Differences

This shows you the differences between two versions of the page.

--- berkeleylug:digital_resources [2019-03-01T02:50:06+0000]
michael_paoli more information updates (DNS, etc.)
+++ berkeleylug:digital_resources [2019-03-29T07:31:30+0000]
michael_paoli updated DNS for redirector (should be fully effective within an hour)
@@ Line 4: / Line 4: @@
 <file>
 Domains:
-berkeleylug.com (primary) registrant/owner: Jack Deslippe - we'll work to transfer (at least ownership/control) of this
+berkeleylug.com (primary) registrant/owner: Michael Paoli - (transferred 2019-03-04) Registry Expiry Date: 2020-01-20T05:05:36Z
-berkeleylug.org (alternate - redirects(?) to primary - we may let this one expire, etc.)
+berkeleylug.org (alternate - redirects(?) to primary - we may let this one expire, etc. Registry Expiry Date: 2019-05-17T04:39:28) registrant/owner: Michael Paoli - (transferred 2019-03-04)
-Known (and probably all) DNS:
+DNS:
-$ TZ=GMT0 date -Iseconds && (for d in berkeleylug.com. berkeleylug.org.; do for s in '' calendar. docs. mail. sites. '*.' www.; do for t in A AAAA CNAME SOA NS MX TXT SPF ANY; do dig +noall +answer +nottl "$s$d"  "$t"; done; done; done) | grep '^[^        ]*[Bb][Ee][Rr][Kk][Ee][Ll][Ee][Yy][Ll][Uu][Gg]\.' | sort -u
+$ TZ=GMT0 date -Iseconds && (for d in berkeleylug.com. berkeleylug.org.; do NS=$(dig +short "$d" NS | sort -R | head -n 1); n=$(dig +short "$NS" A "$NS" AAAA | sort -R | head -n 1); for s in '' '*.' calendar. docs. mail. sites. temp. www.; do for t in A AAAA CNAME SOA NS MX TXT SPF ANY; do dig @"$n" +norecurse +noall +answer "$s$d" "$t"; done; done; done) | grep '^[^       ]*[Bb][Ee][Rr][Kk][Ee][Ll][Ee][Yy][Ll][Uu][Gg]\.' | sort -u
--03-01T02:38:08+00:00
+-03-29T07:27:36+00:00
-*.berkeleylug.com.      IN      CNAME   berkeleylug.com.
+*.berkeleylug.com.      14400   IN      CNAME   berkeleylug.com.
-berkeleylug.com.        IN      A       192.0.78.24
+berkeleylug.com.        14400   IN      MX      10 aspmx.l.google.com.
-berkeleylug.com.        IN      A       192.0.78.25
+berkeleylug.com.        14400   IN      MX      20 alt1.aspmx.l.google.com.
-berkeleylug.com.        IN      MX      10 aspmx.l.google.com.
+berkeleylug.com.        14400   IN      MX      30 alt2.aspmx.l.google.com.
-berkeleylug.com.        IN      MX      20 alt1.aspmx.l.google.com.
+berkeleylug.com.        14400   IN      MX      40 aspmx2.googlemail.com.
-berkeleylug.com.        IN      MX      30 alt2.aspmx.l.google.com.
+berkeleylug.com.        14400   IN      MX      50 aspmx3.googlemail.com.
-berkeleylug.com.        IN      MX      40 aspmx2.googlemail.com.
+berkeleylug.com.        21600   IN      NS      ns-cloud-a1.googledomains.com.
-berkeleylug.com.        IN      MX      50 aspmx3.googlemail.com.
+berkeleylug.com.        21600   IN      NS      ns-cloud-a2.googledomains.com.
-berkeleylug.com.        IN      NS      ns-cloud-a1.googledomains.com.
+berkeleylug.com.        21600   IN      NS      ns-cloud-a3.googledomains.com.
-berkeleylug.com.        IN      NS      ns-cloud-a2.googledomains.com.
+berkeleylug.com.        21600   IN      NS      ns-cloud-a4.googledomains.com.
-berkeleylug.com.        IN      NS      ns-cloud-a3.googledomains.com.
+berkeleylug.com.        21600   IN      SOA     ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 6 21600 3600 1209600 300
-berkeleylug.com.        IN      NS      ns-cloud-a4.googledomains.com.
+berkeleylug.com.        300     IN      A       192.0.78.24
-berkeleylug.com.        IN      SOA     ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 1209600 300
+berkeleylug.com.        300     IN      A       192.0.78.25
-berkeleylug.org.        IN      A       216.239.32.21
+berkeleylug.org.        21600   IN      NS      ns-cloud-b1.googledomains.com.
-berkeleylug.org.        IN      A       216.239.34.21
+berkeleylug.org.        21600   IN      NS      ns-cloud-b2.googledomains.com.
-berkeleylug.org.        IN      A       216.239.36.21
+berkeleylug.org.        21600   IN      NS      ns-cloud-b3.googledomains.com.
-berkeleylug.org.        IN      A       216.239.38.21
+berkeleylug.org.        21600   IN      NS      ns-cloud-b4.googledomains.com.
-berkeleylug.org.        IN      AAAA    2001:4860:4802:32::15
+berkeleylug.org.        21600   IN      SOA     ns-cloud-b1.googledomains.com. dns-admin.google.com. 15 21600 3600 1209600 300
-berkeleylug.org.        IN      AAAA    2001:4860:4802:34::15
+berkeleylug.org.        3600    IN      A       198.144.194.238
-berkeleylug.org.        IN      AAAA    2001:4860:4802:36::15
+berkeleylug.org.        3600    IN      AAAA    2001:470:1f05:19e::4
-berkeleylug.org.        IN      AAAA    2001:4860:4802:38::15
+calendar.berkeleylug.com. 3600  IN      CNAME   ghs.googlehosted.com.
-berkeleylug.org.        IN      NS      ns-cloud-b1.googledomains.com.
+docs.berkeleylug.com.   3600    IN      CNAME   ghs.googlehosted.com.
-berkeleylug.org.        IN      NS      ns-cloud-b2.googledomains.com.
+mail.berkeleylug.com.   3600    IN      CNAME   ghs.googlehosted.com.
-berkeleylug.org.        IN      NS      ns-cloud-b3.googledomains.com.
+sites.berkeleylug.com.  3600    IN      CNAME   ghs.googlehosted.com.
-berkeleylug.org.        IN      NS      ns-cloud-b4.googledomains.com.
+temp.berkeleylug.com.   300     IN      A       198.144.194.238
-berkeleylug.org.        IN      SOA     ns-cloud-b1.googledomains.com. dns-admin.google.com. 7 21600 3600 1209600 300
+temp.berkeleylug.com.   300     IN      AAAA    2001:470:1f05:19e::4
-calendar.berkeleylug.com. IN    CNAME   ghs.googlehosted.com.
+www.berkeleylug.com.    14400   IN      CNAME   berkeleylug.com.
-docs.berkeleylug.com.   IN      CNAME   ghs.googlehosted.com.
+www.berkeleylug.org.    3600    IN      A       198.144.194.238
-mail.berkeleylug.com.   IN      CNAME   ghs.googlehosted.com.
+www.berkeleylug.org.    3600    IN      AAAA    2001:470:1f05:19e::4
-sites.berkeleylug.com.  IN      CNAME   ghs.googlehosted.com.
-www.berkeleylug.com.    IN      CNAME   berkeleylug.com.
-www.berkeleylug.org.    IN      CNAME   ghs.googlehosted.com.
 $
 .org not primary:
-$ curl -I http://berkeleylug.org/ 2>&1 | grep -e '^HTTP/' -e '^Location: ' -e '^curl:'
+$ curl -s -I http://berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p'
-HTTP/1.1 302 Found
+HTTP/1.1 301 Moved Permanently
-Location: http://berkeleylug.com
+Location: http://berkeleylug.com/
-$ curl -I http://www.berkeleylug.org/ 2>&1 | grep -e '^HTTP/' -e '^Location: ' -e '^curl:'
+$ curl -s -I http://www.berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p'
-HTTP/1.1 302 Found
+HTTP/1.1 301 Moved Permanently
-Location: http://berkeleylug.com
+Location: http://berkeleylug.com/
-$ curl -I https://berkeleylug.org/ 2>&1 | grep -e '^HTTP/' -e '^Location: ' -e '^curl:'
+$ curl -s -I https://berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p'
-curl: (35) Unknown SSL protocol error in connection to berkeleylug.org:443
+HTTP/2 301
-$ curl -I https://www.berkeleylug.org/ 2>&1 | grep -e '^HTTP/' -e '^Location: ' -e '^curl:'
+location: http://berkeleylug.com/
-curl: (35) Unknown SSL protocol error in connection to www.berkeleylug.org:443
+$ curl -s -I https://www.berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p'
+HTTP/2 301
+location: http://berkeleylug.com/
+$
+@berkeleylug.org does not accept email (no MX, A/AAAA times out on TCP port 25 even from known good email sender IP)
+------------------------------------------------------------------------
+[www.]berkeleylug.org - set up redirector - but still need to repoint DNS:
+$ (for protocol_port in 'http 80' 'https 443'; do set -- $protocol_port; protocol="$1"; port="$2"; for host in www.berkeleylug.org berkeleylug.org; do for path in '' / /// /foo/bar/baz; do t="$protocol://$host$path"; echo "$t"; curl -s -I --resolve "$host":"$port":198.144.194.238 "$t" | grep -e '^HTTP/' -e '^Location: '; done; done done)
+http://www.berkeleylug.org
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+http://www.berkeleylug.org/
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+http://www.berkeleylug.org///
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+http://www.berkeleylug.org/foo/bar/baz
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/foo/bar/baz
+http://berkeleylug.org
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+http://berkeleylug.org/
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+http://berkeleylug.org///
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+http://berkeleylug.org/foo/bar/baz
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/foo/bar/baz
+https://www.berkeleylug.org
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+https://www.berkeleylug.org/
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+https://www.berkeleylug.org///
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+https://www.berkeleylug.org/foo/bar/baz
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/foo/bar/baz
+https://berkeleylug.org
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+https://berkeleylug.org/
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+https://berkeleylug.org///
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/
+https://berkeleylug.org/foo/bar/baz
+HTTP/1.1 301 Moved Permanently
+Location: https://berkeleylug.com/foo/bar/baz
 $
+------------------------------------------------------------------------
 canonical/primary is: https://berkeleylug.com/
@@ Line 71: / Line 125: @@
 $
+TLS(/"SSL") - Web - handful of (separate) Web certs only*:
+$ nmap -Pn -r -sT -p 443 --script=ssl-cert berkeleylug.com calendar.berkeleylug.com docs.berkeleylug.com mail.berkeleylug.com sites.berkeleylug.com www.berkeleylug.com berkeleylug.org www.berkeleylug.org | perl -e 'while(<>){print if /Not valid after: /o; if(/^\| Subject Alternative Name: /){chomp; s/DNS:(?:(?i)(?![^, ]*berkeleylug\.))[^, ]+(?:, |$)//go; s/, ?$//o; print "$_\n";};};'
+| Subject Alternative Name: DNS:berkeleylug.com
+| Not valid after:  2019-04-28T02:29:40
+| Subject Alternative Name: DNS:www.berkeleylug.com
+| Not valid after:  2019-06-01T14:37:18
+| Subject Alternative Name: DNS:berkeleylug.org
+| Not valid after:  2019-06-03T05:26:39
+| Subject Alternative Name: DNS:www.berkeleylug.org
+| Not valid after:  2019-06-03T05:22:56
+$
+*ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG
-IRC: freenode.net:6697 #berkeleylug ChanServ: grantbow (Grant Bowman)
+########################################################################
+various bits to test on temp.berkeleylug.com - to presumably later be
+berkeleylug.com
+Created key and obtained (non-Google) CA signed cert also covering:
+*.berkeleylug.com,berkeleylug.com,*.berkeleylug.org,berkeleylug.org expires: 2019-06-07T02:07:58Z
+$ dig +noall +answer +nottl temp.berkeleylug.com. A temp.berkeleylug.com. AAAA
+temp.berkeleylug.com.   IN      A       198.144.194.238
+temp.berkeleylug.com.   IN      AAAA    2001:470:1f05:19e::4
+$ </dev/null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:25 2>>/dev/null | sed -ne '/^-----BEGIN CERTIFICATE-----$/,/^-----END CERTIFICATE-----$/p' | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/{N;p;q;}'
+            Not After : May 22 11:41:24 2019 GMT
+            X509v3 Subject Alternative Name:
+                DNS:*.balug.org, DNS:*.lists.balug.org, DNS:balug.org
+$
+... install the newer cert for SMTP (will likely end up needed for at
+least postmaster@berkeleylug.com, for WordPress site to, e.g. send
+user password resets, etc.
+# pwd -P
+/etc/exim4/eximconfig/config
+# ls -ld tls_c*.pem
+lrwxrwxrwx 1 root root 53 Sep 17  2017 tls_certificate_private.pem -> ../../../letsencrypt/live/lists.balug.org/privkey.pem
+lrwxrwxrwx 1 root root 55 Sep 17  2017 tls_certificate_public.pem -> ../../../letsencrypt/live/lists.balug.org/fullchain.pem
+# ln -sf ../../../letsencrypt/live/berkeleylug.com/privkey.pem tls_certificate_private.pem
+# ln -sf ../../../letsencrypt/live/berkeleylug.com/fullchain.pem tls_certificate_public.pem
+# ls -lLd tls_c*.pem
+-r--r----- 1 root Debian-exim 3272 Mar  8 19:03 tls_certificate_private.pem
+-r--r--r-- 1 root root        4033 Mar  8 19:08 tls_certificate_public.pem
+# systemctl reload exim4.service
+#
+$ </dev/null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:25 2>>/dev/null | sed -ne '/^-----BEGIN CERTIFICATE-----$/,/^-----END CERTIFICATE-----$/p' | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/{N;p;q;}'
+            Not After : Jun  7 02:07:58 2019 GMT
+            X509v3 Subject Alternative Name:
+                DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org
+$
+########################################################################
+robots.txt:
+$ TZ=GMT0 date -Iseconds && curl -s https://berkeleylug.com/robots.txt
+-03-05T15:54:12+00:00
+# If you are regularly crawling WordPress.com sites, please use our firehose to receive real-time push updates instead.
+# Please see https://developer.wordpress.com/docs/firehose/ for more details.
+Sitemap: https://berkeleylug.com/sitemap.xml
+Sitemap: https://berkeleylug.com/news-sitemap.xml
+User-agent: *
+Disallow: /wp-admin/
+Allow: /wp-admin/admin-ajax.php
+Disallow: /wp-login.php
+Disallow: /wp-signup.php
+Disallow: /press-this.php
+Disallow: /remote-login.php
+Disallow: /activate/
+Disallow: /cgi-bin/
+Disallow: /mshots/v1/
+Disallow: /next/
+Disallow: /public.api/
+# This file was generated on Mon, 19 Nov 2018 07:12:09 +0000
+$
 web site managed via: http://berkeleylug.wordpress.com/
@@ Line 80: / Line 205: @@
 Whereas the free tier doesn't include those "features"
 See: https://wordpress.com/pricing/
-export/import, see: https://move.wordpress.com/exportimport-content/
+export/import, see: https://move.wordpress.com/exportimport-content/ (2019-02-28 - Michael Paoli verified his access to export, and exported and saved (backup!))
 "List" / Google Group: https://groups.google.com/forum/#!forum/berkeleylug
-Owners: Jack Deslippe, admin@berkeleylug.com
+Owners: Jack Deslippe, admin@berkeleylug.com, Michael Paoli, Aaron Cohen, Grant Bowman (@gmail.com)
-Managers: Grant Bowman, Michael Paoli
+Managers: Grant Bowman (@berkeleylug.com)
-@berkeleylug.com email 8-O
+IRC: freenode.net:6697 #berkeleylug ChanServ: grantbow (Grant Bowman)
-$ dig +noall +answer +nottl berkeleylug.com. MX
-berkeleylug.com.        IN      MX      10 aspmx.l.google.com.
-berkeleylug.com.        IN      MX      20 alt1.aspmx.l.google.com.
-berkeleylug.com.        IN      MX      30 alt2.aspmx.l.google.com.
-berkeleylug.com.        IN      MX      50 aspmx3.googlemail.com.
-berkeleylug.com.        IN      MX      40 aspmx2.googlemail.com.
-$
 BerkeleyLUG calendar on Google calendars:

BALUG Wiki

User Tools

Site Tools

Differences

Page Tools