berkeleylug:digital_resources
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
berkeleylug:digital_resources [2019-03-09T03:29:41+0000] michael_paoli obtained new cert |
berkeleylug:digital_resources [2019-03-15T12:24:11+0000] michael_paoli more work on "local" hosting of [temp.]berkeleylug.com |
||
|---|---|---|---|
| Line 7: | Line 7: | ||
| berkeleylug.org (alternate - redirects(?) to primary - we may let this one expire, etc. Registry Expiry Date: 2019-05-17T04:39:28) registrant/owner: Michael Paoli - (transferred 2019-03-04) | berkeleylug.org (alternate - redirects(?) to primary - we may let this one expire, etc. Registry Expiry Date: 2019-05-17T04:39:28) registrant/owner: Michael Paoli - (transferred 2019-03-04) | ||
| - | Known (and probably all) DNS: | + | DNS: |
| - | $ TZ=GMT0 date -Iseconds && (for d in berkeleylug.com. berkeleylug.org.; do NS=$(dig +short "$d" NS | sort -R | head -n 1); n=$(dig +short "$NS" A "$NS" AAAA | sort -R | head -n 1); for s in '' calendar. docs. mail. sites. '*.' www.; do for t in A AAAA CNAME SOA NS MX TXT SPF ANY; do dig @"$n" +norecurse +noall +answer "$s$d" "$t"; done; done; done) | grep '^[^ ]*[Bb][Ee][Rr][Kk][Ee][Ll][Ee][Yy][Ll][Uu][Gg]\.' | sort -u | + | $ TZ=GMT0 date -Iseconds && (for d in berkeleylug.com. berkeleylug.org.; do NS=$(dig +short "$d" NS | sort -R | head -n 1); n=$(dig +short "$NS" A "$NS" AAAA | sort -R | head -n 1); for s in '' '*.' calendar. docs. mail. sites. temp. www.; do for t in A AAAA CNAME SOA NS MX TXT SPF ANY; do dig @"$n" +norecurse +noall +answer "$s$d" "$t"; done; done; done) | grep '^[^ ]*[Bb][Ee][Rr][Kk][Ee][Ll][Ee][Yy][Ll][Uu][Gg]\.' | sort -u |
| - | 2019-03-01T04:45:46+00:00 | + | 2019-03-09T21:15:20+00:00 |
| *.berkeleylug.com. 14400 IN CNAME berkeleylug.com. | *.berkeleylug.com. 14400 IN CNAME berkeleylug.com. | ||
| berkeleylug.com. 14400 IN MX 10 aspmx.l.google.com. | berkeleylug.com. 14400 IN MX 10 aspmx.l.google.com. | ||
| Line 20: | Line 20: | ||
| berkeleylug.com. 21600 IN NS ns-cloud-a3.googledomains.com. | berkeleylug.com. 21600 IN NS ns-cloud-a3.googledomains.com. | ||
| berkeleylug.com. 21600 IN NS ns-cloud-a4.googledomains.com. | berkeleylug.com. 21600 IN NS ns-cloud-a4.googledomains.com. | ||
| - | berkeleylug.com. 21600 IN SOA ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 1209600 300 | + | berkeleylug.com. 21600 IN SOA ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 6 21600 3600 1209600 300 |
| berkeleylug.com. 300 IN A 192.0.78.24 | berkeleylug.com. 300 IN A 192.0.78.24 | ||
| berkeleylug.com. 300 IN A 192.0.78.25 | berkeleylug.com. 300 IN A 192.0.78.25 | ||
| Line 27: | Line 27: | ||
| berkeleylug.org. 21600 IN NS ns-cloud-b3.googledomains.com. | berkeleylug.org. 21600 IN NS ns-cloud-b3.googledomains.com. | ||
| berkeleylug.org. 21600 IN NS ns-cloud-b4.googledomains.com. | berkeleylug.org. 21600 IN NS ns-cloud-b4.googledomains.com. | ||
| - | berkeleylug.org. 21600 IN SOA ns-cloud-b1.googledomains.com. dns-admin.google.com. 7 21600 3600 1209600 300 | + | berkeleylug.org. 21600 IN SOA ns-cloud-b1.googledomains.com. dns-admin.google.com. 10 21600 3600 1209600 300 |
| berkeleylug.org. 3600 IN A 216.239.32.21 | berkeleylug.org. 3600 IN A 216.239.32.21 | ||
| berkeleylug.org. 3600 IN A 216.239.34.21 | berkeleylug.org. 3600 IN A 216.239.34.21 | ||
| Line 40: | Line 40: | ||
| mail.berkeleylug.com. 3600 IN CNAME ghs.googlehosted.com. | mail.berkeleylug.com. 3600 IN CNAME ghs.googlehosted.com. | ||
| sites.berkeleylug.com. 3600 IN CNAME ghs.googlehosted.com. | sites.berkeleylug.com. 3600 IN CNAME ghs.googlehosted.com. | ||
| + | temp.berkeleylug.com. 300 IN A 198.144.194.238 | ||
| + | temp.berkeleylug.com. 300 IN AAAA 2001:470:1f05:19e::4 | ||
| www.berkeleylug.com. 14400 IN CNAME berkeleylug.com. | www.berkeleylug.com. 14400 IN CNAME berkeleylug.com. | ||
| www.berkeleylug.org. 3600 IN CNAME ghs.googlehosted.com. | www.berkeleylug.org. 3600 IN CNAME ghs.googlehosted.com. | ||
| Line 87: | Line 89: | ||
| *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG | *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG | ||
| + | ######################################################################## | ||
| + | various bits to test on temp.berkeleylug.com - to presumably later be | ||
| + | berkeleylug.com | ||
| Created key and obtained (non-Google) CA signed cert also covering: | Created key and obtained (non-Google) CA signed cert also covering: | ||
| *.berkeleylug.com,berkeleylug.com,*.berkeleylug.org,berkeleylug.org expires: 2019-06-07T02:07:58Z | *.berkeleylug.com,berkeleylug.com,*.berkeleylug.org,berkeleylug.org expires: 2019-06-07T02:07:58Z | ||
| + | $ dig +noall +answer +nottl temp.berkeleylug.com. A temp.berkeleylug.com. AAAA | ||
| + | temp.berkeleylug.com. IN A 198.144.194.238 | ||
| + | temp.berkeleylug.com. IN AAAA 2001:470:1f05:19e::4 | ||
| + | $ </dev/null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:25 2>>/dev/null | sed -ne '/^-----BEGIN CERTIFICATE-----$/,/^-----END CERTIFICATE-----$/p' | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/{N;p;q;}' | ||
| + | Not After : May 22 11:41:24 2019 GMT | ||
| + | X509v3 Subject Alternative Name: | ||
| + | DNS:*.balug.org, DNS:*.lists.balug.org, DNS:balug.org | ||
| + | $ | ||
| + | ... install the newer cert for SMTP (will likely end up needed for at | ||
| + | least postmaster@berkeleylug.com, for WordPress site to, e.g. send | ||
| + | user password resets, etc. | ||
| + | # pwd -P | ||
| + | /etc/exim4/eximconfig/config | ||
| + | # ls -ld tls_c*.pem | ||
| + | lrwxrwxrwx 1 root root 53 Sep 17 2017 tls_certificate_private.pem -> ../../../letsencrypt/live/lists.balug.org/privkey.pem | ||
| + | lrwxrwxrwx 1 root root 55 Sep 17 2017 tls_certificate_public.pem -> ../../../letsencrypt/live/lists.balug.org/fullchain.pem | ||
| + | # ln -sf ../../../letsencrypt/live/berkeleylug.com/privkey.pem tls_certificate_private.pem | ||
| + | # ln -sf ../../../letsencrypt/live/berkeleylug.com/fullchain.pem tls_certificate_public.pem | ||
| + | # ls -lLd tls_c*.pem | ||
| + | -r--r----- 1 root Debian-exim 3272 Mar 8 19:03 tls_certificate_private.pem | ||
| + | -r--r--r-- 1 root root 4033 Mar 8 19:08 tls_certificate_public.pem | ||
| + | # systemctl reload exim4.service | ||
| + | # | ||
| + | $ </dev/null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:25 2>>/dev/null | sed -ne '/^-----BEGIN CERTIFICATE-----$/,/^-----END CERTIFICATE-----$/p' | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/{N;p;q;}' | ||
| + | Not After : Jun 7 02:07:58 2019 GMT | ||
| + | X509v3 Subject Alternative Name: | ||
| + | DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org | ||
| + | $ | ||
| + | |||
| + | ######################################################################## | ||
| robots.txt: | robots.txt: | ||
berkeleylug/digital_resources.txt · Last modified: 2020-05-18T11:31:53+0000 by michael_paoli
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
