├── .gitattributes ├── .editorconfig ├── admin_state ├── CODE_OF_CONDUCT.md ├── README.md ├── config ├── .github └── workflows │ └── main.yml └── zones ├── wikitide.org ├── 10.in-addr.arpa ├── wtnet └── wikitide.net /.gitattributes: -------------------------------------------------------------------------------- 1 | zones/** linguist-language=DNS-Zone 2 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | indent_style = tab 5 | indent_size = 8 6 | -------------------------------------------------------------------------------- /admin_state: -------------------------------------------------------------------------------- 1 | # Used to mark service as down 2 | # 3 | # To mark an entire data center as down; 4 | # geoip/generic-map/us => DOWN 5 | # 6 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | By participating, you indicate that you have read the [Miraheze Spaces Code of Conduct](https://meta.miraheze.org/wiki/Special:MyLanguage/Miraheze_Spaces_Code_of_Conduct) and agree to follow it. 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Miraheze DNS Production Configuration 2 | 3 | All changes pushed to this repository are automatically deployed to nameservers by puppet. However, syntax is checked for changes to go live, so please be aware when pushing changes. 4 | 5 | # No new domains 6 | New domains are no longer beeing added to this DNS. We are phasing out the use of this repo for custom domains. 7 | -------------------------------------------------------------------------------- /config: -------------------------------------------------------------------------------- 1 | options => { 2 | listen = any 3 | zones_strict_data = true, 4 | tcp_threads = 4, 5 | udp_threads = 4, 6 | state_dir = /etc/gdnsd/, 7 | acme_challenge_dns_ttl = 300, 8 | tcp_timeout = 157, 9 | tcp_clients_per_thread = 1024, 10 | } 11 | 12 | service_types => { 13 | cpweb => { 14 | plugin => http_status, 15 | port => 80, 16 | ok_codes => [ 200 ], 17 | url_path => /check 18 | vhost => health.wikitide.net 19 | up_thresh => 3, 20 | ok_thresh => 3, 21 | down_thresh => 3, 22 | interval => 7, 23 | timeout => 5, 24 | } 25 | } 26 | 27 | plugins => { 28 | weighted => { 29 | multi = false 30 | service_types = up # need to monitor 31 | up_thresh = 0.5 32 | swift => { 33 | multi => true 34 | addrs_v4 => { 35 | swiftproxy161 = [ 10.0.16.135, 1 ] 36 | swiftproxy171 = [ 10.0.17.108, 1 ] 37 | } 38 | }, 39 | jobrunner => { 40 | addrs_v4 => { 41 | mwtask151 = [ 10.0.15.150, 1 ] 42 | mwtask161 = [ 10.0.16.157, 1 ] 43 | mwtask171 = [ 10.0.17.144, 1 ] 44 | mwtask181 = [ 10.0.18.106, 1 ] 45 | } 46 | } 47 | } 48 | geoip => { 49 | maps => { 50 | generic-map => { 51 | geoip2_db => /usr/share/GeoIP/GeoLite2-Country.mmdb 52 | datacenters => [us] 53 | map => { 54 | default => [us], 55 | }, 56 | }, 57 | }, 58 | resources => { 59 | cp => { 60 | map => generic-map 61 | service_types => cpweb 62 | dcmap => { 63 | us => { 64 | addrs_v4 => { 65 | cp161 => 38.46.223.205 66 | }, 67 | addrs_v6 => { 68 | cp161 => 2602:294:0:b13::110 69 | } 70 | } 71 | } 72 | } 73 | } 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /.github/workflows/main.yml: -------------------------------------------------------------------------------- 1 | name: gdnsd checkconf 2 | 3 | on: 4 | push: 5 | branches: [ main ] 6 | pull_request: 7 | branches: [ main ] 8 | 9 | 10 | jobs: 11 | checkconf-job: 12 | runs-on: ubuntu-24.04 13 | name: gdnsd checkconf 14 | steps: 15 | - uses: actions/checkout@v4 16 | - id: checkconf 17 | uses: miraheze/dns-check-action@v1 18 | with: 19 | geoip-directory: '/usr/share/GeoIP' 20 | geoip-filename: 'GeoLite2-Country.mmdb' 21 | notify-irc: 22 | needs: checkconf-job 23 | runs-on: ubuntu-latest 24 | if: ${{ always() && github.repository_owner == 'miraheze' && ( github.ref == 'refs/heads/main' || github.event_name == 'pull_request' ) }} 25 | steps: 26 | - name: succeeded 27 | uses: technote-space/workflow-conclusion-action@v3 28 | - uses: rectalogic/notify-irc@v2 29 | if: env.WORKFLOW_CONCLUSION == 'success' 30 | with: 31 | channel: "#miraheze-tech-ops" 32 | server: "irc.libera.chat" 33 | nickname: miraheze-github 34 | message: ${{ github.repository }} - ${{ github.actor }} the build passed. 35 | sasl_password: ${{ secrets.IRC_MIRAHEZEBOTS }} 36 | 37 | - name: failed 38 | uses: technote-space/workflow-conclusion-action@v3 39 | - uses: rectalogic/notify-irc@v2 40 | if: env.WORKFLOW_CONCLUSION == 'failure' 41 | with: 42 | channel: "#miraheze-tech-ops" 43 | server: "irc.libera.chat" 44 | nickname: miraheze-github 45 | message: ${{ github.repository }} - ${{ github.actor }} the build has errored. 46 | sasl_password: ${{ secrets.IRC_MIRAHEZEBOTS }} 47 | -------------------------------------------------------------------------------- /zones/wikitide.org: -------------------------------------------------------------------------------- 1 | $TTL 300 2 | $ORIGIN wikitide.org. 3 | 4 | @ SOA ns1.wikitide.net. hostmaster.wikitide.net. ( 5 | 20240116000001 ; serial 6 | 7200 ; refresh 7 | 30M ; retry 8 | 3D ; expire 9 | 900 ; ncache 10 | ) 11 | 12 | ; Wildcard services 13 | @ DYNA geoip!cp 14 | * DYNA geoip!cp 15 | 16 | ; Name servers 17 | @ NS ns1.wikitide.net. 18 | @ NS ns2.wikitide.net. 19 | 20 | ; CAA (issue: letsencrypt.org, iodef: mailto:caapolicy@wikitide.org) 21 | @ TYPE257 \# 22 000569737375656C657473656E63727970742E6F7267 22 | @ TYPE257 \# 36 0005696F6465666D61696C746F3A636161706F6C6963794077696B69746964652E6F7267 23 | 24 | ; Mail exchanges 25 | @ MX 10 smtp.google.com. 26 | 27 | ; Mail policies 28 | wikitide.org. TXT "v=spf1 include:_spf.google.com ~all" 29 | 30 | ; Mail autodiscovery 31 | _imaps._tcp IN SRV 0 0 993 imap.gmail.com. 32 | _submission._tcp IN SRV 0 0 587 smtp.gmail.com. 33 | 34 | ;; DKIM - Policy: Mail may be signed. Not required. 35 | mail._domainkey TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn/JeGnNnhRHqyvuHEJxY87GckiFFGnx5lhWGY2oKJtt6yR74VXSi3UAonUIjlfkDl+KqrNZtRtTIVLsLU8eTx67xJGi5oOgdv2nu0EwOAbDU9EWZjoA1FrJKRfFLfyfkRhnXLX0WTIXs5v+lWz9FAva+E/muXBb5PRk0UpaiorN5oGXyX18T0Xdnmq07aG5TgNeQQgYX2hSxY9njb9Lpw8KDAqH2exczmtQP/dmY5Yc0UmvRcBSAQ8yc9RtAGtzcDzaidtjyyolyQDcYVcW4p8nv8Wzhr8/EKrS0qKq4WV5OfVfWhfPH+iFQ1mJPphN7IrH5vAlxudJQm72LAKDcwIDAQAB" 36 | 37 | ;; DMARC - Policy: Reject - unauthorized mail will not send, remote SMTPs will just drop the mail. 38 | _dmarc TXT "v=DMARC1; p=reject; rua=mailto:dmarc@wikitide.org; ruf=mailto:dmarc@wikitide.org; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400; sp=none" 39 | 40 | ; BIMI - Used for verified emails 41 | default._bimi TXT "v=BIMI1;l=https://static.wikitide.net/commonswiki/e/ea/WikiTide_BIMI.svg;a=" 42 | 43 | ; Servers 44 | 45 | ; Services 46 | www CNAME cf-lb.miraheze.org. 47 | issue-tracker CNAME cf-lb.miraheze.org. 48 | 49 | ; Wiki (Temporarily) 50 | polcompball CNAME cf-lb.miraheze.org. 51 | 52 | ; load balancers 53 | 54 | ; Miscellaneous 55 | wikitide.org. TXT "google-site-verification=2H9ugfXLc7WqxAJiLUGewd4ISrZEFG76NQQN1BJNCe4" 56 | wikitide.org. TXT "atlassian-domain-verification=seLpRBEOK9uaTCZrJSqptkG8Km60/0kkJUmi4Z6kaSS8SFufgAYFfvLOyqE1FGZw" 57 | _acme-challenge.wikitide.org. TXT "In01SlV5qadlfdDuGy0U9nHmUBjDjI_Oq4uqPoc5A88" 58 | _acme-challenge.wikitide.org. TXT "ws95GBWfyj-gcFo6P4ko4RT7BjWZ4M0Q4HvRXhDxMDU" 59 | _acme-challenge.wikitide.org. TXT "M_1LDCOWn8qSZ-jHi91VAot1I8wAXvdF0BQawqD0HJY" 60 | _acme-challenge.wikitide.org. TXT "AvZpEWLHiboBs0-txtR0b1J99lfsOCNceJtn1uxh8n8" 61 | _acme-challenge.wikitide.org. TXT "KK9uYrmJR51Xe-I2wnP5E9Tyd58rfyknIt-SCGJH63Q" 62 | _acme-challenge.wikitide.org. TXT "Zj9EQvftOK_sk7Eh-keEtybyXnfEVMKx_k-RmRAB5Fw" 63 | 64 | ; Other 65 | -------------------------------------------------------------------------------- /zones/10.in-addr.arpa: -------------------------------------------------------------------------------- 1 | @ 1H IN SOA ns1.wikitide.net. hostmaster.wikitide.net. ( 2 | 2025060501 ; serial 3 | 12H ; refresh 4 | 2H ; retry 5 | 1W ; expire 6 | 1H ; ncache 7 | ) 8 | 9 | ; Name servers 10 | @ 1D NS ns1.wikitide.net. 11 | @ 1D NS ns2.wikitide.net. 12 | 13 | $TTL 1H ; Default TTL for records 14 | 15 | ; Cloud15 16 | $ORIGIN 15.0.@Z 17 | 1 PTR cloud15.fsslc.wtnet. 18 | 110 PTR db151.fsslc.wtnet. 19 | 111 PTR os151.fsslc.wtnet. 20 | 112 PTR matomo151.fsslc.wtnet. 21 | 113 PTR mem151.fsslc.wtnet. 22 | 114 PTR mw151.fsslc.wtnet. 23 | 115 PTR mw152.fsslc.wtnet. 24 | 116 PTR prometheus151.fsslc.wtnet. 25 | 117 PTR swiftobject151.fsslc.wtnet. 26 | 118 PTR test151.fsslc.wtnet. 27 | 140 PTR mw153.fsslc.wtnet. 28 | 142 PTR rdb151.fsslc.wtnet. 29 | 150 PTR mwtask151.fsslc.wtnet. 30 | 31 | ; Cloud16 32 | $ORIGIN 16.0.@Z 33 | 1 PTR cloud16.fsslc.wtnet. 34 | 127 PTR bast161.fsslc.wtnet. 35 | 128 PTR db161.fsslc.wtnet. 36 | 129 PTR os161.fsslc.wtnet. 37 | 130 PTR graylog161.fsslc.wtnet. 38 | 131 PTR mem161.fsslc.wtnet. 39 | 132 PTR mw161.fsslc.wtnet. 40 | 133 PTR mw162.fsslc.wtnet. 41 | 134 PTR swiftobject161.fsslc.wtnet. 42 | 135 PTR swiftproxy161.fsslc.wtnet. 43 | 137 PTR cp161.fsslc.wtnet. 44 | 141 PTR os162.fsslc.wtnet. 45 | 151 PTR mw163.fsslc.wtnet. 46 | 157 PTR mwtask161.fsslc.wtnet. 47 | 48 | ; Cloud17 49 | $ORIGIN 17.0.@Z 50 | 1 PTR cloud17.fsslc.wtnet. 51 | 108 PTR swiftproxy171.fsslc.wtnet. 52 | 119 PTR db171.fsslc.wtnet. 53 | 121 PTR ldap171.fsslc.wtnet. 54 | 122 PTR mw171.fsslc.wtnet. 55 | 123 PTR mw172.fsslc.wtnet. 56 | 124 PTR phorge171.fsslc.wtnet. 57 | 125 PTR swiftac171.fsslc.wtnet. 58 | 126 PTR swiftobject171.fsslc.wtnet. 59 | 136 PTR ns1.fsslc.wtnet. 60 | 138 PTR cp171.fsslc.wtnet. 61 | 139 PTR reports171.fsslc.wtnet. 62 | 143 PTR bots171.fsslc.wtnet. 63 | 144 PTR mwtask171.fsslc.wtnet. 64 | 153 PTR mw173.fsslc.wtnet. 65 | 158 PTR db172.fsslc.wtnet. 66 | 67 | ; Cloud18 68 | $ORIGIN 18.0.@Z 69 | 1 PTR cloud18.fsslc.wtnet. 70 | 100 PTR puppet181.fsslc.wtnet. 71 | 101 PTR bast181.fsslc.wtnet. 72 | 102 PTR db181.fsslc.wtnet. 73 | 103 PTR db182.fsslc.wtnet. 74 | 104 PTR mw181.fsslc.wtnet. 75 | 105 PTR mw182.fsslc.wtnet. 76 | 106 PTR mwtask181.fsslc.wtnet. 77 | 107 PTR swiftobject181.fsslc.wtnet. 78 | 109 PTR mon181.fsslc.wtnet. 79 | 147 PTR eventgate181.fsslc.wtnet. 80 | 155 PTR mw183.fsslc.wtnet. 81 | 159 PTR kafka181.fsslc.wtnet. 82 | 83 | ; Cloud19 84 | $ORIGIN 19.0.@Z 85 | 1 PTR cloud19.fsslc.wtnet. 86 | 120 PTR swiftobject191.fsslc.wtnet. 87 | 146 PTR cp191.fsslc.wtnet. 88 | 152 PTR os191.fsslc.wtnet. 89 | 154 PTR mem191.fsslc.wtnet. 90 | 160 PTR mw191.fsslc.wtnet. 91 | 161 PTR mw192.fsslc.wtnet. 92 | 164 PTR mw193.fsslc.wtnet. 93 | 170 PTR db192.fsslc.wtnet. 94 | 95 | ; Cloud20 96 | $ORIGIN 20.0.@Z 97 | 1 PTR cloud20.fsslc.wtnet. 98 | 145 PTR swiftobject201.fsslc.wtnet. 99 | 148 PTR mem201.fsslc.wtnet. 100 | 149 PTR changeprop201.fsslc.wtnet. 101 | 156 PTR os201.fsslc.wtnet. 102 | 162 PTR mw201.fsslc.wtnet. 103 | 163 PTR mw202.fsslc.wtnet. 104 | 165 PTR mw203.fsslc.wtnet. 105 | 166 PTR cp201.fsslc.wtnet. 106 | 167 PTR os202.fsslc.wtnet. 107 | 169 PTR db201.fsslc.wtnet. 108 | -------------------------------------------------------------------------------- /zones/wtnet: -------------------------------------------------------------------------------- 1 | @ 1H IN SOA ns1.wikitide.net. hostmaster.wikitide.net. ( 2 | 2025060401 ; serial 3 | 12H ; refresh 4 | 2H ; retry 5 | 1W ; expire 6 | 1H ; ncache 7 | ) 8 | 9 | ; Name servers 10 | @ 1D NS ns1.wikitide.net. 11 | @ 1D NS ns2.wikitide.net. 12 | 13 | $TTL 5M ; Default TTL for records 14 | 15 | ; FSSLC (FiberState Salt Lake City) 16 | $ORIGIN fsslc.wtnet. 17 | 18 | ; Cloud15 19 | cloud15 A 10.0.15.1 20 | db151 A 10.0.15.110 21 | os151 A 10.0.15.111 22 | matomo151 A 10.0.15.112 23 | mem151 A 10.0.15.113 24 | mw151 A 10.0.15.114 25 | mw152 A 10.0.15.115 26 | prometheus151 A 10.0.15.116 27 | swiftobject151 A 10.0.15.117 28 | test151 A 10.0.15.118 29 | mw153 A 10.0.15.140 30 | rdb151 A 10.0.15.142 31 | mwtask151 A 10.0.15.150 32 | 33 | ; Cloud16 34 | cloud16 A 10.0.16.1 35 | bast161 A 10.0.16.127 36 | db161 A 10.0.16.128 37 | os161 A 10.0.16.129 38 | graylog161 A 10.0.16.130 39 | mem161 A 10.0.16.131 40 | mw161 A 10.0.16.132 41 | mw162 A 10.0.16.133 42 | swiftobject161 A 10.0.16.134 43 | swiftproxy161 A 10.0.16.135 44 | cp161 A 10.0.16.137 45 | os162 A 10.0.16.141 46 | mw163 A 10.0.16.151 47 | mwtask161 A 10.0.16.157 48 | 49 | ; Cloud17 50 | cloud17 A 10.0.17.1 51 | swiftproxy171 A 10.0.17.108 52 | db171 A 10.0.17.119 53 | ldap171 A 10.0.17.121 54 | mw171 A 10.0.17.122 55 | mw172 A 10.0.17.123 56 | phorge171 A 10.0.17.124 57 | swiftac171 A 10.0.17.125 58 | swiftobject171 A 10.0.17.126 59 | ns1 A 10.0.17.136 60 | dns171 A 10.0.17.136 61 | cp171 A 10.0.17.138 62 | reports171 A 10.0.17.139 63 | bots171 A 10.0.17.143 64 | mwtask171 A 10.0.17.144 65 | mw173 A 10.0.17.153 66 | db172 A 10.0.17.158 67 | 68 | ; Cloud18 69 | cloud18 A 10.0.18.1 70 | puppet181 A 10.0.18.100 71 | bast181 A 10.0.18.101 72 | db181 A 10.0.18.102 73 | db182 A 10.0.18.103 74 | mw181 A 10.0.18.104 75 | mw182 A 10.0.18.105 76 | mwtask181 A 10.0.18.106 77 | swiftobject181 A 10.0.18.107 78 | mon181 A 10.0.18.109 79 | eventgate181 A 10.0.18.147 80 | mw183 A 10.0.18.155 81 | kafka181 A 10.0.18.159 82 | 83 | ; Cloud19 84 | cloud19 A 10.0.19.1 85 | swiftobject191 A 10.0.19.120 86 | cp191 A 10.0.19.146 87 | os191 A 10.0.19.152 88 | mem191 A 10.0.19.154 89 | mw191 A 10.0.19.160 90 | mw192 A 10.0.19.161 91 | mw193 A 10.0.19.164 92 | llm191 A 10.0.19.168 93 | db192 A 10.0.19.170 94 | 95 | ; Cloud20 96 | cloud20 A 10.0.20.1 97 | swiftobject201 A 10.0.20.145 98 | mem201 A 10.0.20.148 99 | changeprop201 A 10.0.20.149 100 | os201 A 10.0.20.156 101 | mw201 A 10.0.20.162 102 | mw202 A 10.0.20.163 103 | mw203 A 10.0.20.165 104 | cp201 A 10.0.20.166 105 | os202 A 10.0.20.167 106 | db201 A 10.0.20.169 107 | 108 | ; Aliases 109 | bastion A 10.0.16.127 ; bast161 110 | ntp A 10.0.18.101 ; bast181 111 | prometheus-pushgateway A 10.0.15.116 ; prometheus151 112 | 113 | ; Servers that need to have public IP access 114 | $ORIGIN public.fsslc.wtnet. 115 | 116 | bots171 AAAA 2602:294:0:b23::113 117 | graylog161 AAAA 2602:294:0:b13::104 118 | puppet181 AAAA 2602:294:0:b12::101 119 | 120 | ; Services 121 | $ORIGIN svc.fsslc.wtnet. 122 | 123 | jobrunner DYNA weighted!jobrunner 124 | jobrunner-high DYNA weighted!jobrunner 125 | videoscaler DYNA weighted!jobrunner 126 | 127 | ; Management interfaces 128 | $ORIGIN mgmt.fsslc.wtnet. 129 | 130 | cloud15 A 10.20.3.50 131 | cloud16 A 10.20.3.59 132 | cloud17 A 10.20.3.60 133 | cloud18 A 10.20.3.38 134 | cloud19 A 10.20.4.178 135 | cloud20 A 10.20.4.179 136 | 137 | ; VPS servers 138 | $ORIGIN vps.wtnet. 139 | 140 | mattermost1 A 15.204.87.20 141 | AAAA 2604:2dc0:202:300::7c6 142 | mattermost001 A 15.204.87.20 143 | AAAA 2604:2dc0:202:300::7c6 144 | ns2 A 51.75.170.66 145 | AAAA 2001:41d0:801:2000::4089 146 | dns001 A 51.75.170.66 147 | AAAA 2001:41d0:801:2000::4089 148 | -------------------------------------------------------------------------------- /zones/wikitide.net: -------------------------------------------------------------------------------- 1 | @ 1H IN SOA ns1 hostmaster ( 2 | 2024011501 ; serial 3 | 12H ; refresh 4 | 2H ; retry 5 | 1W ; expire 6 | 1H ; ncache 7 | ) 8 | 9 | ; Name servers 10 | @ 1D NS ns1 11 | @ 1D NS ns2 12 | 13 | ;; Records 14 | ns1 1D A 38.46.223.204 15 | AAAA 2602:294:0:b23::111 ; cloud17 16 | ns2 1D A 51.75.170.66 17 | AAAA 2001:41d0:801:2000::4089 ; OVH (GB) 18 | 19 | $TTL 5M ; Default TTL for records 20 | 21 | ; CAA (issue: letsencrypt.org, iodef: mailto:caapolicy@wikitide.org) 22 | @ TYPE257 \# 22 000569737375656C657473656E63727970742E6F7267 23 | @ TYPE257 \# 36 0005696F6465666D61696C746F3A636161706F6C6963794077696B69746964652E6F7267 24 | 25 | ; Mail exchanges 26 | @ MX 10 smtp.google.com. 27 | 28 | ; Mail policies 29 | @ TXT "v=spf1 include:_spf.google.com ~all" 30 | 31 | ; Mail autodiscovery 32 | _imaps._tcp IN SRV 0 0 993 imap.gmail.com. 33 | _submission._tcp IN SRV 0 0 587 smtp.gmail.com. 34 | 35 | ;; DKIM - Policy: Mail may be signed. Not required. 36 | mail._domainkey TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G9cvC788kh1IUhXsrTUufHEEI4M4h1rDYDMUyBW4EL94Ls250F5wCOTR1HdcizHZy/ZetR8iVUz3vzGsMuGvuM2oL8L2vqGHMjorMuAEL46jaehC66psbBGlswtZFTG0ErWEAc4J8Mo9fLOvePUBn2cYDjHfm7xaqPP2lI2qbljzBVRG19IIQyOqvHZUsMvttWz98GK64ND3oKr2kfQyJFzNNMZG+Ynu8dZxr9iOTvZA4SQKW+ckOAglYe3lQr5IstIjJQt9gDH/lhNisn8Ew6/85lQCME0+hw0yaJGVc857f2w5erNl8wrTFsAkdmm3tdBaB8B4w+3CVVWp6v9zwIDAQAB" 37 | 38 | ;; DMARC - Policy: Reject - unauthorized mail will not send, remote SMTPs will just drop the mail. 39 | _dmarc TXT "v=DMARC1; p=reject; pct=100; fo=1" 40 | 41 | ; BIMI - Used for verified emails 42 | default._bimi TXT "v=BIMI1;l=https://static.wikitide.net/commonswiki/e/ea/WikiTide_BIMI.svg;a=" 43 | 44 | ; Cloud Servers 45 | ; TODO: Remove once FQDNs have been updated to use wtnet 46 | cloud15 A 38.46.218.154 47 | AAAA 2602:294:0:c8::100 48 | cloud16 A 38.46.218.226 49 | AAAA 2602:294:0:b13::100 50 | cloud17 A 38.46.218.228 51 | AAAA 2602:294:0:b23::100 52 | cloud18 A 38.46.218.156 53 | AAAA 2602:294:0:b12::100 54 | cloud19 A 38.46.218.157 55 | AAAA 2602:294:0:b33::100 56 | cloud20 A 38.46.218.155 57 | AAAA 2602:294:0:b39::100 58 | 59 | ; Server Aliases 60 | ; Define these aliases only when: 61 | ; - External (public) access is necessary (bastions, cache proxies, mattermost) 62 | ; - Internal HTTPS access is required 63 | 64 | ;; Bastions 65 | bast161 A 38.46.223.203 66 | AAAA 2602:294:0:b13::101 67 | bast181 A 38.46.223.202 68 | AAAA 2602:294:0:b12::102 69 | 70 | ;; Cache Proxies 71 | cp161 A 38.46.223.205 72 | AAAA 2602:294:0:b13::110 73 | cp171 A 38.46.223.206 74 | AAAA 2602:294:0:b23::112 75 | cp191 AAAA 2602:294:0:b33::102 76 | cp201 AAAA 2602:294:0:b39::166 77 | 78 | ;; Mattermost 79 | mattermost A 15.204.87.20 80 | AAAA 2604:2dc0:202:300::7c6 ; mattermost1 (OVH US/Oregon) 81 | 82 | ;; Puppet 83 | puppet181 CNAME puppet181.fsslc.wtnet. 84 | 85 | ; Service Aliases 86 | ai CNAME llm191.fsslc.wtnet. 87 | ldap CNAME ldap171.fsslc.wtnet. 88 | logging CNAME graylog161.fsslc.wtnet. 89 | opensearch CNAME os151.fsslc.wtnet. 90 | opensearch-mw CNAME os162.fsslc.wtnet. 91 | swift-lb CNAME swiftproxy161.fsslc.wtnet. 92 | 93 | ; Load Balanced (Cloudflare) 94 | analytics CNAME cf-lb.miraheze.org. 95 | grafana CNAME cf-lb.miraheze.org. 96 | monitoring CNAME cf-lb.miraheze.org. 97 | phorge-static CNAME cf-lb.miraheze.org. 98 | static CNAME cf-lb.miraheze.org. 99 | status CNAME cf-lb.miraheze.org. 100 | 101 | ; Healthcheck 102 | health DYNA geoip!cp 103 | 104 | ; Static Help Documentation 105 | $ORIGIN static.@Z 106 | help CNAME miraheze.github.io. 107 | 108 | ; SSL Verification 109 | _acme-challenge.wikitide.net. TXT "VDX-B98TZVnsvxCLKi3ZfF7Gwz4peY5bqzsM3AkDPBM" 110 | _acme-challenge.wikitide.net. TXT "CO6cjG2fgvg5QP5YLV8pxzdv59NoGUUJ4IYZMLkeftk" 111 | _acme-challenge.wikitide.net. TXT "Jplf27n0E4ABEddFOzrIqanY5dFwNqhutdjczujbnXY" 112 | _acme-challenge.wikitide.net. TXT "-rhLZNBVVjFPsUuHlyfVIkiKrz_ORLe2P5qwrfU1JRQ" 113 | _acme-challenge.wikitide.net. TXT "fFNU851qkFO-b_rDokLTOGMhY-0tpbn9mulsAxyLkoo" 114 | --------------------------------------------------------------------------------