X-Git-Url: https://git.openstreetmap.org./dns.git/blobdiff_plain/2cad7d56c750cf529d13f34c7437e74868fecd90..2307aa8063ab0ac6c6711c218ecf2c50a4f6f5d7:/src/openstreetmap-za.js diff --git a/src/openstreetmap-za.js b/src/openstreetmap-za.js index b8904b5..2c68ea8 100644 --- a/src/openstreetmap-za.js +++ b/src/openstreetmap-za.js @@ -2,9 +2,16 @@ D(DOMAIN, REGISTRAR, DnsProvider(PROVIDER), // Publish CAA records indicating that only letsencrypt should issue certificates - CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY), - CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY), - CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"), + CAA_BUILDER({ + label: "@", + iodef: "mailto:hostmaster@openstreetmap.org", + issue: [ + "letsencrypt.org", + ], + issuewild: [ + "letsencrypt.org", + ], + }), // Let the main domain handle the email @@ -12,7 +19,14 @@ D(DOMAIN, REGISTRAR, DnsProvider(PROVIDER), // Delegate SPF policy to the main domain - TXT("@", "v=spf1 include:openstreetmap.org -all"), + SPF_BUILDER({ + label: "@", + parts: [ + "v=spf1", + "include:openstreetmap.org", // main openstreetmap.org spf record + "-all" + ] + }), // Delegate MTA-STS policy to the main domain @@ -24,40 +38,68 @@ D(DOMAIN, REGISTRAR, DnsProvider(PROVIDER), CNAME("www", "www.openstreetmap.org."), CNAME("api", "api.openstreetmap.org."), - // Aerial imagery sites on draco + // Aerial imagery sites on ironbelly - A("aerial", DRACO_IPV4, TTL("10m")), - A("a.aerial", DRACO_IPV4, TTL("10m")), - A("b.aerial", DRACO_IPV4, TTL("10m")), - A("c.aerial", DRACO_IPV4, TTL("10m")), + A("aerial", LOCKHEED_IPV4), + AAAA("aerial", LOCKHEED_IPV6), + A("a.aerial", LOCKHEED_IPV4), + AAAA("a.aerial", LOCKHEED_IPV6), + A("b.aerial", LOCKHEED_IPV4), + AAAA("b.aerial", LOCKHEED_IPV6), + A("c.aerial", LOCKHEED_IPV4), + AAAA("c.aerial", LOCKHEED_IPV6), + + // HTTPS / SVCB records + HTTPS("aerial", 1, ".", "alpn=h2"), + HTTPS("a.aerial", 1, ".", "alpn=h2"), + HTTPS("b.aerial", 1, ".", "alpn=h2"), + HTTPS("c.aerial", 1, ".", "alpn=h2"), // Aerial imagery sites on kessie - A("coct.aerial", KESSIE_IPV4, TTL("30m")), - AAAA("coct.aerial", KESSIE_IPV6, TTL("30m")), - A("a.coct.aerial", KESSIE_IPV4, TTL("30m")), - AAAA("a.coct.aerial", KESSIE_IPV6, TTL("30m")), - A("b.coct.aerial", KESSIE_IPV4, TTL("30m")), - AAAA("b.coct.aerial", KESSIE_IPV6, TTL("30m")), - A("c.coct.aerial", KESSIE_IPV4, TTL("30m")), - AAAA("c.coct.aerial", KESSIE_IPV6, TTL("30m")), - - A("topo", KESSIE_IPV4, TTL("30m")), - AAAA("topo", KESSIE_IPV6, TTL("30m")), - A("a.topo", KESSIE_IPV4, TTL("30m")), - AAAA("a.topo", KESSIE_IPV6, TTL("30m")), - A("b.topo", KESSIE_IPV4, TTL("30m")), - AAAA("b.topo", KESSIE_IPV6, TTL("30m")), - A("c.topo", KESSIE_IPV4, TTL("30m")), - AAAA("c.topo", KESSIE_IPV6, TTL("30m")), - - A("namibia-topo", KESSIE_IPV4, TTL("30m")), - AAAA("namibia-topo", KESSIE_IPV6, TTL("30m")), - A("a.namibia-topo", KESSIE_IPV4, TTL("30m")), - AAAA("a.namibia-topo", KESSIE_IPV6, TTL("30m")), - A("b.namibia-topo", KESSIE_IPV4, TTL("30m")), - AAAA("b.namibia-topo", KESSIE_IPV6, TTL("30m")), - A("c.namibia-topo", KESSIE_IPV4, TTL("30m")), - AAAA("c.namibia-topo", KESSIE_IPV6, TTL("30m")) + A("coct.aerial", KESSIE_IPV4), + AAAA("coct.aerial", KESSIE_IPV6), + A("a.coct.aerial", KESSIE_IPV4), + AAAA("a.coct.aerial", KESSIE_IPV6), + A("b.coct.aerial", KESSIE_IPV4), + AAAA("b.coct.aerial", KESSIE_IPV6), + A("c.coct.aerial", KESSIE_IPV4), + AAAA("c.coct.aerial", KESSIE_IPV6), + + // HTTPS / SVCB records + HTTPS("coct.aerial", 1, ".", "alpn=h2"), + HTTPS("a.coct.aerial", 1, ".", "alpn=h2"), + HTTPS("b.coct.aerial", 1, ".", "alpn=h2"), + HTTPS("c.coct.aerial", 1, ".", "alpn=h2"), + + A("topo", KESSIE_IPV4), + AAAA("topo", KESSIE_IPV6), + A("a.topo", KESSIE_IPV4), + AAAA("a.topo", KESSIE_IPV6), + A("b.topo", KESSIE_IPV4), + AAAA("b.topo", KESSIE_IPV6), + A("c.topo", KESSIE_IPV4), + AAAA("c.topo", KESSIE_IPV6), + + // HTTPS / SVCB records + HTTPS("topo", 1, ".", "alpn=h2"), + HTTPS("a.topo", 1, ".", "alpn=h2"), + HTTPS("b.topo", 1, ".", "alpn=h2"), + HTTPS("c.topo", 1, ".", "alpn=h2"), + + A("namibia-topo", KESSIE_IPV4), + AAAA("namibia-topo", KESSIE_IPV6), + A("a.namibia-topo", KESSIE_IPV4), + AAAA("a.namibia-topo", KESSIE_IPV6), + A("b.namibia-topo", KESSIE_IPV4), + AAAA("b.namibia-topo", KESSIE_IPV6), + A("c.namibia-topo", KESSIE_IPV4), + AAAA("c.namibia-topo", KESSIE_IPV6), + + // HTTPS / SVCB records + HTTPS("namibia-topo", 1, ".", "alpn=h2"), + HTTPS("a.namibia-topo", 1, ".", "alpn=h2"), + HTTPS("b.namibia-topo", 1, ".", "alpn=h2"), + HTTPS("c.namibia-topo", 1, ".", "alpn=h2") );