dv.googlehosted.com."),
147   CNAME("irzdddnmh465", "gv-cwr6bvt7xsgact.dv.googlehosted.com."),
148
149   // Main web servers and their aliases
150
151   HTTPS("www", 1, ".", "alpn=h2"),
152   HTTPS("api", 1, ".", "alpn=h2"),
153   HTTPS("maps", 1, ".", "alpn=h2"),
154   HTTPS("mapz", 1, ".", "alpn=h2"),
155
156   // A("@", IPV4["spike-01.he"]),
157   // AAAA("@", IPV6["spike-01.he"]),
158   // A("www", IPV4["spike-01.he"]),
159   // AAAA("www", IPV6["spike-01.he"]),
160   // A("api", IPV4["spike-01.he"]),
161   // AAAA("api", IPV6["spike-01.he"]),
162   // A("maps", IPV4["spike-01.he"]),
163   // AAAA("maps", IPV6["spike-01.he"]),
164   // A("mapz", IPV4["spike-01.he"]),
165   // AAAA("mapz", IPV6["spike-01.he"]),
166
167   // A("@", IPV4["spike-02.he"]),
168   // AAAA("@", IPV6["spike-02.he"]),
169   // A("www", IPV4["spike-02.he"]),
170   // AAAA("www", IPV6["spike-02.he"]),
171   // A("api", IPV4["spike-02.he"]),
172   // AAAA("api", IPV6["spike-02.he"]),
173   // A("maps", IPV4["spike-02.he"]),
174   // AAAA("maps", IPV6["spike-02.he"]),
175   // A("mapz", IPV4["spike-02.he"]),
176   // AAAA("mapz", IPV6["spike-02.he"]),
177
178   // A("@", IPV4["spike-03.he"]),
179   // AAAA("@", IPV6["spike-03.he"]),
180   // A("www", IPV4["spike-03.he"]),
181   // AAAA("www", IPV6["spike-03.he"]),
182   // A("api", IPV4["spike-03.he"]),
183   // AAAA("api", IPV6["spike-03.he"]),
184   // A("maps", IPV4["spike-03.he"]),
185   // AAAA("maps", IPV6["spike-03.he"]),
186   // A("mapz", IPV4["spike-03.he"]),
187   // AAAA("mapz", IPV6["spike-03.he"]),
188
189   A("@", IPV4["spike-06"], CF_PROXY_ON),
190   AAAA("@", IPV6["spike-06"], CF_PROXY_ON),
191   A("www", IPV4["spike-06"], CF_PROXY_ON),
192   AAAA("www", IPV6["spike-06"], CF_PROXY_ON),
193   A("api", IPV4["spike-06"], CF_PROXY_ON),
194   AAAA("api", IPV6["spike-06"], CF_PROXY_ON),
195   A("maps", IPV4["spike-06"], CF_PROXY_ON),
196   AAAA("maps", IPV6["spike-06"], CF_PROXY_ON),
197   A("mapz", IPV4["spike-06"], CF_PROXY_ON),
198   AAAA("mapz", IPV6["spike-06"], CF_PROXY_ON),
199
200   A("@", IPV4["spike-07"], CF_PROXY_ON),
201   AAAA("@", IPV6["spike-07"], CF_PROXY_ON),
202   A("www", IPV4["spike-07"], CF_PROXY_ON),
203   AAAA("www", IPV6["spike-07"], CF_PROXY_ON),
204   A("api", IPV4["spike-07"], CF_PROXY_ON),
205   AAAA("api", IPV6["spike-07"], CF_PROXY_ON),
206   A("maps", IPV4["spike-07"], CF_PROXY_ON),
207   AAAA("maps", IPV6["spike-07"], CF_PROXY_ON),
208   A("mapz", IPV4["spike-07"], CF_PROXY_ON),
209   AAAA("mapz", IPV6["spike-07"], CF_PROXY_ON),
210
211   A("@", IPV4["spike-08"], CF_PROXY_ON),
212   AAAA("@", IPV6["spike-08"], CF_PROXY_ON),
213   A("www", IPV4["spike-08"], CF_PROXY_ON),
214   AAAA("www", IPV6["spike-08"], CF_PROXY_ON),
215   A("api", IPV4["spike-08"], CF_PROXY_ON),
216   AAAA("api", IPV6["spike-08"], CF_PROXY_ON),
217   A("maps", IPV4["spike-08"], CF_PROXY_ON),
218   AAAA("maps", IPV6["spike-08"], CF_PROXY_ON),
219   A("mapz", IPV4["spike-08"], CF_PROXY_ON),
220   AAAA("mapz", IPV6["spike-08"], CF_PROXY_ON),
221
222   // Nominatim servers
223
224   CNAME("nominatim", "nominatim.geo.openstreetmap.org."),
225   CNAME("qgis.nominatim", "nominatim.geo.openstreetmap.org."),
226   CNAME("qa-tile.nominatim", "longma.openstreetmap.org."),
227
228   // Tile servers
229
230   CNAME("tile", "dualstack.n.sni.global.fastly.net."),
231   CNAME("a.tile", "dualstack.n.sni.global.fastly.net."),
232   CNAME("b.tile", "dualstack.n.sni.global.fastly.net."),
233   CNAME("c.tile", "dualstack.n.sni.global.fastly.net."),
234
235   A("render", IPV4["culebre.he"]),
236   A("render", IPV4["nidhogg"]),
237   AAAA("render", IPV6["culebre.he"]),
238   AAAA("render", IPV6["nidhogg"]),
239
240   // Vector tile servers
241
242   CNAME("vector", "dualstack.n.sni.global.fastly.net."),
243
244   // Planet servers
245
246   HTTPS("planet", 1, ".", "alpn=h2"),
247
248   A("backup", IPV4["norbert"]),
249   AAAA("backup", IPV6["norbert"]),
250   A("planet", IPV4["norbert"]),
251   AAAA("planet", IPV6["norbert"]),
252
253   // A("backup", IPV4["horntail.he"]),
254   // AAAA("backup", IPV6["horntail.he"]),
255   // A("planet", IPV4["horntail.he"]),
256   // AAAA("planet", IPV6["horntail.he"]),
257
258   // Development server with wildcard alias for user sites
259
260   A("dev", IPV4["faffy"]),
261   AAAA("dev", IPV6["faffy"]),
262   A("*.dev", IPV4["faffy"]),
263   AAAA("*.dev", IPV6["faffy"]),
264   A("ooc", IPV4["faffy"]),
265   AAAA("ooc", IPV6["faffy"]),
266   A("a.ooc", IPV4["faffy"]),
267   AAAA("a.ooc", IPV6["faffy"]),
268   A("b.ooc", IPV4["faffy"]),
269   AAAA("b.ooc", IPV6["faffy"]),
270   A("c.ooc", IPV4["faffy"]),
271   AAAA("c.ooc", IPV6["faffy"]),
272   A("npe", IPV4["faffy"]),
273   AAAA("npe", IPV6["faffy"]),
274
275   // Foundation server
276
277   HTTPS("blog", 1, ".", "alpn=h2"),
278   HTTPS("foundation", 1, ".", "alpn=h2"),
279
280   A("blog", IPV4["ridley"]),
281   A("foundation", IPV4["ridley"]),
282
283   // Matomo server
284
285   HTTPS("matomo", 1, ".", "alpn=h2"),
286   HTTPS("piwik", 1, ".", "alpn=h2"),
287
288   A("matomo", IPV4["smaug.he"]),
289   AAAA("matomo", IPV6["smaug.he"]),
290   A("piwik", IPV4["smaug.he"]),
291   AAAA("piwik", IPV6["smaug.he"]),
292
293   // Imagery servers
294
295   HTTPS("agri", 1, ".", "alpn=h2"),
296   HTTPS("a.agri", 1, ".", "alpn=h2"),
297   HTTPS("b.agri", 1, ".", "alpn=h2"),
298   HTTPS("c.agri", 1, ".", "alpn=h2"),
299
300   A("agri", IPV4["lockheed"]),
301   AAAA("agri", IPV6["lockheed"]),
302   A("a.agri", IPV4["lockheed"]),
303   AAAA("a.agri", IPV6["lockheed"]),
304   A("b.agri", IPV4["lockheed"]),
305   AAAA("b.agri", IPV6["lockheed"]),
306   A("c.agri", IPV4["lockheed"]),
307   AAAA("c.agri", IPV6["lockheed"]),
308
309   HTTPS("act-imagery", 1, ".", "alpn=h2"),
310   HTTPS("a.act-imagery", 1, ".", "alpn=h2"),
311   HTTPS("b.act-imagery", 1, ".", "alpn=h2"),
312   HTTPS("c.act-imagery", 1, ".", "alpn=h2"),
313
314   A("act-imagery", IPV4["lockheed"]),
315   AAAA("act-imagery", IPV6["lockheed"]),
316   A("a.act-imagery", IPV4["lockheed"]),
317   AAAA("a.act-imagery", IPV6["lockheed"]),
318   A("b.act-imagery", IPV4["lockheed"]),
319   AAAA("b.act-imagery", IPV6["lockheed"]),
320   A("c.act-imagery", IPV4["lockheed"]),
321   AAAA("c.act-imagery", IPV6["lockheed"]),
322
323   HTTPS("au-vic-melbourne-imagery", 1, ".", "alpn=h2"),
324   HTTPS("a.au-vic-melbourne-imagery", 1, ".", "alpn=h2"),
325   HTTPS("b.au-vic-melbourne-imagery", 1, ".", "alpn=h2"),
326   HTTPS("c.au-vic-melbourne-imagery", 1, ".", "alpn=h2"),
327
328   A("au-vic-melbourne-imagery", IPV4["lockheed"]),
329   AAAA("au-vic-melbourne-imagery", IPV6["lockheed"]),
330   A("a.au-vic-melbourne-imagery", IPV4["lockheed"]),
331   AAAA("a.au-vic-melbourne-imagery", IPV6["lockheed"]),
332   A("b.au-vic-melbourne-imagery", IPV4["lockheed"]),
333   AAAA("b.au-vic-melbourne-imagery", IPV6["lockheed"]),
334   A("c.au-vic-melbourne-imagery", IPV4["lockheed"]),
335   AAAA("c.au-vic-melbourne-imagery", IPV6["lockheed"]),
336
337   HTTPS("os", 1, ".", "alpn=h2"),
338   HTTPS("a.os", 1, ".", "alpn=h2"),
339   HTTPS("b.os", 1, ".", "alpn=h2"),
340   HTTPS("c.os", 1, ".", "alpn=h2"),
341
342   A("os", IPV4["lockheed"]),
343   AAAA("os", IPV6["lockheed"]),
344   A("a.os", IPV4["lockheed"]),
345   AAAA("a.os", IPV6["lockheed"]),
346   A("b.os", IPV4["lockheed"]),
347   AAAA("b.os", IPV6["lockheed"]),
348   A("c.os", IPV4["lockheed"]),
349   AAAA("c.os", IPV6["lockheed"]),
350
351   HTTPS("tiler", 1, ".", "alpn=h2"),
352   HTTPS("us-imagery", 1, ".", "alpn=h2"),
353   HTTPS("a.us-imagery", 1, ".", "alpn=h2"),
354   HTTPS("b.us-imagery", 1, ".", "alpn=h2"),
355   HTTPS("c.us-imagery", 1, ".", "alpn=h2"),
356
357   A("tiler", IPV4["lockheed"]),
358   AAAA("tiler", IPV6["lockheed"]),
359   A("us-imagery", IPV4["lockheed"]),
360   AAAA("us-imagery", IPV6["lockheed"]),
361   A("a.us-imagery", IPV4["lockheed"]),
362   AAAA("a.us-imagery", IPV6["lockheed"]),
363   A("b.us-imagery", IPV4["lockheed"]),
364   AAAA("b.us-imagery", IPV6["lockheed"]),
365   A("c.us-imagery", IPV4["lockheed"]),
366   AAAA("c.us-imagery", IPV6["lockheed"]),
367
368   // Prometheus server and munin redirect
369
370   HTTPS("prometheus", 1, ".", "alpn=h2"),
371   HTTPS("munin", 1, ".", "alpn=h2"),
372
373   A("prometheus", IPV4["stormfly-03"]),
374   AAAA("prometheus", IPV6["stormfly-03"]),
375   A("munin", IPV4["stormfly-03"]),
376   AAAA("munin", IPV6["stormfly-03"]),
377
378   // Management server
379
380   HTTPS("acme", 1, ".", "alpn=h2"),
381   HTTPS("chef", 1, ".", "alpn=h2"),
382   HTTPS("dns", 1, ".", "alpn=h2"),
383   HTTPS("git", 1, ".", "alpn=h2"),
384   HTTPS("hardware", 1, ".", "alpn=h2"),
385
386   A("acme", IPV4["idris.he"]),
387   AAAA("acme", IPV6["idris.he"]),
388   A("apt", IPV4["idris.he"]),
389   AAAA("apt", IPV6["idris.he"]),
390   A("chef", IPV4["idris.he"]),
391   AAAA("chef", IPV6["idris.he"]),
392   A("dns", IPV4["idris.he"]),
393   AAAA("dns", IPV6["idris.he"]),
394   A("git", IPV4["idris.he"]),
395   AAAA("git", IPV6["idris.he"]),
396   A("hardware", IPV4["idris.he"]),
397   AAAA("hardware", IPV6["idris.he"]),
398
399   // Bytemark machine, and the services which operate from it
400
401   HTTPS("lists", 1, ".", "alpn=h2"),
402   HTTPS("help", 1, ".", "alpn=h2"),
403
404   A("lists", IPV4["shenron"]),
405   AAAA("lists", IPV6["shenron"]),
406   A("help", IPV4["shenron"]),
407   AAAA("help", IPV6["shenron"]),
408
409   // Naga services
410
411   HTTPS("svn", 1, ".", "alpn=h2"),
412   HTTPS("trac", 1, ".", "alpn=h2"),
413   HTTPS("irc", 1, ".", "alpn=h2"),
414   HTTPS("blogs", 1, ".", "alpn=h2"),
415   HTTPS("welcome", 1, ".", "alpn=h2"),
416   HTTPS("operations", 1, ".", "alpn=h2"),
417   HTTPS("hot", 1, ".", "alpn=h2"),
418   HTTPS("dmca", 1, ".", "alpn=h2"),
419   // HTTPS("otrs", 1, ".", "alpn=h2"), - OTRS is not available using HTTPS/2
420   HTTPS("birthday20", 1, ".", "alpn=h2"),
421
422   A("svn", IPV4["naga.he"]),
423   AAAA("svn", IPV6["naga.he"]),
424   A("trac", IPV4["naga.he"]),
425   AAAA("trac", IPV6["naga.he"]),
426   A("irc", IPV4["naga.he"]),
427   AAAA("irc", IPV6["naga.he"]),
428   A("blogs", IPV4["naga.he"]),
429   AAAA("blogs", IPV6["naga.he"]),
430   A("welcome", IPV4["naga.he"]),
431   AAAA("welcome", IPV6["naga.he"]),
432   A("operations", IPV4["naga.he"]),
433   AAAA("operations", IPV6["naga.he"]),
434   A("hot", IPV4["naga.he"]),
435   AAAA("hot", IPV6["naga.he"]),
436   A("dmca", IPV4["naga.he"]),
437   AAAA("dmca", IPV6["naga.he"]),
438   A("otrs", IPV4["naga.he"]),
439   AAAA("otrs", IPV6["naga.he"]),
440   A("birthday20", IPV4["naga.he"]),
441   AAAA("birthday20", IPV6["naga.he"]),
442
443   // Wiki servers
444
445   HTTPS("wiki", 1, ".", "alpn=h2"),
446
447   A("wiki", IPV4["konqi.he"]),
448   AAAA("wiki", IPV6["konqi.he"]),
449
450   // Overpass server
451
452   HTTPS("query", 1, ".", "alpn=h2"),
453
454   A("query", IPV4["grisu.he"]),
455   AAAA("query", IPV6["grisu.he"]),
456
457   // GPS tile server
458
459   HTTPS("gps-tile", 1, ".", "alpn=h2"),
460   HTTPS("a.gps-tile", 1, ".", "alpn=h2"),
461   HTTPS("b.gps-tile", 1, ".", "alpn=h2"),
462   HTTPS("c.gps-tile", 1, ".", "alpn=h2"),
463   HTTPS("gps-a.tile", 1, ".", "alpn=h2"),
464   HTTPS("gps-b.tile", 1, ".", "alpn=h2"),
465   HTTPS("gps-c.tile", 1, ".", "alpn=h2"),
466
467   A("gps-tile", IPV4["muirdris.he"]),
468   AAAA("gps-tile", IPV6["muirdris.he"]),
469   A("a.gps-tile", IPV4["muirdris.he"]),
470   AAAA("a.gps-tile", IPV6["muirdris.he"]),
471   A("b.gps-tile", IPV4["muirdris.he"]),
472   AAAA("b.gps-tile", IPV6["muirdris.he"]),
473   A("c.gps-tile", IPV4["muirdris.he"]),
474   AAAA("c.gps-tile", IPV6["muirdris.he"]),
475   A("gps.tile", IPV4["muirdris.he"]),
476   AAAA("gps.tile", IPV6["muirdris.he"]),
477   A("gps-a.tile", IPV4["muirdris.he"]),
478   AAAA("gps-a.tile", IPV6["muirdris.he"]),
479   A("gps-b.tile", IPV4["muirdris.he"]),
480   AAAA("gps-b.tile", IPV6["muirdris.he"]),
481   A("gps-c.tile", IPV4["muirdris.he"]),
482   AAAA("gps-c.tile", IPV6["muirdris.he"]),
483
484   // Donation site and new OSMF crm site
485
486   HTTPS("donate", 1, ".", "alpn=h2"),
487   HTTPS("support", 1, ".", "alpn=h2"),
488   HTTPS("supporting", 1, ".", "alpn=h2"),
489
490   A("donate", IPV4["ridley"]),
491   A("support", IPV4["ridley"]),
492   A("supporting", IPV4["ridley"]),
493
494   // Discourse server ("community")
495
496   HTTPS("community", 1, ".", "alpn=h2"),
497   HTTPS("communities", 1, ".", "alpn=h2"),
498   HTTPS("c", 1, ".", "alpn=h2"),
499
500   A("community", IPV4["fume.he"]),
501   A("communities", IPV4["fume.he"]),
502   A("c", IPV4["fume.he"]),
503   AAAA("community", IPV6["fume.he"]),
504   AAAA("communities", IPV6["fume.he"]),
505   AAAA("c", IPV6["fume.he"]),
506
507   CNAME("community-cdn", "dualstack.n.sni.global.fastly.net."),
508   TXT("community", "google-site-verification=hQ8GZyj4KwnPqAX2oAzpbLrh6I5dfR08PSdL3icVkfg"),
509
510   HTTPS("forum", 1, ".", "alpn=h2"),
511
512   A("forum", IPV4["fume.he"]),
513   AAAA("forum", IPV6["fume.he"]),
514
515   // Taginfo and Staging Blog Server
516
517   HTTPS("taginfo", 1, ".", "alpn=h2"),
518
519   A("taginfo", IPV4["tabaluga"]),
520   AAAA("taginfo", IPV6["tabaluga"]),
521
522   HTTPS("staging.blog", 1, ".", "alpn=h2"),
523
524   A("staging.blog", IPV4["tabaluga"]),
525   AAAA("staging.blog", IPV6["tabaluga"])
526
527 );
OpenStreetMap DNS