diff --git a/apps/base/ns-auth/kustomization.yaml b/apps/base/ns-auth/kustomization.yaml index 753cb3f..b5afd54 100644 --- a/apps/base/ns-auth/kustomization.yaml +++ b/apps/base/ns-auth/kustomization.yaml @@ -6,3 +6,4 @@ resources: - namespace.yaml - tsigkey.yaml - cluster.yaml + - zones.yaml diff --git a/apps/base/ns-auth/zones.yaml b/apps/base/ns-auth/zones.yaml new file mode 100644 index 0000000..c738f2c --- /dev/null +++ b/apps/base/ns-auth/zones.yaml @@ -0,0 +1,204 @@ +# Authoritative zones migrated from puppet-prod +# (profiles::dns::master::zones in hieradata/roles/infra/dns/master.yaml). +# type primary, static (puppet dynamic:false); TTL 600 as in the puppet zone header. +# Record data is populated by PuppetDB exported resources upstream, so it is +# NOT in this repo — migrate it into these zones (AXFR from the current masters, +# or DNSRecord CRs) as a follow-up. The zones start with SOA+NS only. +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: unkin-net + namespace: ns-auth +spec: + clusterRef: auth + zoneName: unkin.net + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: main-unkin-net + namespace: ns-auth +spec: + clusterRef: auth + zoneName: main.unkin.net + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 13-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 13.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 14-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 14.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 15-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 15.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 16-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 16.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 17-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 17.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 19-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 19.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 20-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 20.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 21-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 21.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 22-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 22.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 23-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 23.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 24-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 24.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 25-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 25.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 26-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 26.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 27-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 27.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 28-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 28.18.198.in-addr.arpa + type: primary + defaultTTL: 600 +--- +apiVersion: bind.unkin.net/v1alpha1 +kind: BindZone +metadata: + name: 29-18-198-in-addr-arpa + namespace: ns-auth +spec: + clusterRef: auth + zoneName: 29.18.198.in-addr.arpa + type: primary + defaultTTL: 600