mirror of
https://github.com/ZeusWPI/ZNS.git
synced 2024-10-29 21:14:27 +01:00
users => user and other mname
This commit is contained in:
parent
4794e80255
commit
0c8775c80e
4 changed files with 12 additions and 11 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -1,3 +1,5 @@
|
||||||
target
|
target
|
||||||
.env
|
.env
|
||||||
*.sqlite
|
*.sqlite
|
||||||
|
*.key
|
||||||
|
*.private
|
||||||
|
|
15
README.md
15
README.md
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
Is implementation of an authoritative DNS server.
|
Is implementation of an authoritative DNS server.
|
||||||
|
|
||||||
It gives all users who have a [Zauth](https://zauth.zeus.gent) account an own domain: `username.users.zeus.gent`.
|
It gives all users who have a [Zauth](https://zauth.zeus.gent) account an own domain: `username.user.zeus.gent`.
|
||||||
|
|
||||||
## General Information
|
## General Information
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@ ZNS has 2 methods of validating the signature:
|
||||||
|
|
||||||
## User Guide
|
## User Guide
|
||||||
|
|
||||||
How to add an `A` record to `<your zauth username>.users.zeus.gent`.
|
How to add an `A` record to `<your zauth username>.user.zeus.gent`.
|
||||||
|
|
||||||
### Step 1
|
### Step 1
|
||||||
|
|
||||||
|
@ -33,7 +33,7 @@ Add the public key to your Zauth account.
|
||||||
The (most) painless way for sending DNS update queries is using the `nsupdate` program.
|
The (most) painless way for sending DNS update queries is using the `nsupdate` program.
|
||||||
With `nsupdate -k keys`, you can pass it your keys. But `nsupdate` expects your keys to have a certain format, so it won't accept the OPENSSH private key format.
|
With `nsupdate -k keys`, you can pass it your keys. But `nsupdate` expects your keys to have a certain format, so it won't accept the OPENSSH private key format.
|
||||||
That's why there is a CLI (`zns-cli`) available that converts the OPENSSH private key format and creates `.key` and `.private` files corresponding with your public and private keys.
|
That's why there is a CLI (`zns-cli`) available that converts the OPENSSH private key format and creates `.key` and `.private` files corresponding with your public and private keys.
|
||||||
And with some more info like the update ZONE (`username.users.zeus.gent`), the signing algorithm (ED25519 or RSA), ...
|
And with some more info like the update ZONE (`username.user.zeus.gent`), the signing algorithm (ED25519 or RSA), ...
|
||||||
|
|
||||||
Execute:
|
Execute:
|
||||||
|
|
||||||
|
@ -44,13 +44,12 @@ zns-cli --key <path to private ssh key> --username <zauth username>
|
||||||
Now you can run `nsupdate -k Kdns.private`.
|
Now you can run `nsupdate -k Kdns.private`.
|
||||||
|
|
||||||
```
|
```
|
||||||
> server flanagan.zeus.gent
|
> zone username.user.zeus.gent
|
||||||
> zone username.users.zeus.gent
|
> update add username.user.zeus.gent 300 A <ip address>
|
||||||
> update add username.users.zeus.gent 300 A <ip address>
|
|
||||||
> send
|
> send
|
||||||
```
|
```
|
||||||
|
|
||||||
This will add an A record to `username.users.zeus.gent`.
|
This will add an A record to `username.user.zeus.gent`.
|
||||||
The message will be signed with the private key, and the server will try to validate by trying to find a valid public SSH key from your Zauth account. Matching the `username` given in the zone.
|
The message will be signed with the private key, and the server will try to validate by trying to find a valid public SSH key from your Zauth account. Matching the `username` given in the zone.
|
||||||
The default expiration time with `nsupdate` is 5 minutes.
|
The default expiration time with `nsupdate` is 5 minutes.
|
||||||
|
|
||||||
|
@ -74,7 +73,7 @@ The following environment variables should be set (or stored in a `.env` file):
|
||||||
```
|
```
|
||||||
DATABASE_URL=postgres://zns@localhost/zns
|
DATABASE_URL=postgres://zns@localhost/zns
|
||||||
ZAUTH_URL="https://zauth.zeus.gent"
|
ZAUTH_URL="https://zauth.zeus.gent"
|
||||||
ZONE="users.zeus.gent"
|
ZONE="user.zeus.gent"
|
||||||
```
|
```
|
||||||
|
|
||||||
Optional: `ZNS_ADDRESS` and `ZNS_PORT`.
|
Optional: `ZNS_ADDRESS` and `ZNS_PORT`.
|
||||||
|
|
|
@ -103,7 +103,7 @@ impl KeyTransformer for Ed25519KeyPair {
|
||||||
let private_encoded = format!("{version}\n{algorithm}\n{private_key}");
|
let private_encoded = format!("{version}\n{algorithm}\n{private_key}");
|
||||||
|
|
||||||
let public_key = BASE64_STANDARD.encode(self.public_payload);
|
let public_key = BASE64_STANDARD.encode(self.public_payload);
|
||||||
let public_encoded = format!("{username}.users.zeus.gent. IN KEY 256 3 15 {public_key}");
|
let public_encoded = format!("{username}.user.zeus.gent. IN KEY 256 3 15 {public_key}");
|
||||||
|
|
||||||
(private_encoded, public_encoded)
|
(private_encoded, public_encoded)
|
||||||
}
|
}
|
||||||
|
@ -178,7 +178,7 @@ Coefficient: {coeff}
|
||||||
|
|
||||||
let encoded_pub = BASE64_STANDARD.encode(&public_key);
|
let encoded_pub = BASE64_STANDARD.encode(&public_key);
|
||||||
|
|
||||||
let public_encoded = format!("{username}.users.zeus.gent. IN KEY 256 3 10 {encoded_pub}");
|
let public_encoded = format!("{username}.user.zeus.gent. IN KEY 256 3 10 {encoded_pub}");
|
||||||
|
|
||||||
(private_encoded, public_encoded)
|
(private_encoded, public_encoded)
|
||||||
}
|
}
|
||||||
|
|
|
@ -101,7 +101,7 @@ fn get_soa(name: &LabelString) -> Result<RR, ZNSError> {
|
||||||
} else if name.len() > auth_zone.len() {
|
} else if name.len() > auth_zone.len() {
|
||||||
let zone: LabelString = name.as_slice()[name.len() - auth_zone.len() - 1..].into();
|
let zone: LabelString = name.as_slice()[name.len() - auth_zone.len() - 1..].into();
|
||||||
Ok(SoaRData {
|
Ok(SoaRData {
|
||||||
mname: zone.clone(),
|
mname: auth_zone,
|
||||||
rname: LabelString::from(&format!("{}.zeus.ugent.be", zone.as_slice()[0])),
|
rname: LabelString::from(&format!("{}.zeus.ugent.be", zone.as_slice()[0])),
|
||||||
serial: 1,
|
serial: 1,
|
||||||
refresh: 86400,
|
refresh: 86400,
|
||||||
|
|
Loading…
Reference in a new issue