Fix bind serials stuck in the past

2 files changed, 6 insertions, 13 deletions

diff --git a/config/dns.nix b/config/dns.nix
index e615651..32d54a5 100644
--- a/config/dns.nix
+++ b/config/dns.nix
@@ -13,6 +13,9 @@ in
 
   services.bind = {
     enable = true;
+    extraOptions = ''
+      serial-update-method unixtime;
+    '';
     extraConfig = ''
       ${lib.concatMapStrings (zone: ''
         zone ${zone} {
@@ -20,6 +23,7 @@ in
           file "/var/run/named/db.${zone}.zone";
           auto-dnssec maintain;
 	  inline-signing yes;
+          sig-validity-interval 21 16;
           key-directory "/opt/secret/bind/${zone}";
           update-policy local;
           allow-query { any; };
@@ -68,7 +72,8 @@ in
 
   systemd.services.bind = {
     preStart = lib.mkAfter ''
-      rm /var/run/named/*.jnl || true
+      #rm /var/run/named/*.jnl || true
+      #rm /var/run/named/*.jbk || true
       cp -f ${zone-files}/* /var/run/named/
     '';
   };
diff --git a/data/dns/db.orbekk.shared.zone b/data/dns/db.orbekk.shared.zone
index 89355d5..c4c7a99 100644
--- a/data/dns/db.orbekk.shared.zone
+++ b/data/dns/db.orbekk.shared.zone
@@ -38,19 +38,7 @@ gw          IN A    74.101.124.248
 dragon      IN AAAA 2001:470:8e2e:20::d
 dragon      IN A    74.101.124.248
 
-sabaki      IN AAAA 2001:470:8e2e:20:f05b:e3ff:fed9:5817
-sabaki      IN A    74.101.124.248
-
-semeai      IN AAAA 2001:470:8e2e:22:d2bf:9cff:fe45:a6ec
-semeai      IN A    74.101.124.248
-
-shape       IN AAAA 2001:470:8e2e:20:f05b:e3ff:fed9:58f7
-shape       IN A    74.101.124.248
-
-kick        IN AAAA 2001:470:8e2e:20:5457:55ff:fe2e:9572
-
 vpn6        IN AAAA 2001:470:8e2e:22:d2bf:9cff:fe45:a6ec
-test2        IN AAAA 2001:470:8e2e:22:d2bf:9cff:fe45:a6ec
 
 ;; Records for eo@orbekk.no.
 *.dev   IN  A   95.85.62.224