01/01: hydra: dns: Fix CAA records for guix.gnu.org.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: hydra: dns: Fix CAA records for guix.gnu.org.

From:	Chris Marusich
Subject:	01/01: hydra: dns: Fix CAA records for guix.gnu.org.
Date:	Sun, 21 Jul 2019 18:06:49 -0400 (EDT)

marusich pushed a commit to branch master
in repository maintenance.

commit 6ed1571c76f834ec03ed6c4a74b5a809f8ef813d
Author: Chris Marusich <address@hidden>
Date:   Sun Jul 21 15:00:56 2019 -0700

    hydra: dns: Fix CAA records for guix.gnu.org.
    
    Before this change, we could not renew our letsencrypt certificates.
    After this change, we should be able to renew them again.
    
    Reported by nckx and Ricardo Wurmus <address@hidden>.
    
    * hydra/modules/sysadmin/dns.scm (guix.gnu.org.zone) <@>: Replace the
    string "letsencrypt" with "letsencrypt.org".
    (guix.gnu.org-zone): Increase the zone's serial to 2019072122.
---
 hydra/modules/sysadmin/dns.scm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/hydra/modules/sysadmin/dns.scm b/hydra/modules/sysadmin/dns.scm
index 95a677b..05774f0 100644
--- a/hydra/modules/sysadmin/dns.scm
+++ b/hydra/modules/sysadmin/dns.scm
@@ -68,7 +68,7 @@
   ;; The gnu.org domain defines a CAA record which only includes
   ;; letsencrypt.  To allow Amazon ACM to create a TLS certificate for
   ;; ci.guix.gnu.org, we need to override this for our zone.
-  ("@"        ""  "IN"  "CAA"    "0 issue \"letsencrypt\"")
+  ("@"        ""  "IN"  "CAA"    "0 issue \"letsencrypt.org\"")
   ;; The ACM docs suggest any one of these records may be sufficient,
   ;; but to avoid any possibility of problems, let's include all four.
   ("@"        ""  "IN"  "CAA"    "0 issue \"amazon.com\"")
@@ -76,7 +76,7 @@
   ("@"        ""  "IN"  "CAA"    "0 issue \"awstrust.com\"")
   ("@"        ""  "IN"  "CAA"    "0 issue \"amazonaws.com\"")
   ;; We might want to create wildcard certificates in the future.
-  ("@"        ""  "IN"  "CAA"    "0 issuewild \"letsencrypt\"")
+  ("@"        ""  "IN"  "CAA"    "0 issuewild \"letsencrypt.org\"")
   ("@"        ""  "IN"  "CAA"    "0 issuewild \"amazon.com\"")
   ("@"        ""  "IN"  "CAA"    "0 issuewild \"amazontrust.com\"")
   ("@"        ""  "IN"  "CAA"    "0 issuewild \"awstrust.com\"")
@@ -106,4 +106,4 @@
     (zone (zone-file
             (origin "guix.gnu.org")
             (entries guix.gnu.org.zone)
-            (serial 2019061100)))))
+            (serial 2019072122)))))

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (f0cdfb8 -> 6ed1571), Chris Marusich, 2019/07/21
- 01/01: hydra: dns: Fix CAA records for guix.gnu.org., Chris Marusich <=

Prev by Date: branch master updated (f0cdfb8 -> 6ed1571)
Next by Date: 01/01: gnu: libreoffice: Fix xdg-open absolute paths.
Previous by thread: branch master updated (f0cdfb8 -> 6ed1571)
Next by thread: branch master updated (d1e766e -> afb986e)
Index(es):
- Date
- Thread