-
-
Notifications
You must be signed in to change notification settings - Fork 661
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for DNSSEC #2938
Add support for DNSSEC #2938
Conversation
Bug in v-add-dns-record Fix A new NS DNSKEY Mix up Don't add " Fix error Fix few typos
Bind need write access to the folder where .db file is stored
Todo list
|
When deleting DNS domain it doesn't delete the keys
Do not update to this branch if your server contains critical domains Install branch: If you are planning to use it under a "single" setup without any "DNS cluster" just enable DNSSEC and run For setting up a DNS Cluster: Run nano /usr/local/hestia/conf/hestia.conf And edit: DNS_CLUSTER_SYSTEM='hestia' to DNS_CLUSTER_SYSTEM='zone' Open /etc/bind/named.options and change the following:
On your slave: Open /etc/bind/named.options and change the following:
Add Now setup the slave as you would normally do. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Testing went properly, couldnt find any bug.
Please note this PR is not stable and should not be used in production
Due the price raises for .ch domain without DNSSEC support it made sense to add support for it.
Please note Syncing "Hestia" API will not get supported due to issues with it.
To enable it change manually edit DNSSEC in /usr/local/hestia/data/user/{user}/dns.conf and set DNSSEC='no' to 'yes' or add "DNSSEC='yes'
Then rebuild it.
See update information on how to enable it in combination with zone transfer below...