--- /dev/null
+# editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_trailing_newline = true
libjson-xs-perl \
jq \
less \
- curl
+ curl \
+ ca-certificates
-RUN curl -fsSL https://github.com/StackExchange/dnscontrol/releases/download/v3.3.0/dnscontrol-Linux -o /usr/local/bin/dnscontrol \
- && chmod +x /usr/local/bin/dnscontrol \
- && /usr/local/bin/dnscontrol version
+RUN curl -fsSL https://github.com/StackExchange/dnscontrol/releases/download/v3.13.0/dnscontrol_3.13.0_amd64.deb -o /tmp/dnscontrol.deb \
+ && apt install /tmp/dnscontrol.deb -y
WORKDIR /dns
ADD . .
-RUN make
+RUN make preview
VOLUME ["/dns/data"]
sshfp:
bin/mksshfp
-gdns: gdns_tile gdns_render gdns_nominatim
-
-gdns_tile: lib/countries.xml origins/tile.openstreetmap.yml
- bin/mkgeo origins/tile.openstreetmap.yml src/tile.openstreetmap.yml tile origins/render.openstreetmap.yml tile
-
-gdns_render: lib/countries.xml origins/render.openstreetmap.yml
- bin/mkgeo origins/render.openstreetmap.yml src/render.openstreetmap.yml render origins/tile-total.openstreetmap.yml
+gdns: gdns_nominatim
gdns_nominatim: lib/countries.xml origins/nominatim.openstreetmap.yml
bin/mkgeo origins/nominatim.openstreetmap.yml src/nominatim.openstreetmap.yml nominatim origins/nominatim-total.openstreetmap.yml nominatim
lib/countries.xml:
curl -s -o $@ http://api.geonames.org/countryInfo?username=demo
-origins/tile.openstreetmap.yml: bin/mkcountries lib/countries.xml bandwidth/tile.openstreetmap.yml
- bin/mkcountries bandwidth/tile.openstreetmap.yml origins/tile.openstreetmap.yml
-
-origins/render.openstreetmap.yml: gdns_tile
-
-origins/nominatim.openstreetmap.yml: bin/mkcountries lib/countries.xml bandwidth/nominatim.openstreetmap.yml
- bin/mkcountries bandwidth/nominatim.openstreetmap.yml origins/nominatim.openstreetmap.yml
+origins/nominatim.openstreetmap.yml: bin/mkcountries lib/countries.xml requests/nominatim.openstreetmap.yml
+ bin/mkcountries requests/nominatim.openstreetmap.yml origins/nominatim.openstreetmap.yml
OpenStreetMap DNS
======================================
-This repository contains the DNS zone file templates and related code for managing OpenStreetMap.org and other domain names DNS. The full list of domains are in the [Makefile](Makefile).
+This repository contains the DNS zone templates and related code for managing OpenStreetMap.org and other domain names. The full list of domains managed by this repo are in the [dnsconfig.js](dnsconfig.js) file.
## Standard DNS Zone Files
-The [zone files templates](src/) are in [tinydns-data](http://cr.yp.to/djbdns/tinydns-data.html) syntax and are written out by the [Makefile](Makefile).
+We use [dnscontrol](https://stackexchange.github.io/dnscontrol/) to manage OpenStreetMap DNS. A set of wrapper scripts are used, which are called from the [Makefile](Makefile)
-On a repo commit, a git [post-receive](https://github.com/openstreetmap/chef/blob/master/cookbooks/dns/files/default/post-receive) runs `make update` via a [script](https://github.com/openstreetmap/chef/blob/master/cookbooks/dns/templates/default/dns-update.erb) which then pushes the updated zone files to the authoritative DNS nameservers.
+Merges to the master branch trigger a git [post-receive](https://github.com/openstreetmap/chef/blob/master/cookbooks/dns/files/default/post-receive) which runs `make update` via a [script](https://github.com/openstreetmap/chef/blob/master/cookbooks/dns/templates/default/dns-update.erb), the DNS is then updated by dnscontrol.
## GeoDNS Zones
-The GeoDNS zones are handled differently.
-
-### tile.openstreetmap.org (mkgeo Generated)
-
-The `tile.openstreetmap.org` and `[a|b|c].tile.openstreetmap.org` are CNAME'ed to the `tile.geo.openstreetmap.org` zone.
-
-The `tile.openstreetmap.org` zone file is written by [mkgeo](bin/mkgeo) which attempts to match the [estimated country bandwidth requirements](bandwidth/tile.openstreetmap.yml) to the nearest [running](https://uptime.openstreetmap.org/) [tile cache server](src/tile.openstreetmap) with available capacity.
-
-Example `tile.openstreetmap.org` zone file snippet in [tinydns-data](http://cr.yp.to/djbdns/tinydns-data.html) syntax as generated by [mkgeo](bin/mkgeo):
-
-```
-# Afghanistan
-Caf.tile.openstreetmap.org:baku.tile.openstreetmap.org:600
-# Albania
-Cal.tile.openstreetmap.org:osijek.tile.openstreetmap.org:600
-# Algeria
-Cdz.tile.openstreetmap.org:zaragoza.tile.openstreetmap.org:600
-# American Samoa
-Cas.tile.openstreetmap.org:sanfrancisco.tile.openstreetmap.org:600
-...
-# Servers
-+aalborg.tile.openstreetmap.org:130.225.254.123:600
-+amsterdam.tile.openstreetmap.org:134.90.146.26:600
-+baku.tile.openstreetmap.org:94.20.20.55:600
-```
-
-The current tile.openstreetmap.org matching is here: https://dns.openstreetmap.org/tile.openstreetmap.org.html
-
-### tile.geo.openstreetmap.org (GeoIP)
-
-The `tile.geo.openstreetmap.org` zone uses authoritative [gdnsd](https://gdnsd.org/) DNS nameservers (`a.ns.openstreetmap.org`, `b.ns.openstreetmap.org`, etc ).
-
-The gdnsd config is managed using a [chef cookbook](https://github.com/openstreetmap/chef/tree/master/cookbooks/geodns).
-
-The DNS responses from `tile.geo.openstreetmap.org` are CNAMEs to XX.tile.openstreetmap.org, where XX is the ISO 3166-1 alpha-2 country code from the [client subnet if supplied by EDNS0](https://tools.ietf.org/html/rfc7871) or the IP address of the resolving DNS if the client subnet is not supplied by EDNS0.
-
-A typical DNS query flow example: `a.tile.openstreetmap.org -> CNAME tile.geo.openstreetmap.org -> CNAME gb.tile.openstreetmap.org. -> CNAME aalborg.tile.openstreetmap.org. -> A aaa.bbb.ccc.ddd`
-
-### render.openstreetmap.org (mkgeo Generated)
-
-The `render.openstreetmap.org` zone is a DNS zone used internally by the tile.openstreetmap.org cache servers and ***SHOULD NOT BE BE USED BY OTHERS***.
-
-The `render.openstreetmap.org` zone file is written by [mkgeo](bin/mkgeo) which attempts to match the estimated caches' bandwidth requirement (dynamically generated above tile.openstreetmap.org mkgeo) to the nearest [running](https://uptime.openstreetmap.org/) [render server](src/render.openstreetmap) with available capacity.
-
-Example `tile.openstreetmap.org` zone file snippet in [tinydns-data](http://cr.yp.to/djbdns/tinydns-data.html) syntax as generated by [mkgeo](bin/mkgeo):
-
-```
-# aalborg
-Caalborg.render.openstreetmap.org:vial.render.openstreetmap.org:600
-# amsterdam
-Camsterdam.render.openstreetmap.org:yevaud.render.openstreetmap.org:600
-# baku
-Cbaku.render.openstreetmap.org:vial.render.openstreetmap.org:600
-...
-# Servers
-+orm.render.openstreetmap.org:193.63.75.98:600
-+vial.render.openstreetmap.org:138.201.195.31:600
-+yevaud.render.openstreetmap.org:128.40.45.208:600
-```
-
-The current render.openstreetmap.org matching is here: https://dns.openstreetmap.org/render.openstreetmap.org.html
+For GeoDNS zones we use [gdnsd](https://gdnsd.org/) with gdnsd config files generated by scripts called from the [Makefile](Makefile) file.
+++ /dev/null
----
-AD: 2.86888888889
-AE: 23.3488888889
-AF: 1.31777777778
-AG: 2.78
-AI: 0.0733333333333
-AL: 7.23777777778
-AM: 11.0422222222
-AO: 6.88888888889
-AQ: 0.0311111111111
-AR: 528.111111111
-AS: 4.29333333333
-AT: 312.84
-AU: 216.437777778
-AW: 2.46444444444
-AX: 0.0377777777778
-AZ: 5.50888888889
-BA: 6.07333333333
-BB: 2.85333333333
-BD: 36.64
-BE: 235.76
-BF: 5.08
-BG: 23.8266666667
-BH: 4.57555555556
-BI: 0.84
-BJ: 0.391111111111
-BL: 0.135555555556
-BM: 0.368888888889
-BN: 1.78888888889
-BO: 24.3533333333
-BQ: 0.0488888888889
-BR: 808.902222222
-BS: 0.446666666667
-BT: 9.26888888889
-BW: 19.9311111111
-BY: 73.8688888889
-BZ: 0.817777777778
-CA: 500.788888889
-CC: 0.104444444444
-CD: 0.78
-CF: 0.0777777777778
-CG: 0.811111111111
-CH: 180.373333333
-CI: 35.5088888889
-CK: 0.0533333333333
-CL: 167.984444444
-CM: 11.9977777778
-CN: 134.986666667
-CO: 369.002222222
-CR: 4.63555555556
-CU: 2.92666666667
-CV: 0.137777777778
-CW: 0.32
-CX: 0.00444444444444
-CY: 24.6577777778
-CZ: 87.84
-DE: 2324.72222222
-DJ: 0.464444444444
-DK: 43.8622222222
-DM: 0.0555555555556
-DO: 19.7577777778
-DZ: 16.6888888889
-EC: 92.8555555556
-EE: 43.9266666667
-EG: 86.5244444444
-EH: 0.00444444444444
-ER: 0.00888888888889
-ES: 279.497777778
-ET: 3
-FI: 49.3488888889
-FJ: 0.506666666667
-FK: 2.38444444444
-FM: 0.0377777777778
-FO: 25.5711111111
-FR: 784.886666667
-GA: 0.526666666667
-GB: 504.966666667
-GD: 0.0977777777778
-GE: 14.6311111111
-GF: 0.322222222222
-GG: 0.491111111111
-GH: 9.01555555556
-GI: 0.215555555556
-GL: 3.12
-GM: 0.537777777778
-GN: 1.00444444444
-GP: 0.895555555556
-GQ: 0.117777777778
-GR: 163.475555556
-GT: 5.70222222222
-GU: 0.326666666667
-GW: 0.0422222222222
-GY: 1.5
-HK: 59.1088888889
-HN: 22.2111111111
-HR: 133.737777778
-HT: 0.686666666667
-HU: 111.706666667
-ID: 381.413333333
-IE: 3421.39333333
-IL: 215.791111111
-IM: 0.342222222222
-IN: 484.255555556
-IO: 0.0288888888889
-IQ: 18.8822222222
-IR: 295.331111111
-IS: 22.9177777778
-IT: 362.433333333
-JE: 0.551111111111
-JM: 1.8
-JO: 3.26
-JP: 48.7711111111
-KE: 47.2155555556
-KG: 9.83333333333
-KH: 12.4244444444
-KI: 0.0266666666667
-KM: 0.0466666666667
-KN: 0.275555555556
-KR: 64.56
-KW: 13.0622222222
-KY: 2.92222222222
-KZ: 806.228888889
-LA: 8.74888888889
-LB: 1.72222222222
-LC: 0.142222222222
-LI: 0.124444444444
-LK: 35.6422222222
-LR: 0.697777777778
-LS: 0.126666666667
-LT: 64.9866666667
-LU: 19.9866666667
-LV: 14.3955555556
-LY: 1.91333333333
-MA: 109.646666667
-MC: 0.504444444444
-MD: 29.9288888889
-ME: 0.575555555556
-MF: 0.0644444444444
-MG: 2.29111111111
-MH: 0.0288888888889
-MK: 2.22444444444
-ML: 2.43777777778
-MM: 6.92888888889
-MN: 18.56
-MO: 0.748888888889
-MP: 0.08
-MQ: 4.79555555556
-MR: 0.526666666667
-MS: 0.0111111111111
-MT: 13.6088888889
-MU: 6.8
-MV: 0.982222222222
-MW: 0.902222222222
-MX: 256.54
-MY: 80.1244444444
-MZ: 15.3066666667
-NA: 8.03555555556
-NC: 0.924444444444
-NE: 0.451111111111
-NF: 0.00222222222222
-NG: 37.3733333333
-NI: 6.52444444444
-NL: 396.193333333
-NO: 27.7666666667
-NP: 2.64666666667
-NR: 3.38666666667
-NZ: 20.3733333333
-OM: 3.52888888889
-PA: 5.06888888889
-PE: 58.9888888889
-PF: 0.208888888889
-PG: 0.222222222222
-PH: 121.284444444
-PK: 32.86
-PL: 743.211111111
-PM: 0.0133333333333
-PR: 5.56
-PS: 13.9244444444
-PT: 57.5111111111
-PW: 0.02
-PY: 400.531111111
-QA: 7.32666666667
-RE: 20.6755555556
-RO: 76.48
-RS: 57.4933333333
-RU: 1054.97777778
-RW: 0.673333333333
-SA: 70.8666666667
-SB: 0.115555555556
-SC: 1.24444444444
-SD: 58.4177777778
-SE: 98.8555555556
-SG: 221.015555556
-SH: 0.0155555555556
-SI: 106.275555556
-SK: 27.84
-SL: 9.67555555556
-SM: 8.70444444444
-SN: 5.27777777778
-SO: 1.10444444444
-SR: 3.95111111111
-SS: 0.351111111111
-ST: 0.0377777777778
-SV: 3.54888888889
-SX: 0.135555555556
-SY: 40.98
-SZ: 0.64
-TC: 0.04
-TD: 0.0777777777778
-TG: 1.98666666667
-TH: 407.406666667
-TJ: 5.63333333333
-TK: 0.00444444444444
-TL: 0.142222222222
-TM: 1.22222222222
-TN: 11.4555555556
-TO: 0.02
-TR: 216.353333333
-TT: 10.3533333333
-TV: 2.75555555556
-TW: 58.3933333333
-TZ: 12.3488888889
-UA: 141.504444444
-UG: 5.98666666667
-US: 3539.80666667
-UY: 19.1933333333
-UZ: 63.5244444444
-VA: 0.02
-VC: 0.0444444444444
-VE: 55.3066666667
-VG: 0.0711111111111
-VI: 0.173333333333
-VN: 125.317777778
-VU: 0.104444444444
-WF: 0.00888888888889
-WS: 0.06
-XK: 0.113333333333
-YE: 2.95111111111
-YT: 1.34
-ZA: 249.057777778
-ZM: 3.03111111111
-ZW: 6
+++ /dev/null
----
-AD: 147607.008889
-AE: 1980282.98889
-AF: 202257.473333
-AG: 30940.2377778
-AI: 3555.73333333
-AL: 1456264.04667
-AM: 1720294.78889
-AO: 245780.142222
-AQ: 1237.71111111
-AR: 24028705.0622
-AS: 26602.3066667
-AT: 27525216.7444
-AU: 17740199.6244
-AW: 181238.857778
-AX: 81417.5666667
-AZ: 1644721.66667
-BA: 5360357.34222
-BB: 113795.402222
-BD: 2637835.48667
-BE: 31379699.3333
-BF: 171339.873333
-BG: 16462872.4089
-BH: 178017.288889
-BI: 39235.9111111
-BJ: 144971.944444
-BL: 26516.7333333
-BM: 68879.2688889
-BN: 101534.3
-BO: 6598657.62444
-BQ: 33092.2377778
-BR: 67895824.1933
-BS: 80005.3155556
-BT: 73882.6844444
-BW: 177755.48
-BY: 28140174.3933
-BZ: 244055.38
-CA: 39801926.6378
-CC: 239.693333333
-CD: 210700.564444
-CF: 1863.07111111
-CG: 70769.4266667
-CH: 25966555.3289
-CI: 991001.822222
-CK: 10671.6288889
-CL: 16922485.0578
-CM: 461239.615556
-CN: 3798976.38889
-CO: 17048273.6867
-CR: 2311707.40667
-CU: 261635.568889
-CV: 88190.0733333
-CW: 255916.342222
-CX: 93.2311111111
-CY: 1502580.43111
-CZ: 22924934.3844
-DE: 279437893.16
-DJ: 33447.0022222
-DK: 42115588.14
-DM: 62577.2711111
-DO: 1529532.88667
-DZ: 1634276.29556
-EC: 12126472.5289
-EE: 3663255.88667
-EG: 1931109.31333
-ER: 2352.07777778
-ES: 55510741.8511
-ET: 298329.402222
-FI: 11534177.54
-FJ: 52474.5955556
-FK: 10019.4333333
-FM: 9121.48888889
-FO: 161446.755556
-FR: 221971649.922
-GA: 56198.3333333
-GB: 123336985.522
-GD: 11526.4644444
-GE: 3335886.76222
-GF: 127130.957778
-GG: 169221.824444
-GH: 655150.575556
-GI: 89231.48
-GL: 100099.573333
-GM: 51320.2911111
-GN: 94694.3466667
-GP: 459603.5
-GQ: 12567.7688889
-GR: 19410573.1422
-GT: 3371719.58444
-GU: 65648.3622222
-GW: 9547.81777778
-GY: 38880.6866667
-HK: 6253019.34444
-HN: 696195.986667
-HR: 9634731.65556
-HT: 89951.7466667
-HU: 27508528.3956
-ID: 19977120.5311
-IE: 8530559.23333
-IL: 6125523.57556
-IM: 144767.664444
-IN: 27692918.0956
-IO: 21.4266666667
-IQ: 844265.502222
-IR: 20045732.9222
-IS: 1593090.64
-IT: 83703072.8356
-JE: 140256.78
-JM: 375833.804444
-JO: 993150.335556
-JP: 27988334.2422
-KE: 1647671.42667
-KG: 2415359.04889
-KH: 711643.406667
-KI: 3892.54222222
-KM: 3859.51555556
-KN: 20678.1266667
-KP: 2463.49777778
-KR: 9611982.10222
-KW: 402377.588889
-KY: 91610.1333333
-KZ: 11179783.5533
-LA: 248326.228889
-LB: 568474.653333
-LC: 67230.4666667
-LI: 217418.026667
-LK: 830831.877778
-LR: 109338.006667
-LS: 22995.7488889
-LT: 10506640.4822
-LU: 2332984.10889
-LV: 10154900.8356
-LY: 150966.048889
-MA: 2381142.94889
-MC: 190155.5
-MD: 5369052.67111
-ME: 663404.133333
-MF: 15766.7111111
-MG: 413607.266667
-MH: 5420.73555556
-MK: 832677.937778
-ML: 165364.922222
-MM: 1574103.97111
-MN: 195058.542222
-MO: 226535.004444
-MP: 11891.1377778
-MQ: 361034.924444
-MR: 74424.8177778
-MS: 4853.69777778
-MT: 586558.177778
-MU: 327995.093333
-MV: 122568.173333
-MW: 90975.1466667
-MX: 37727070.8733
-MY: 3114449.34444
-MZ: 368243.097778
-NA: 157454.515556
-NC: 240829.58
-NE: 67342.48
-NF: 253.222222222
-NG: 566236.137778
-NI: 877344.76
-NL: 95809248.2356
-NO: 7864988.36222
-NP: 798218.357778
-NR: 1346.68888889
-NU: 307.917777778
-NZ: 3786275.34222
-OM: 313158.306667
-PA: 915175.135556
-PE: 11577958.7778
-PF: 161560.595556
-PG: 47218.0222222
-PH: 6965070.46
-PK: 2669556.02889
-PL: 188700107.164
-PM: 51462.8177778
-PR: 925986.406667
-PS: 350296.895556
-PT: 11851530.2422
-PW: 18346.9177778
-PY: 1779073.26889
-QA: 345872.877778
-RE: 888326.597778
-RO: 30365147.2511
-RS: 9551556.56889
-RU: 155014855.847
-RW: 196213.697778
-SA: 1861605.02667
-SB: 9961.35333333
-SC: 50707.7577778
-SD: 143548.24
-SE: 15608222.4422
-SG: 3762772.32889
-SH: 1960.12666667
-SI: 3977915.10889
-SK: 18991595.6333
-SL: 37188.2888889
-SM: 134091.466667
-SN: 441923.386667
-SO: 346586.811111
-SR: 148975.248889
-SS: 20085.78
-ST: 4658.13111111
-SV: 1096400.23556
-SX: 29970.1955556
-SY: 184978.342222
-SZ: 18843.2466667
-TC: 93588.1177778
-TD: 10838.6422222
-TG: 109304.388889
-TH: 8181045.00667
-TJ: 303382.026667
-TL: 41618.4422222
-TM: 33138.0888889
-TN: 2539957.73111
-TO: 6872.98888889
-TR: 36320266.9556
-TT: 595362.062222
-TV: 6377.35777778
-TW: 24895659.9
-TZ: 592716.151111
-UA: 71935436.2489
-UG: 371570.777778
-UM: 417.811111111
-US: 168068359.904
-UY: 3862789.72444
-UZ: 1576052.12444
-VA: 24871.3177778
-VC: 16695.1177778
-VE: 2429953.49556
-VG: 19105.4711111
-VI: 40648.4066667
-VN: 1585975.8
-VU: 30389.8666667
-WF: 3540.82888889
-WS: 18399.8555556
-XK: 40469.0288889
-YE: 117418.873333
-YT: 78763.2866667
-ZA: 6015791.69778
-ZM: 119848.686667
-ZW: 284603.042222
use YAML;
# Get arguments
-my $bandwidthfile = shift @ARGV;
+my $requestsfile = shift @ARGV;
my $originsfile = shift @ARGV;
# Initialise origins
# Parse the country database
$countries->parsefile("lib/countries.xml");
-# Load the per-country bandwidth details
-my $bandwidth = YAML::LoadFile($bandwidthfile);
+# Load the per-country requests details
+my $requests = YAML::LoadFile($requestsfile);
# Fill in country table and work out which clusters each can use
foreach my $country ($countries->look_down("_tag" => "country"))
my $code = $country->look_down("_tag" => "countryCode")->as_text;
my $name = $country->look_down("_tag" => "countryName")->as_text;
my $population = $country->look_down("_tag" => "population")->as_text;
- my $bandwidth = $bandwidth->{$code} || 0;
+ my $requests = $requests->{$code} || 0;
my $continent = $country->look_down("_tag" => "continent")->as_text;
my $west = $country->look_down("_tag" => "west")->as_text;
my $north = $country->look_down("_tag" => "north")->as_text;
$origins->{$code} = {
code => $code, name => $name,
country => $code, continent => $continent,
- bandwidth => $bandwidth, lat => $lat, lon => $lon
+ requests => $requests, lat => $lat, lon => $lon
};
}
{
if ($cluster->{servers})
{
- $cluster->{bandwidth} = 0;
+ $cluster->{requests} = 0;
foreach my $server (@{$cluster->{servers}})
{
$server->{cluster} = $cluster;
- $cluster->{bandwidth} = $cluster->{bandwidth} + $server->{bandwidth};
+ $cluster->{requests} = $cluster->{requests} + $server->{requests};
push @servers, $server;
}
my $server = {
cluster => $cluster,
statuscake => $cluster->{statuscake},
- bandwidth => $cluster->{bandwidth},
+ requests => $cluster->{requests},
cname => $cluster->{cname},
ipv4 => $cluster->{ipv4},
ipv6 => $cluster->{ipv6}
}
else
{
- $server->{cluster}->{bandwidth} = $server->{cluster}->{bandwidth} - $server->{bandwidth};
+ $server->{cluster}->{requests} = $server->{cluster}->{requests} - $server->{requests};
}
}
# Initialise cluster details
while (my($name,$cluster) = each %$clusters)
{
- $cluster->{bandwidth_limit} = $cluster->{bandwidth} * 1024 * 1024;
- $cluster->{bandwidth_used} = 0;
+ $cluster->{requests_limit} = $cluster->{requests};
+ $cluster->{requests_used} = 0;
next if $cluster->{global};
name => $cluster->{name},
lat => $cluster->{lat},
lon => $cluster->{lon},
- bandwidth => 0
+ requests => 0
};
}
allocate_clusters(@mappings);
# If we failed to allocate every origin then loop, increasing
-# the bandwidth for each cluster by a little and retrying until
+# the requests for each cluster by a little and retrying until
# we manage to allocate everything
while (grep { !exists($_->{cluster}) } values %$origins)
{
delete $origin->{cluster};
}
- # Reset bandwidth usage for clusters and increase limits by 10%
+ # Reset requests usage for clusters and increase limits by 10%
foreach my $cluster (values %$clusters)
{
- $cluster->{bandwidth_used} = 0;
- $cluster->{bandwidth_limit} = $cluster->{bandwidth_limit} * 1.1;
+ $cluster->{requests_used} = 0;
+ $cluster->{requests_limit} = $cluster->{requests_limit} * 1.1;
}
# Try the allocate again
next if $cluster->{global};
- $targetorigins->{$cluster->{name}}->{bandwidth} += $origin->{bandwidth};
+ $targetorigins->{$cluster->{name}}->{requests} += $origin->{requests};
}
# Skip default records if we don't need them
if ($server->{status} eq "up")
{
my $number = sprintf("%02d", $index + 1);
- my $bandwidth = $server->{bandwidth};
+ my $requests = $server->{requests};
if (my $cname = $server->{cname})
{
- $gdnsweightedfile->print(" ${name}-${number} = [ ${cname}., ${bandwidth} ]\n");
+ $gdnsweightedfile->print(" ${name}-${number} = [ ${cname}., ${requests} ]\n");
}
else
{
- $gdnsweightedfile->print(" ${name}-${number} = [ ${name}-${number}.${zone}.openstreetmap.org., ${bandwidth} ]\n");
+ $gdnsweightedfile->print(" ${name}-${number} = [ ${name}-${number}.${zone}.openstreetmap.org., ${requests} ]\n");
}
}
}
my @mappings = sort { compare_mappings($a, $b) } @_;
# Loop over the mappings, trying to assign each origin to the
- # nearest cluster, but subject to the bandwidth limits
+ # nearest cluster, but subject to the request limits
while (my $mapping = shift @mappings)
{
my @group;
push @group, shift @mappings;
}
- for my $mapping (sort compare_bandwidth @group)
+ for my $mapping (sort compare_requests @group)
{
my $origin = $mapping->{origin};
my $cluster = $mapping->{cluster};
if (!exists($origin->{cluster}) &&
- $cluster->{bandwidth_used} + $origin->{bandwidth} <= $cluster->{bandwidth_limit})
+ $cluster->{requests_used} + $origin->{requests} <= $cluster->{requests_limit})
{
$origin->{cluster} = $cluster;
- $cluster->{bandwidth_used} = $cluster->{bandwidth_used} + $origin->{bandwidth};
+ $cluster->{requests_used} = $cluster->{requests_used} + $origin->{requests};
}
}
}
#
# Compare two mappings to decide which to try first
#
-sub compare_bandwidth
+sub compare_requests
{
- my $a_used = ( $a->{cluster}->{bandwidth_used} * 100.0 ) / ( $a->{cluster}->{bandwidth_limit} * 1.0 );
- my $b_used = ( $b->{cluster}->{bandwidth_used} * 100.0 ) / ( $b->{cluster}->{bandwidth_limit} * 1.0 );
+ my $a_used = ( $a->{cluster}->{requests_used} * 100.0 ) / ( $a->{cluster}->{requests_limit} * 1.0 );
+ my $b_used = ( $b->{cluster}->{requests_used} * 100.0 ) / ( $b->{cluster}->{requests_limit} * 1.0 );
return $a_used <=> $b_used;
}
use Digest::SHA qw(sha256_hex);
use MIME::Base64;
-my %algorithms = (
- "ssh-rsa" => "1",
- "ssh-dss" => "2",
- "ecdsa-sha2-nistp256" => "3",
- "ssh-ed25519" => "4"
-);
-
my %hosts;
if (-f "/etc/ssh/ssh_known_hosts")
while (my $line = <HOSTS>)
{
+ last if $line =~ /^# Manually maintained records$/;
+
if ($line =~ /^([^, ]+)\S* (\S+) (\S+)$/)
{
my $host = $1;
- my $algorithm = $algorithms{$2};
+ my $algorithm = $2;
my $value = uc(sha256_hex(decode_base64($3)));
$host =~ s/\.openstreetmap\.org$//;
-
+
if ($algorithm ne "2")
{
- my $wanted = 0;
-
- if (exists($hosts{$host}))
- {
- if ($algorithm eq "3")
- {
- $wanted = 1;
- }
- elsif ($algorithm eq "4" && $hosts{$host}->{algorithm} ne "3")
- {
- $wanted = 1;
- }
- }
- else
- {
- $wanted = 1;
- }
-
- if ($wanted)
- {
- $hosts{$host} = {
- algorithm => $algorithm,
- type => "2",
- value => $value
- };
- }
+ $hosts{$host} ||= {};
+
+ $hosts{$host}->{$algorithm} = $value;
}
}
}
foreach my $host (sort keys %hosts)
{
- my $algorithm = $hosts{$host}->{algorithm};
- my $type = $hosts{$host}->{type};
- my $value = $hosts{$host}->{value};
+ if ($hosts{$host}->{"ecdsa-sha2-nistp256"} || $hosts{$host}->{"ssh-ed25519"})
+ {
+ if ($hosts{$host}->{"ecdsa-sha2-nistp256"})
+ {
+ print SSHFP_JS sshfp_record($host, "3", $hosts{$host}->{"ecdsa-sha2-nistp256"});
+ }
- print SSHFP_JS qq| SSHFP("${host}", ${algorithm}, ${type}, "${value}"),\n|;
+ if ($hosts{$host}->{"ssh-ed25519"})
+ {
+ print SSHFP_JS sshfp_record($host, "4", $hosts{$host}->{"ssh-ed25519"});
+ }
+ }
+ elsif ($hosts{$host}->{"ssh-rsa"})
+ {
+ print SSHFP_JS sshfp_record($host, "1", $hosts{$host}->{"ssh-rsa"});
+ }
}
print SSHFP_JS qq|];\n|;
close(SSHFP_JS);
exit 0;
+
+sub sshfp_record
+{
+ my $host = shift;
+ my $algorithm = shift;
+ my $value = shift;
+
+ return qq| SSHFP("${host}", ${algorithm}, 2, "${value}"),\n|;
+}
var REG_GANDI = NewRegistrar("gandi_v5", "GANDI_V5");
var PROVIDER = NewDnsProvider("cloudflare", "CLOUDFLAREAPI");
-var CF_TTL_ANY = TTL(1);
-
-DEFAULTS(DefaultTTL("24h"));
-
var DOMAIN;
var REGISTRAR;
var DYNAMIC_RECORDS;
OPENSTREETMAP("open-maps.org", REG_GANDI);
OPENSTREETMAP("open-maps.com", REG_GANDI);
OPENSTREETMAP("osmbugs.org", REG_GANDI);
+OPENSTREETMAP("openstreetmap.ai", REG_GANDI);
+OPENSTREETMAP("openstreetmap.am", REG_GANDI);
+OPENSTREETMAP("openstreetmap.fi", REG_GANDI);
+OPENSTREETMAP("openstreetmap.gr", REG_GANDI);
+OPENSTREETMAP("openstreetmap.me", REG_GANDI);
+OPENSTREETMAP("openstreetmap.mx", REG_GANDI);
+OPENSTREETMAP("openstreetmap.nz", REG_GANDI);
+OPENSTREETMAP("openstreetmap.pe", REG_GANDI);
+OPENSTREETMAP("openstreetmap.ph", REG_GANDI);
+OPENSTREETMAP("openstreetmap.sg", REG_GANDI);
+OPENSTREETMAP("openstreetmap.tv", REG_GANDI);
+OPENSTREETMAP("openstreetmap.wales", REG_GANDI);
+OPENSTREETMAP("openstreetmapdata.org", REG_GANDI);
+// Disable due to registration issue
+// OPENSTREETMAP("openstreetmap.al", REG_NONE);
var OSM_LI = loadTemplate("osm-li");
STATEOFTHEMAP("stateofthemap.com", REG_GANDI);
STATEOFTHEMAP("sotm.org", REG_GANDI);
-var STATEOFTHEMAP_EU = loadTemplate("stateofthemap-eu");
-STATEOFTHEMAP_EU("stateofthemap.eu", REG_GANDI);
+// Domain Owner Issue / Registration Issues - Disable for the moment. 31 May 2021
+// var STATEOFTHEMAP_EU = loadTemplate("stateofthemap-eu");
+// STATEOFTHEMAP_EU("stateofthemap.eu", REG_GANDI);
var OPENGEODATA = loadTemplate("opengeodata");
-
OPENGEODATA("opengeodata.org", REG_GANDI);
var SWITCH2OSM = loadTemplate("switch2osm");
--- /dev/null
+---
+AD: 0.0302777777778
+AE: 1.98777777778
+AF: 0.0408333333333
+AG: 0.00222222222222
+AI: 0.249166666667
+AL: 2.22527777778
+AM: 1.59555555556
+AO: 0.583055555556
+AQ: 0.0025
+AR: 10.4358333333
+AS: 0.000555555555556
+AT: 15.6136111111
+AU: 18.2058333333
+AW: 0.0358333333333
+AX: 0.0152777777778
+AZ: 1.45888888889
+BA: 0.412222222222
+BB: 0.0313888888889
+BD: 2.07638888889
+BE: 5.54
+BF: 0.0527777777778
+BG: 2.63083333333
+BH: 0.121944444444
+BI: 0.0691666666667
+BJ: 0.257777777778
+BL: 0.00666666666667
+BM: 0.0594444444444
+BN: 0.106388888889
+BO: 2.04444444444
+BQ: 0.00416666666667
+BR: 64.7872222222
+BS: 0.0113888888889
+BT: 0.0211111111111
+BW: 0.0675
+BY: 3.45055555556
+BZ: 0.015
+CA: 18.0144444444
+CD: 0.364722222222
+CF: 0.005
+CG: 0.0661111111111
+CH: 11.8022222222
+CI: 0.66
+CK: 0.000555555555556
+CL: 5.82055555556
+CM: 1.11805555556
+CN: 24.0813888889
+CO: 29.0861111111
+CR: 0.450555555556
+CU: 0.0975
+CV: 0.0138888888889
+CW: 0.0155555555556
+CY: 0.251944444444
+CZ: 6.90222222222
+DE: 229.34
+DJ: 0.0125
+DK: 3.63361111111
+DM: 0.00194444444444
+DO: 3.98111111111
+DZ: 0.991666666667
+EC: 3.18333333333
+EE: 3.37527777778
+EG: 4.04583333333
+ES: 23.5105555556
+ET: 0.326666666667
+FI: 4.62611111111
+FJ: 0.0161111111111
+FK: 0.000833333333333
+FM: 0.000833333333333
+FO: 0.613333333333
+FR: 49.7969444444
+GA: 0.0636111111111
+GB: 30.8966666667
+GD: 0.00138888888889
+GE: 0.204166666667
+GF: 0.0297222222222
+GG: 0.00527777777778
+GH: 1.145
+GI: 0.00888888888889
+GL: 0.0880555555556
+GM: 0.0172222222222
+GN: 0.0661111111111
+GP: 0.0627777777778
+GQ: 0.000833333333333
+GR: 21.7488888889
+GT: 15.895
+GU: 0.0144444444444
+GW: 0.000833333333333
+GY: 0.0122222222222
+HK: 1.82722222222
+HN: 0.228333333333
+HR: 8.52138888889
+HT: 0.00666666666667
+HU: 4.32694444444
+ID: 38.6758333333
+IE: 30.0491666667
+IL: 6.955
+IM: 0.142777777778
+IN: 45.3866666667
+IO: 0.000555555555556
+IQ: 0.7525
+IR: 4.71722222222
+IS: 0.1725
+IT: 31.4088888889
+JE: 0.0513888888889
+JM: 0.130833333333
+JO: 0.599166666667
+JP: 11.1275
+KE: 4.11861111111
+KG: 0.218055555556
+KH: 0.379722222222
+KI: 0.000277777777778
+KM: 0.00388888888889
+KN: 0.000555555555556
+KR: 3.85888888889
+KW: 0.819166666667
+KY: 0.00416666666667
+KZ: 2.39666666667
+LA: 0.366944444444
+LB: 0.231944444444
+LC: 0.01
+LI: 0.0236111111111
+LK: 1.51722222222
+LR: 0.0355555555556
+LS: 0.00305555555556
+LT: 6.14444444444
+LU: 2.09
+LV: 2.19222222222
+LY: 0.0883333333333
+MA: 5.09111111111
+MC: 0.0163888888889
+MD: 3.43583333333
+ME: 0.145833333333
+MF: 0.00361111111111
+MG: 0.525277777778
+MH: 0.00305555555556
+MK: 0.112222222222
+ML: 0.0725
+MM: 0.0772222222222
+MN: 1.35861111111
+MO: 0.0475
+MP: 0.00194444444444
+MQ: 0.0322222222222
+MR: 0.0458333333333
+MS: 0.0025
+MT: 0.314166666667
+MU: 0.234166666667
+MV: 0.0244444444444
+MW: 0.0447222222222
+MX: 30.385
+MY: 6.13722222222
+MZ: 0.246666666667
+NA: 0.486666666667
+NC: 0.0458333333333
+NE: 0.173611111111
+NF: 0.000277777777778
+NG: 6.42138888889
+NI: 0.0344444444444
+NL: 30.8016666667
+NO: 4.5425
+NP: 1.77666666667
+NZ: 2.23888888889
+OM: 0.176388888889
+PA: 0.261111111111
+PE: 1.65388888889
+PF: 0.285555555556
+PG: 0.055
+PH: 4.54111111111
+PK: 1.99972222222
+PL: 53.8841666667
+PM: 0.000833333333333
+PR: 0.4075
+PS: 1.21805555556
+PT: 2.37777777778
+PW: 0.000277777777778
+PY: 4.65277777778
+QA: 0.277777777778
+RE: 0.497222222222
+RO: 4.84888888889
+RS: 1.51027777778
+RU: 79.0533333333
+RW: 0.0455555555556
+SA: 3.76305555556
+SB: 0.194444444444
+SC: 1.6425
+SD: 0.899722222222
+SE: 6.68861111111
+SG: 13.1025
+SI: 0.849166666667
+SK: 2.11944444444
+SL: 0.163333333333
+SM: 0.0205555555556
+SN: 0.185277777778
+SO: 0.146944444444
+SR: 0.0136111111111
+SS: 0.00777777777778
+ST: 0.00138888888889
+SV: 0.171666666667
+SX: 0.00444444444444
+SY: 0.728888888889
+SZ: 0.0116666666667
+TC: 0.0025
+TD: 0.00388888888889
+TG: 0.0719444444444
+TH: 5.42694444444
+TJ: 0.534444444444
+TL: 0.0172222222222
+TM: 0.0577777777778
+TN: 1.01861111111
+TO: 0.000277777777778
+TR: 14.9716666667
+TT: 1.00166666667
+TV: 0.00583333333333
+TW: 5.9775
+TZ: 0.296944444444
+UA: 37.3986111111
+UG: 0.272222222222
+UM: 0.000833333333333
+US: 324.626944444
+UY: 0.799166666667
+UZ: 7.335
+VA: 0.00555555555556
+VC: 0.000833333333333
+VE: 4.03694444444
+VG: 0.00111111111111
+VI: 0.00944444444444
+VN: 15.1244444444
+VU: 0.00277777777778
+WF: 0.0183333333333
+WS: 0.00111111111111
+XK: 0.00166666666667
+YE: 0.0991666666667
+YT: 0.00527777777778
+ZA: 8.20611111111
+ZM: 0.110277777778
+ZW: 0.420277777778
var BALERION_IPV4 = "138.44.68.134";
-var BOITATA_IPV4 = "200.236.31.207";
-var BOITATA_IPV6 = "2801:82:80ff:8002:216:ccff:feaa:21";
-
var BOWSER_IPV4 = "138.44.68.106";
-var CHERUFE_IPV4 = "200.91.44.37";
-
-var CHRYSOPHYLAX_IPV4 = "217.71.244.22";
-var CHRYSOPHYLAX_IPV6 = "2001:8e0:40:2039::10";
-
var CLIFFORD_IPV4 = "193.60.236.11";
var CLIFFORD_INTERNAL = "10.0.0.17";
var CLIFFORD_OOB = "10.0.1.17";
+var CULEBRE_IPV4 = "184.104.226.105";
+var CULEBRE_IPV6 = "2001:470:1:b3b::9";
+var CULEBRE_INTERNAL = "10.0.64.9";
+var CULEBRE_OOB = "10.0.65.9";
+
var DRACO_IPV4 = "193.60.236.12";
var DRACO_INTERNAL = "10.0.0.11";
var DRACO_OOB = "10.0.1.11";
var EUSTACE_INTERNAL = "10.0.0.9";
var EUSTACE_OOB = "10.0.1.9";
-var FAFNIR_IPV4 = "130.239.18.114";
-var FAFNIR_IPV6 = "2001:6b0:e:2a18::114";
+var FAFNIR_IPV4 = "184.104.226.98";
+var FAFNIR_IPV6 = "2001:470:1:b3b::2";
+var FAFNIR_INTERNAL = "10.0.64.2";
+var FAFNIR_OOB = "10.0.65.2";
var FIRNEN_IPV4 = "188.241.28.82";
-var FUME_IPV4 = "147.228.60.16";
+var GORWEN_IPV4 = "184.104.226.107";
+var GORWEN_IPV6 = "2001:470:1:b3b::b";
+var GORWEN_INTERNAL = "10.0.64.11";
+var GORWEN_OOB = "10.0.65.11";
var GORYNYCH_IPV4 = "5.45.248.21";
var GORYNYCH_IPV6 = "2a02:6b8:b010:5065::a001";
var GRISU_INTERNAL = "10.0.32.20";
var GRISU_OOB = "10.0.33.20";
+var IDRIS_IPV4 = "184.104.226.102";
+var IDRIS_IPV6 = "2001:470:1:b3b::6";
+var IDRIS_INTERNAL = "10.0.64.6";
+var IDRIS_OOB = "10.0.65.6";
+
var IRONBELLY_IPV4 = "130.117.76.10";
var IRONBELLY_IPV6 = "2001:978:2:2c::172:a";
var IRONBELLY_INTERNAL = "10.0.48.10";
var IRONBELLY_OOB = "10.0.49.10";
-var KALESSIN_IPV4 = "185.66.195.245";
-var KALESSIN_IPV6 = "2a03:2260:2000:1::5";
+var HORNTAIL_IPV4 = "184.104.226.106";
+var HORNTAIL_IPV6 = "2001:470:1:b3b::a";
+var HORNTAIL_INTERNAL = "10.0.64.10";
+var HORNTAIL_OOB = "10.0.65.10";
+
+var JAKELONG_IPV4 = "184.104.226.108";
+var JAKELONG_IPV6 = "2001:470:1:b3b::c";
+var JAKELONG_INTERNAL = "10.0.64.12";
+var JAKELONG_OOB = "10.0.65.12";
var KARM_INTERNAL = "10.0.48.50";
var KARM_OOB = "10.0.49.50";
var KATLA_INTERNAL = "10.0.32.40";
var KATLA_OOB = "10.0.33.40";
-var KEIZER_IPV4 = "195.201.226.63";
-var KEIZER_IPV6 = "2a01:4f8:1c1c:bc54::1";
-
var KESSIE_IPV4 = "178.250.74.36";
var KESSIE_IPV6 = "2a02:1658:4:0:dad3:85ff:fe5d:875e";
var KESSIE_OOB = "178.250.74.37";
-var KOKOSNUSS_IPV4 = "85.214.255.86";
+var KONQI_IPV4 = "184.104.226.103";
+var KONQI_IPV6 = "2001:470:1:b3b::7";
+var KONQI_INTERNAL = "10.0.64.7";
+var KONQI_OOB = "10.0.65.7";
var KVM1_INTERNAL = "10.0.0.21";
var LADON_IPV4 = "83.212.2.116";
var LADON_IPV6 = "2001:648:2ffe:4::116";
-var LONGMA_IPV4 = "140.110.240.7";
-var LONGMA_IPV6 = "2001:e10:2000:240::7";
+var LONGMA_IPV4 = "184.104.226.109";
+var LONGMA_IPV6 = "2001:470:1:b3b::d";
+var LONGMA_INTERNAL = "10.0.64.13";
+var LONGMA_OOB = "10.0.65.13";
var MERAXES_IPV4 = "51.15.185.90";
var MERAXES_IPV6 = "2001:bc8:2d57:100:aa1e:84ff:fe72:e660";
+var NAGA_IPV4 = "184.104.226.104";
+var NAGA_IPV6 = "2001:470:1:b3b::8";
+var NAGA_INTERNAL = "10.0.64.8";
+var NAGA_OOB = "10.0.65.8";
+
var NEAK_IPV4 = "89.234.177.142";
var NECROSAN_IPV4 = "45.85.134.91";
var NEPOMUK_IPV4 = "77.95.65.39";
var NEPOMUK_IPV6 = "2a03:9180:0:100::7";
-var NIDHOGG_IPV4 = "130.236.254.221";
-var NIDHOGG_IPV6 = "2001:6b0:17:f0a0::dd";
+var NIDHOGG_IPV4 = "194.71.11.111";
+var NIDHOGG_IPV6 = "2001:6b0:19:2::111";
+var NIDHOGG_OOB = "130.239.18.115";
var NOQUIKLOS_IPV4 = "193.60.236.16";
var NOQUIKLOS_INTERNAL = "10.0.0.13";
var NOQUIKLOS_OOB = "10.0.1.13";
+var NORBERT_IPV4 = "130.117.76.17";
+var NORBERT_IPV6 = "2001:978:2:2c::172:11";
+var NORBERT_INTERNAL = "10.0.48.17";
+var NORBERT_OOB = "10.0.49.17";
+
var ODIN_IPV4 = "130.117.76.15";
var ODIN_IPV6 = "2001:978:2:2c::172:f";
var ODIN_INTERNAL = "10.0.48.15";
var ODIN_OOB = "10.0.49.15";
-var ORM_IPV4 = "130.117.76.3";
-var ORM_IPV6 = "2001:978:2:2c::172:3";
-var ORM_INTERNAL = "10.0.48.3";
-var ORM_OOB = "10.0.49.3";
+var OOB1AMS_INTERNAL = "10.0.48.102";
+
+var OOB1DUB_INTERNAL = "10.0.64.102";
+
+var PDU1AMS_INTERNAL = "10.0.48.100";
-var PDU1_INTERNAL = "10.0.48.100";
+var PDU2AMS_INTERNAL = "10.0.48.101";
-var PDU2_INTERNAL = "10.0.48.101";
+var PDU1DUB_INTERNAL = "10.0.64.100";
+
+var PDU2DUB_INTERNAL = "10.0.64.101";
var PUMMELZACKEN_IPV4 = "193.60.236.18";
var PUMMELZACKEN_INTERNAL = "10.0.0.20";
var PYRENE_IPV4 = "140.211.167.98";
var PYRENE_IPV6 = "2605:bc80:3010:700::8cd3:a762";
-var RAMOTH_INTERNAL = "10.0.48.5";
-var RAMOTH_OOB = "10.0.49.5";
-
var RHAEGAL_IPV4 = "161.53.248.77";
var RIDGEBACK_IPV4 = "31.169.50.10";
var SAREL_INTERNAL = "10.0.0.12";
var SAREL_OOB = "10.0.1.12";
-var SARKANY_IPV4 = "37.17.173.8";
-var SARKANY_IPV6 = "2001:4c48:2:bf04:250:56ff:fe8f:5c81";
-
var SCORCH_IPV4 = "176.31.235.79";
var SCORCH_IPV6 = "2001:41d0:2:fc4f::1";
var SHENRON_IPV6 = "2001:41c9:1:400::32";
var SHENRON_INTERNAL = "10.0.16.3";
-var SHRUIKAN_IPV4 = "45.148.169.51";
-var SHRUIKAN_IPV6 = "2a0a:aa42:56:1000::1";
-
var SNAP01_INTERNAL = "10.0.48.49";
var SNAP01_OOB = "10.0.49.49";
var SNAP02_INTERNAL = "10.0.0.4";
var SNAP02_OOB = "10.0.1.4";
+var SNAP03_INTERNAL = "10.0.64.50";
+var SNAP03_OOB = "10.0.65.50";
+
+var SPIKE01_IPV4 = "184.104.226.99";
+var SPIKE01_IPV6 = "2001:470:1:b3b::3";
+var SPIKE01_INTERNAL = "10.0.64.3";
+var SPIKE01_OOB = "10.0.65.3";
+
+var SPIKE02_IPV4 = "184.104.226.100";
+var SPIKE02_IPV6 = "2001:470:1:b3b::4";
+var SPIKE02_INTERNAL = "10.0.64.4";
+var SPIKE02_OOB = "10.0.65.4";
+
+var SPIKE03_IPV4 = "184.104.226.101";
+var SPIKE03_IPV6 = "2001:470:1:b3b::5";
+var SPIKE03_INTERNAL = "10.0.64.5";
+var SPIKE03_OOB = "10.0.65.5";
+
var SPIKE04_IPV4 = "89.16.162.21";
var SPIKE04_IPV6 = "2001:41c9:2:d6::21";
var SPIKE04_INTERNAL = "10.0.32.21";
var STORMFLY04_IPV6 = "2605:bc80:3010:700::8cd3:a764";
var STORMFLY04_OOB = "10.0.0.3";
-var SWITCH1_IPV4 = "130.117.76.2";
-var SWITCH1_IPV6 = "2001:978:2:2c::172:2";
+var SWITCH1AMS_IPV4 = "130.117.76.2";
+var SWITCH1AMS_IPV6 = "2001:978:2:2c::172:2";
+
+var SWITCH1DUB_IPV4 = "184.104.226.97";
+var SWITCH1DUB_IPV6 = "2001:470:1:b3b::1";
var TABALUGA_IPV4 = "130.117.76.14";
var TABALUGA_IPV6 = "2001:978:2:2c::172:e";
var URMEL_INTERNAL = "10.0.0.6";
var URMEL_OOB = "10.0.1.6";
-var VIPERTOOTH_IPV4 = "176.122.99.101";
-var VIPERTOOTH_IPV6 = "2001:67c:2d40::65";
-
var VISERION_IPV4 = "193.198.233.211";
var VISERION_IPV6 = "2001:b68:4cff:3::3";
- 2217359
- 2217360
colour: "#8dd3c7"
- bandwidth: 1
+ requests: 400
ipv4: 130.117.76.9
ipv6: 2001:978:2:2c::172:9
default: "xx"
+dublin:
+ lat: 53.41208595
+ lon: -6.351453620255233
+ statuscake:
+ - 6224536
+ - 6224537
+ colour: "#b15928"
+ requests: 1500
+ ipv4: 184.104.226.109
+ ipv6: 2001:470:1:b3b::d
+ default: "xx"
+
slough:
lat: 51.5228002
lon: -0.62151043832233
- 2217363
- 2217364
colour: "#bebada"
- bandwidth: 0.1
+ requests: 0
ipv4: 193.60.236.18
default: "xx"
- preferred:
- countries:
- - ES
corvallis:
lat: 44.5639267
- 5769055
- 5769056
colour: "#ffffb3"
- bandwidth: 1
+ requests: 800
ipv4: 140.211.167.100
ipv6: 2605:bc80:3010:700::8cd3:a764
default: "xx"
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
+
+ // Delegate SPF policy to the main domain
+
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "include:openstreetmap.org", // main openstreetmap.org spf record
+ "-all"
+ ]
+ }),
// Main web server and it's aliases
A("old", RIDLEY_IPV4, TTL("10m")),
A("www", RIDLEY_IPV4, TTL("10m"))
-);
+);
\ No newline at end of file
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
// Let the main domain handle the email
// Delegate SPF policy to the main domain
- TXT("@", "v=spf1 include:openstreetmap.org -all"),
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "include:openstreetmap.org", // main openstreetmap.org spf record
+ "-all"
+ ]
+ }),
// Delegate MTA-STS policy to the main domain
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
// Let the main domain handle the email
// Delegate SPF policy to the main domain
- TXT("@", "v=spf1 include:openstreetmap.org -all"),
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "include:openstreetmap.org", // main openstreetmap.org spf record
+ "-all"
+ ]
+ }),
// Delegate MTA-STS policy to the main domain
// Publish CAA records indicating that only letsencrypt and globalsign (Fastly) should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issue", "globalsign.com", CF_TTL_ANY),
- CAA("@", "issuewild", "globalsign.com", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ "globalsign.com", // Used by Fastly for CDN certificates
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ "globalsign.com", // Used by Fastly for CDN certificates
+ ],
+ }),
// Use shenron as the MX host
MX("messages", 10, QUALIFY("a.mx")),
MX("noreply", 10, QUALIFY("a.mx")),
MX("otrs", 10, QUALIFY("a.mx")),
+ MX("community", 10, QUALIFY("a.mx")),
A("a.mx", SHENRON_IPV4),
AAAA("a.mx", SHENRON_IPV6),
// Publish SPF records indicating that only shenron sends mail
- TXT("@", "v=spf1 ip4:212.110.172.32 ip6:2001:41c9:1:400::32 mx -all"),
- TXT("otrs", "v=spf1 ip4:212.110.172.32 ip6:2001:41c9:1:400::32 mx -all"),
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "mx", // safety net if we change mx
+ "-all"
+ ]
+ }),
+
+ SPF_BUILDER({
+ label: "messages",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "mx", // safety net if we change mx
+ "-all"
+ ]
+ }),
+
+ SPF_BUILDER({
+ label: "noreply",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "mx", // safety net if we change mx
+ "-all"
+ ]
+ }),
+
+ SPF_BUILDER({
+ label: "otrs",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "mx", // safety net if we change mx
+ "-all"
+ ]
+ }),
+
+ SPF_BUILDER({
+ label: "community",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "mx", // safety net if we change mx
+ "-all"
+ ]
+ }),
// Publish DKIM public key
TXT("20200301._domainkey", "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvoNZVOGfw1V4A171hxHMhzVTAnIUQVJ8iX3wbqCld8A5iIaXeTGYvBmewymax/cYJS4QqzbpUzkgrrTA9avuZhd+QGJDgjADgx4VyMOaOS6FwAxS0uXtLrt+lsixRDx/feKyZHaxjzJAQy46ok77xXL4UXIaaovw6G6eZpIScMzZQ2zkKNJxTICzzSOduIilHhMWte4XP+/2PdRmD7Ge9jb0U4bZjswX0AqKSGzDKYw+yxVna9l53adeCnklqg2ofoXu+ResiH+kt05aCUOMo8en3em6yBnRCMalgi1E3Tt7I5BWcYFRkT/8agUGW4gGC6XMV9IskOsYL0emG0kGwIDAQAB", AUTOSPLIT),
+ // Publish DMARC report-only policy
+
+ DMARC_BUILDER({
+ policy: "none",
+ rua: [
+ "mailto:openstreetmap-d@dmarc.report-uri.com"
+ ],
+ failureOptions: 1
+ }),
+
// Announce MTA-STS policy and TLSRPT policy for error reports
TXT("_mta-sts", "v=STSv1; id=202001291805Z"),
- TXT("_smtp._tls", "v=TLSRPTv1; rua=mailto:postmaster@openstreetmap.org"),
-
+ TXT("_smtp._tls", "v=TLSRPTv1; rua=mailto:openstreetmap-d@tlsrpt.report-uri.com"),
+
// Fastly cert domain ownership confirmation
TXT("@", "_globalsign-domain-verification=ps00GlW1BzY9c2_cwH_pFqRkvzZyaCVZ-3RLssRG6S"),
CNAME("_mta-sts.messages", QUALIFY("_mta-sts")),
CNAME("_mta-sts.noreply", QUALIFY("_mta-sts")),
CNAME("_mta-sts.otrs", QUALIFY("_mta-sts")),
+ CNAME("_mta-sts.community", QUALIFY("_mta-sts")),
// Google postmaster tools verification
// Delegate geo.openstreetmap.org to PowerDNS
NS("geo", QUALIFY("balerion")),
- NS("geo", QUALIFY("chrysophylax")),
NS("geo", QUALIFY("saphira")),
NS("geo", QUALIFY("stormfly-04")),
NS("geo", QUALIFY("ridgeback")),
// Main web servers and their aliases
+ A("spike-01", SPIKE01_IPV4),
+ AAAA("spike-01", SPIKE01_IPV6),
+ // A("@", SPIKE01_IPV4, TTL("10m")),
+ // AAAA("@", SPIKE01_IPV6, TTL("10m")),
+ // A("www", SPIKE01_IPV4, TTL("10m")),
+ // AAAA("www", SPIKE01_IPV6, TTL("10m")),
+ // A("api", SPIKE01_IPV4, TTL("10m")),
+ // AAAA("api", SPIKE01_IPV6, TTL("10m")),
+ // A("maps", SPIKE01_IPV4, TTL("10m")),
+ // AAAA("maps", SPIKE01_IPV6, TTL("10m")),
+ // A("mapz", SPIKE01_IPV4, TTL("10m")),
+ // AAAA("mapz", SPIKE01_IPV6, TTL("10m")),
+ A("spike-01.dub", SPIKE01_INTERNAL),
+ A("spike-01.oob", SPIKE01_OOB),
+
+ A("spike-02", SPIKE02_IPV4),
+ AAAA("spike-02", SPIKE02_IPV6),
+ // A("@", SPIKE02_IPV4, TTL("10m")),
+ // AAAA("@", SPIKE02_IPV6, TTL("10m")),
+ // A("www", SPIKE02_IPV4, TTL("10m")),
+ // AAAA("www", SPIKE02_IPV6, TTL("10m")),
+ // A("api", SPIKE02_IPV4, TTL("10m")),
+ // AAAA("api", SPIKE02_IPV6, TTL("10m")),
+ // A("maps", SPIKE02_IPV4, TTL("10m")),
+ // AAAA("maps", SPIKE02_IPV6, TTL("10m")),
+ // A("mapz", SPIKE02_IPV4, TTL("10m")),
+ // AAAA("mapz", SPIKE02_IPV6, TTL("10m")),
+ A("spike-02.dub", SPIKE02_INTERNAL),
+ A("spike-02.oob", SPIKE02_OOB),
+
+ A("spike-03", SPIKE03_IPV4),
+ AAAA("spike-03", SPIKE03_IPV6),
+ // A("@", SPIKE03_IPV4, TTL("10m")),
+ // AAAA("@", SPIKE03_IPV6, TTL("10m")),
+ // A("www", SPIKE03_IPV4, TTL("10m")),
+ // AAAA("www", SPIKE03_IPV6, TTL("10m")),
+ // A("api", SPIKE03_IPV4, TTL("10m")),
+ // AAAA("api", SPIKE03_IPV6, TTL("10m")),
+ // A("maps", SPIKE03_IPV4, TTL("10m")),
+ // AAAA("maps", SPIKE03_IPV6, TTL("10m")),
+ // A("mapz", SPIKE03_IPV4, TTL("10m")),
+ // AAAA("mapz", SPIKE03_IPV6, TTL("10m")),
+ A("spike-03.dub", SPIKE03_INTERNAL),
+ A("spike-03.oob", SPIKE03_OOB),
+
A("spike-04", SPIKE04_IPV4),
AAAA("spike-04", SPIKE04_IPV6),
// A("@", SPIKE04_IPV4, TTL("10m")),
A("dulcy.ams", DULCY_INTERNAL),
A("dulcy.oob", DULCY_OOB),
+ A("longma", LONGMA_IPV4),
+ AAAA("longma", LONGMA_IPV6),
+ A("longma.dub", LONGMA_INTERNAL),
+ A("longma.oob", LONGMA_OOB),
+
A("stormfly-04", STORMFLY04_IPV4),
AAAA("stormfly-04", STORMFLY04_IPV6),
A("stormfly-04.oob", STORMFLY04_OOB),
CNAME("nominatim", "nominatim.geo.openstreetmap.org."),
CNAME("qgis.nominatim", "nominatim.geo.openstreetmap.org."),
+ CNAME("qa-tile.nominatim", "longma.openstreetmap.org."),
// Taginfo server
// Tile servers
- A("orm", ORM_IPV4),
- AAAA("orm", ORM_IPV6),
- A("orm.ams", ORM_INTERNAL),
- A("orm.oob", ORM_OOB),
-
A("odin", ODIN_IPV4),
AAAA("odin", ODIN_IPV6),
A("odin.ams", ODIN_INTERNAL),
A("ysera.ucl", YSERA_INTERNAL),
A("ysera.oob", YSERA_OOB),
+ A("culebre", CULEBRE_IPV4),
+ AAAA("culebre", CULEBRE_IPV6),
+ A("culebre.dub", CULEBRE_INTERNAL),
+ A("culebre.oob", CULEBRE_OOB),
+
+ A("nidhogg", NIDHOGG_IPV4),
+ AAAA("nidhogg", NIDHOGG_IPV6),
+ A("nidhogg.oob", NIDHOGG_OOB),
+
A("scorch", SCORCH_IPV4),
AAAA("scorch", SCORCH_IPV6),
A("necrosan", NECROSAN_IPV4),
AAAA("necrosan", NECROSAN_IPV6),
- CNAME("tile", "dualstack.osff2.map.fastly.net.", TTL("10m")),
- CNAME("a.tile", "dualstack.osff2.map.fastly.net.", TTL("10m")),
- CNAME("b.tile", "dualstack.osff2.map.fastly.net.", TTL("10m")),
- CNAME("c.tile", "dualstack.osff2.map.fastly.net.", TTL("10m")),
-
+ CNAME("tile", "dualstack.k.sni.global.fastly.net.", TTL("10m")),
+ CNAME("a.tile", "dualstack.k.sni.global.fastly.net.", TTL("10m")),
+ CNAME("b.tile", "dualstack.k.sni.global.fastly.net.", TTL("10m")),
+ CNAME("c.tile", "dualstack.k.sni.global.fastly.net.", TTL("10m")),
+ // Fastly DNS based ACME Challenge requirement
+ CNAME("_acme-challenge.tile", "bxve5ryiwwv7woiraq.fastly-validations.com.", TTL("10m")),
+
// Services machine
A("ironbelly", IRONBELLY_IPV4),
A("ironbelly.ams", IRONBELLY_INTERNAL),
A("ironbelly.oob", IRONBELLY_OOB),
+ A("norbert", NORBERT_IPV4),
+ AAAA("norbert", NORBERT_IPV6),
+ // A("backup", NORBERT_IPV4, TTL("10m")),
+ // AAAA("backup", NORBERT_IPV6, TTL("10m")),
+ // A("planet", NORBERT_IPV4, TTL("10m")),
+ // AAAA("planet", NORBERT_IPV6, TTL("10m")),
+ A("norbert.ams", NORBERT_INTERNAL),
+ A("norbert.oob", NORBERT_OOB),
+
+ A("fafnir", FAFNIR_IPV4),
+ AAAA("fafnir", FAFNIR_IPV6),
+ // A("backup", FAFNIR_IPV4, TTL("10m")),
+ // AAAA("backup", FAFNIR_IPV6, TTL("10m")),
+ // A("planet", FAFNIR_IPV4, TTL("10m")),
+ // AAAA("planet", FAFNIR_IPV6, TTL("10m")),
+ A("fafnir.dub", FAFNIR_INTERNAL),
+ A("fafnir.oob", FAFNIR_OOB),
+
+ A("horntail", HORNTAIL_IPV4),
+ AAAA("horntail", HORNTAIL_IPV6),
+ // A("backup", HORNTAIL_IPV4, TTL("10m")),
+ // AAAA("backup", HORNTAIL_IPV6, TTL("10m")),
+ // A("planet", HORNTAIL_IPV4, TTL("10m")),
+ // AAAA("planet", HORNTAIL_IPV6, TTL("10m")),
+ A("horntail.dub", HORNTAIL_INTERNAL),
+ A("horntail.oob", HORNTAIL_OOB),
+
A("grisu", GRISU_IPV4),
AAAA("grisu", GRISU_IPV6),
// A("backup", GRISU_IPV4, TTL("10m")),
A("snap-02.ucl", SNAP02_INTERNAL),
A("snap-02.oob", SNAP02_OOB),
+ A("snap-03.dub", SNAP03_INTERNAL),
+ A("snap-03.oob", SNAP03_OOB),
+
A("karm.ams", KARM_INTERNAL),
A("karm.oob", KARM_OOB),
A("katla.bm", KATLA_INTERNAL),
A("katla.oob", KATLA_OOB),
- A("ramoth.ams", RAMOTH_INTERNAL),
- A("ramoth.oob", RAMOTH_OOB),
-
// Development server with wildcard alias for user sites
A("errol", ERROL_IPV4),
A("clifford.ucl", CLIFFORD_INTERNAL),
A("clifford.oob", CLIFFORD_OOB),
- // Discourse server
-
- A("lockheed", LOCKHEED_IPV4),
- AAAA("lockheed", LOCKHEED_IPV6),
- A("lockheed.ams", LOCKHEED_INTERNAL),
- A("lockheed.oob", LOCKHEED_OOB),
-
// KVMs
A("kvm1.ucl", KVM1_INTERNAL),
// Managed network switches
- A("switch1", SWITCH1_IPV4),
- AAAA("switch1", SWITCH1_IPV6),
+ A("switch1.ams", SWITCH1AMS_IPV4),
+ AAAA("switch1.ams", SWITCH1AMS_IPV6),
+
+ A("switch1.dub", SWITCH1DUB_IPV4),
+ AAAA("switch1.dub", SWITCH1DUB_IPV6),
// Managed power strips
- A("pdu1.ams", PDU1_INTERNAL),
- A("pdu2.ams", PDU2_INTERNAL),
+ A("pdu1.ams", PDU1AMS_INTERNAL),
+ A("pdu2.ams", PDU2AMS_INTERNAL),
+
+ A("pdu1.dub", PDU1DUB_INTERNAL),
+ A("pdu2.dub", PDU2DUB_INTERNAL),
+
+ // Out of band access servers
+
+ A("oob1.ams", OOB1AMS_INTERNAL),
+
+ A("oob1.dub", OOB1DUB_INTERNAL),
// Bytemark machine, and the services which operate from it
A("tabaluga.ams", TABALUGA_INTERNAL),
A("tabaluga.oob", TABALUGA_OOB),
+ // Overpass server
+
+ A("gorwen", GORWEN_IPV4),
+ AAAA("gorwen", GORWEN_IPV6),
+ A("query", GORWEN_IPV4, TTL("10m")),
+ AAAA("query", GORWEN_IPV6, TTL("10m")),
+ A("gorwen.dub", GORWEN_INTERNAL),
+ A("gorwen.oob", GORWEN_OOB),
+
// GPS tile server
A("noquiklos", NOQUIKLOS_IPV4),
A("ridgeback.oob", RIDGEBACK_OOB),
A("nepomuk", NEPOMUK_IPV4),
AAAA("nepomuk", NEPOMUK_IPV6),
- A("longma", LONGMA_IPV4),
- AAAA("longma", LONGMA_IPV6),
A("viserion", VISERION_IPV4),
AAAA("viserion", VISERION_IPV6),
A("drogon", DROGON_IPV4),
AAAA("saphira", SAPHIRA_IPV6),
A("toothless", TOOTHLESS_IPV4),
AAAA("toothless", TOOTHLESS_IPV6),
- A("sarkany", SARKANY_IPV4),
- AAAA("sarkany", SARKANY_IPV6),
- A("kalessin", KALESSIN_IPV4),
- AAAA("kalessin", KALESSIN_IPV6),
A("angor", ANGOR_IPV4),
// AAAA("angor", ANGOR_IPV6),
A("ladon", LADON_IPV4),
AAAA("ladon", LADON_IPV6),
A("ascalon", ASCALON_IPV4),
- A("cherufe", CHERUFE_IPV4),
- A("chrysophylax", CHRYSOPHYLAX_IPV4),
- AAAA("chrysophylax", CHRYSOPHYLAX_IPV6),
- A("keizer", KEIZER_IPV4),
- AAAA("keizer", KEIZER_IPV6),
- A("vipertooth", VIPERTOOTH_IPV4),
- AAAA("vipertooth", VIPERTOOTH_IPV6),
- A("nidhogg", NIDHOGG_IPV4),
- AAAA("nidhogg", NIDHOGG_IPV6),
- A("boitata", BOITATA_IPV4),
- AAAA("boitata", BOITATA_IPV6),
- A("fafnir", FAFNIR_IPV4),
- AAAA("fafnir", FAFNIR_IPV6),
- A("fume", FUME_IPV4),
A("takhisis", TAKHISIS_IPV4),
AAAA("takhisis", TAKHISIS_IPV6),
A("neak", NEAK_IPV4),
A("meraxes", MERAXES_IPV4),
AAAA("meraxes", MERAXES_IPV6),
- A("kokosnuss", KOKOSNUSS_IPV4),
- A("shruikan", SHRUIKAN_IPV4),
- AAAA("shruikan", SHRUIKAN_IPV6),
A("firnen", FIRNEN_IPV4),
// Blades
// Spare
+ A("idris", IDRIS_IPV4),
+ AAAA("idris", IDRIS_IPV6),
+ A("idris.dub", IDRIS_INTERNAL),
+ A("idris.oob", IDRIS_OOB),
+ A("konqi", KONQI_IPV4),
+ AAAA("konqi", KONQI_IPV6),
+ A("konqi.dub", KONQI_INTERNAL),
+ A("konqi.oob", KONQI_OOB),
+ A("naga", NAGA_IPV4),
+ AAAA("naga", NAGA_IPV6),
+ A("naga.dub", NAGA_INTERNAL),
+ A("naga.oob", NAGA_OOB),
+ A("lockheed", LOCKHEED_IPV4),
+ AAAA("lockheed", LOCKHEED_IPV6),
+ A("lockheed.ams", LOCKHEED_INTERNAL),
+ A("lockheed.oob", LOCKHEED_OOB),
+
+ // Discourse server ("community")
+ A("jakelong", JAKELONG_IPV4),
+ AAAA("jakelong", JAKELONG_IPV6),
+ A("community", JAKELONG_IPV4),
+ A("communities", JAKELONG_IPV4),
+ AAAA("community", JAKELONG_IPV6),
+ AAAA("communities", JAKELONG_IPV6),
+ A("jakelong.dub", JAKELONG_INTERNAL),
+ A("jakelong.oob", JAKELONG_OOB),
// Donation site
- A("donate", RIDLEY_IPV4, TTL("10m")),
+ A("donate", RIDLEY_IPV4),
// Uptime site at StatusCake
D(DOMAIN, REGISTRAR,
- NAMESERVER("falerin.sosm.ch."),
- NAMESERVER("urlaun.sosm.ch."),
+ NAMESERVER("nalps.sosm.ch."),
+ NAMESERVER("palpuogna.sosm.ch."),
NAMESERVER("ns.poole.ch."),
NAMESERVER("he.poole.ch."),
NAMESERVER("ns3.spreng.ch.")
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
// Main web server and it's aliases
- A("@", "138.201.190.130"),
- AAAA("@", "2a01:4f8:1c17:6433::1"),
- A("www", "138.201.190.130"),
- AAAA("www", "2a01:4f8:1c17:6433::1")
+ A("@", "138.201.190.130", TTL("10m")),
+ AAAA("@", "2a01:4f8:1c17:6433::2", TTL("10m")),
+ A("www", "138.201.190.130", TTL("10m")),
+ AAAA("www", "2a01:4f8:1c17:6433::2", TTL("10m"))
);
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
// Let google handle email
// SPF policy
- TXT("@", "v=spf1 ip4:212.110.172.32 ip6:2001:41c9:1:400::32 a mx include:_spf.google.com -all"),
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "include:_spf.google.com", // Google GSuite
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "-all"
+ ]
+ }),
+
+ // Apple Business Manager verification
+ TXT("@", "apple-domain-verification=ZzBG2msRtUDehTMW"),
// DKIM keys
// Aliases for google services
- CNAME("login", "ghs.google.com."),
- CNAME("docs", "ghs.google.com."),
- CNAME("mail", "ghs.google.com."),
- CNAME("calendar", "ghs.google.com."),
- CNAME("sites", "ghs.google.com."),
+ CNAME("login", "ghs.googlehosted.com."),
+ CNAME("docs", "ghs.googlehosted.com."),
+ CNAME("mail", "ghs.googlehosted.com."),
+ CNAME("calendar", "ghs.googlehosted.com."),
+ CNAME("sites", "ghs.googlehosted.com."),
// Main web server and it's aliases
// Nextcloud instance
- CNAME("files", "nextcloud-openstreetmapfoundation.cloud68.systems")
+ CNAME("files", "nextcloud-openstreetmapfoundation.cloud68.systems.")
);
+++ /dev/null
-bowser:
- lat: -37.8001
- lon: 144.9671
- statuscake:
- - 2217312
- colour: "#bfa730"
- bandwidth: 300
- ipv4: 138.44.68.106
- default: ""
- preferred:
- origins:
- - hamilton
- - hsinchu
- - wellington
-
-odin:
- lat: 52.33724625
- lon: 4.93370796776345
- statuscake:
- - 3987453
- colour: "#7c1f7c"
- bandwidth: 800
- ipv4: 130.117.76.15
- ipv6: 2001:978:2:2c::172:f
- default: ""
- preferred:
- origins:
- - amsterdam
-
-ysera:
- lat: 51.5228002
- lon: -0.62151043832233
- statuscake:
- - 2217313
- colour: "#412c84"
- bandwidth: 800
- ipv4: 193.60.236.22
- default: ""
- preferred:
- origins:
- - london
-
-scorch:
- lat: 50.691197900000006
- lon: 3.2008242044777013
- statuscake:
- - 5735161
- colour: "#bf8230"
- bandwidth: 200
- ipv4: 176.31.235.79
- ipv6: 2001:41d0:2:fc4f::1
- default: ""
- preferred:
- origins:
- - france
-
-rhaegal:
- lat: 45.8082123
- lon: 15.9634238
- statuscake:
- - 3343399
- colour: "#a1b92e"
- bandwidth: 200
- ipv4: 161.53.248.77
- default: ""
- preferred:
- origins:
- - osijek
- - pula
-
-pyrene:
- lat: 44.5639267
- lon: -123.274707837676
- statuscake:
- - 3451753
- colour: "#269926"
- bandwidth: 600
- ipv4: 140.211.167.98
- ipv6: 2605:bc80:3010:700::8cd3:a762
- default: ""
- preferred:
- origins:
- - corvallis
- - curitiba
- - montreal
- - sanfrancisco
- - vinadelmar
-
-albi:
- lat: 49.0537635
- lon: 2.137900275852825
- statuscake:
- - 5441356
- colour: "#25567b"
- bandwidth: 50
- ipv4: 51.159.53.238
- ipv6: 2001:bc8:1200:4:dac4:97ff:fe8a:9cfc
- default: ""
- preferred:
- origins:
- - france
-
-# Spare colours:
-#
-# bf6530
-# bfb830
-# 562781
-# 1f7c65
-# bf3030
-# bf9430
-# 7ab02c
-# a1285f
-# 2c3d82
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
// Let openstreetmap.at handle email
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
+
+ // SPF policy
+
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "include:_spf.google.com", // Google GSuite
+ "ip4:212.110.172.32", // shenron ipv4
+ "ip6:2001:41c9:1:400::32", // shenron ipv6
+ "-all"
+ ]
+ }),
// Let google handle email
// Aliases for google services
- CNAME("login", "ghs.google.com."),
+ CNAME("login", "ghs.googlehosted.com."),
+ CNAME("docs", "ghs.googlehosted.com."),
+ CNAME("mail", "ghs.googlehosted.com."),
+ CNAME("calendar", "ghs.googlehosted.com."),
+ CNAME("sites", "ghs.googlehosted.com."),
// Main web server and it's aliases
A("@", RIDLEY_IPV4, TTL("10m")),
A("www", RIDLEY_IPV4, TTL("10m")),
+ A("2022", RIDLEY_IPV4, TTL("10m")),
A("2021", RIDLEY_IPV4, TTL("10m")),
A("2020", RIDLEY_IPV4, TTL("10m")),
A("2019", RIDLEY_IPV4, TTL("10m")),
A("2010", RIDLEY_IPV4, TTL("10m")),
A("2009", RIDLEY_IPV4, TTL("10m")),
A("2008", RIDLEY_IPV4, TTL("10m")),
- A("2007", RIDLEY_IPV4, TTL("10m")),
-
- // Video conferencing server
-
- A("talk", "95.217.113.173")
+ A("2007", RIDLEY_IPV4, TTL("10m"))
);
// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ ttl: "1h",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
+
+ // Delegate SPF policy to the main domain
+
+ SPF_BUILDER({
+ label: "@",
+ ttl: "1h",
+ parts: [
+ "v=spf1",
+ "include:openstreetmap.org", // main openstreetmap.org spf record
+ "-all"
+ ]
+ }),
// Main web server and it's aliases
+++ /dev/null
-# Moscow, RU
-# BW Limit: 1000Mb/s
-moscow:
- lat: 55.75
- lon: 37.617
- statuscake:
- - 2217257
- - 2217258
- colour: "#8dd3c7"
- bandwidth: 200
- ipv4: 5.45.248.21
- ipv6: 2a02:6b8:b010:5065::a001
- allowed:
- countries:
- - AZ
- - BY
- - EE
- - GE
- - KZ
- - LT
- - LV
- - MN
- continents:
- - EU
- denied:
- countries:
- - UA
- preferred:
- countries:
- - RU
-
-# Amsterdam/Ede/Dronten, NL
-# Amsterdam @ 52.37306,4.89222
-# Ede @ 52.0458265,5.6702011
-# Dronten @ 52.5437235,5.7050729
-# BW Limit: 1000Mb/s
-netherlands:
- lat: 52.20944325
- lon: 5.28121055
- colour: "#bebada"
- servers:
- - statuscake:
- - 2217259
- - 2217260
- bandwidth: 30
- name: trogdor
- ipv4: 134.90.146.26
- - statuscake:
- - 5406587
- - 5406588
- bandwidth: 60
- name: takhisis
- ipv4: 31.3.110.20
- ipv6: 2a03:7900:111:0:31:3:110:20
- - statuscake:
- - 5499504
- - 5499504
- bandwidth: 60
- name: shruikan
- ipv4: 45.148.169.51
- ipv6: 2a0a:aa42:56:1000::1
-
-# Oslo, NO
-# BW Limit: 1000Mb/s
-oslo:
- lat: 59.94944
- lon: 10.75639
- statuscake:
- - 2217261
- - 2217262
- colour: "#ffffb3"
- bandwidth: 30
- ipv4: 31.169.50.10
-
-# Lyon/Toulouse/Rennes/Paris, FR
-# Lyon @ 45.7575958,4.8323239 with BW limit of 100Mb/s
-# Toulouse @ 43.6044622,1.4442469
-# Rennes @ 48.10891/-1.63459
-# Paris @ 48.8695940,2.3437840
-france:
- lat: 46.603354
- lon: 1.8883335
- colour: "#fccde5"
- servers:
- - statuscake:
- - 2217265
- - 2217266
- bandwidth: 100
- name: nepomuk
- ipv4: 77.95.65.39
- ipv6: 2a03:9180:0:100::7
- - statuscake:
- - 5434796
- - 5434797
- bandwidth: 40
- name: neak
- ipv4: 89.234.177.142
- - statuscake:
- - 5435908
- - 5435909
- bandwidth: 80
- name: meraxes
- ipv4: 51.15.185.90
- ipv6: 2001:bc8:2d57:100:aa1e:84ff:fe72:e660
- preferred:
- countries:
- - FR
- - MC
- - RE
-
-# Falkenstein/Jena/Berlin, DE
-# Falkenstein @ 50.47822,12.33607
-# Jena @ 50.9411,11.60085
-# Berlin @
-# Nuremberg @ 49.44927,11.01402
-germany:
- lat: 51.0834196
- lon: 10.4234469
- colour: "#b2df8a"
- servers:
- - statuscake:
- - 2217293
- - 2217294
- bandwidth: 60
- name: kalessin
- ipv4: 185.66.195.245
- ipv6: 2a03:2260:2000:1::5
- - statuscake:
- - 3750847
- - 3750842
- bandwidth: 120
- name: keizer
- ipv4: 195.201.226.63
- ipv6: 2a01:4f8:1c1c:bc54::1
- - statuscake:
- - 5715443
- - 5715444
- bandwidth: 80
- name: firnen
- ipv4: 188.241.28.82
- allowed:
- countries:
- - DE
-
-# Hsinchu, TW
-hsinchu:
- lat: 24.78268
- lon: 120.99563
- colour: "#33a02c"
- statuscake:
- - 2217277
- - 2217278
- bandwidth: 200
- ipv4: 140.110.240.7
- ipv6: 2001:e10:2000:240::7
- allowed:
- continents:
- - AS
- denied:
- countries:
- - ID
- preferred:
- countries:
- - TW
- - JP
-
-# Pula, HR
-pula:
- lat: 44.866280
- lon: 13.851520
- statuscake:
- - 2217279
- - 2217280
- colour: "#a6cee3"
- bandwidth: 100
- ipv4: 193.198.233.211
- ipv6: 2001:b68:4cff:3::3
-
-# Osijek, HR
-osijek:
- lat: 45.55656
- lon: 18.71212
- statuscake:
- - 2217281
- - 2217282
- colour: "#fb8072"
- bandwidth: 100
- ipv4: 161.53.30.107
- ipv6: 2001:b68:c0ff:0:221:5eff:fe40:c7c4
-
-# Budapest, HU
-budapest:
- lat: 47.4925
- lon: 19.051389
- statuscake:
- - 2217283
- - 2217284
- colour: "#fdbf6f"
- bandwidth: 80
- ipv4: 37.17.173.8
- ipv6: 2001:4c48:2:bf04:250:56ff:fe8f:5c81
-
-# Athens, GR
-athens:
- lat: 37.983972
- lon: 23.727806
- statuscake:
- - 2244901
- - 2244902
- colour: "#b3de69"
- bandwidth: 80
- ipv4: 83.212.2.116
- ipv6: 2001:648:2ffe:4::116
-
-# Montréal, CA
-montreal:
- lat: 45.5
- lon: -73.566667
- statuscake:
- - 3155163
- - 3155162
- colour: "#b15928"
- bandwidth: 100
- ipv4: 184.107.48.228
- preferred:
- countries:
- - CA
-
-# Cape Town, ZA
-capetown:
- lat: -33.91834
- lon: 18.42054
- statuscake:
- - 2217295
- - 2217296
- colour: "#cab2d6"
- bandwidth: 10
- ipv4: 196.10.54.165
- ipv6: 2001:43f8:1f4:b00:b283:feff:fed8:dd45
- allowed:
- countries:
- - BW
- - LS
- - MZ
- - NA
- - SZ
- - ZA
- - ZW
-
-# Viña del Mar, CL
-vinadelmar:
- lat: -33.008099
- lon: -71.519699
- statuscake:
- - 3499524
- - 3499526
- colour: "#ff7f00"
- bandwidth: 80
- ipv4: 200.91.44.37
- allowed:
- continents:
- - SA
-
-# Zurich, CH
-# BW Limit: 200Mb/s
-zurich:
- lat: 47.3769434
- lon: 8.5414061
- statuscake:
- - 3743984
- - 3743985
- colour: "#ccebc5"
- bandwidth: 200
- ipv4: 217.71.244.22
- ipv6: 2001:8e0:40:2039::10
- preferred:
- countries:
-# - CH
- - IT
-# - SM
-# - VA
-
-# Kiev, UA
-kiev:
- lat: 50.4020865
- lon: 30.6146803128848
- statuscake:
- - 3890448
- - 3890447
- colour: "#fb9a99"
- bandwidth: 70
- ipv4: 176.122.99.101
- ipv6: 2001:67c:2d40::65
-
-# Linköping/Umeå, SE
-# Linköping @ 58.403261,15.623611189797
-# Umeå @ 63.82177625,20.3043163114932
-sweden:
- lat: 61.1125186
- lon: 17.9639637506451
- colour: "#d9d9d9"
- servers:
- - statuscake:
- - 3932686
- - 3932688
- bandwidth: 40
- name: nidhogg
- ipv4: 130.236.254.221
- ipv6: 2001:6b0:17:f0a0::dd
- - statuscake:
- - 3949588
- - 3949589
- bandwidth: 80
- name: fafnir
- ipv4: 130.239.18.114
- ipv6: 2001:6b0:e:2a18::114
-
-# Curitiba/São Paulo, BR
-# Curitaba @ -25.41403745,-49.252918753851
-# São Paulo @ -23.55,-46.633333
-brazil:
- lat: -24.482018725
- lon: -47.9431258769255
- colour: "#33a02c"
- servers:
- - statuscake:
- - 3945882
- - 3945883
- bandwidth: 60
- name: boitata
- ipv4: 200.236.31.207
- ipv6: 2801:82:80ff:8002:216:ccff:feaa:21
- allowed:
- countries:
- - BR
-
-# Pilsen/Prague, CZ
-# Pilsen @ 49.723689,13.351542
-# Prague @ 50.0874654,14.4212535
-czechia:
- lat: 49.9055772
- lon: 13.88639775
- colour: "#d9d9d9"
- servers:
- - statuscake:
- - 4065539
- - 4065540
- bandwidth: 30
- name: fume
- ipv4: 147.228.60.16
- allowed:
- countries:
- - AT
- - CZ
- - DE
- - PL
- - SK
-
-# Katowice, Poland
-#katowice:
-# lat: 50.25349
-# lon: 19.00283
-# statuscake:
-# - 5715443
-# - 5715444
-# colour: "#A22E5B"
-# bandwidth: 80
-# name: firnen
-# ipv4: 188.241.28.82
-
-# Fastly
-fastly:
- global: true
- statuscake: []
- bandwidth: 10000
- cname: dualstack.osff2.map.fastly.net
- default: "xx"
- allowed:
- continents:
- - AF
- - AN
- - AS
- - EU
- - NA
- - OC
- - SA
- preferred:
- continents:
- - AF
- - AN
- - AS
- - EU
- - NA
- - OC
- - SA
-
-# Spare colours:
- colour: "#1f78b4"
projects / dns.git / commitdiff