doc/dns_config.md

# DNS zone configuration

DNS (domain name system) is a system that converts human-readable addresses
(domain names) into machine-understandable addresses (IP). For your server to be
easily accessible by human beings, and for some services like mail to work
properly, DNS must be configured.

If you're using a nohost.me / noho.st domain, the configuration should be
performed automatically. If you're using your own domain name (e.g. bought via
a registrar), you should manually configure your domain on your registrar's
interface.

## Recommended DNS configuration

YunoHost provides a recommended DNS configuration, available via :
- the webadmin, in Domain > your.domain.tld > DNS configuration ;
- or the command line, `yunohost domain dns-conf your.domain.tld`

For specific needs or specific setups, and if you know what you're doing, you
might want or have to tweak these or add additional ones (e.g. to handle
subdomains).

The recommended configuration typically looks like this :

```bash
#
# Basic ipv4/ipv6 records
#
@ 3600 IN A 111.222.33.44
* 3600 IN A 111.222.33.44

# (If your server is IPv6 capable, there are some AAAA records)
@ 3600 IN AAAA 2222:444:8888:3333:bbbb:5555:3333:1111
* 3600 IN AAAA 2222:444:8888:3333:bbbb:5555:3333:1111

#
# XMPP
#
_xmpp-client._tcp 3600 IN SRV 0 5 5222 your.domain.tld.
_xmpp-server._tcp 3600 IN SRV 0 5 5269 your.domain.tld.
muc 3600 IN CNAME @
pubsub 3600 IN CNAME @
vjud 3600 IN CNAME @

#
# Mail (MX, SPF, DKIM and DMARC)
#
@ 3600 IN MX 10 your.domain.tld.
@ 3600 IN TXT "v=spf1 a mx ip4:111.222.33.44 -all"
mail._domainkey 3600 IN TXT "v=DKIM1; k=rsa; p=someHuuuuuuugeKey"
_dmarc 3600 IN TXT "v=DMARC1; p=none"
```

Though it might be easier to understand it if displayed like this :


| Type    | Name                   | Value                                                 |
| :-----: | :--------------------: | :--------------------------------------------------:  |
|  **A**  |   **@**                |  `111.222.333.444` (your IPv4)                        |
|    A    |   *                    |  `111.222.333.444` (your IPv4)                        |
|  AAAA   |   @                    |  `2222:444:8888:3333:bbbb:5555:3333:1111` (your IPv6) |
|  AAAA   |   *                    |  `2222:444:8888:3333:bbbb:5555:3333:1111` (your IPv6) |
| **SRV** | **_xmpp-client._tcp**  |  `0 5 5222 your.domain.tld.`                          |
| **SRV** | **_xmpp-server._tcp**  |  `0 5 5269 your.domain.tld.`                          |
|  CNAME  |   muc                  |  `@`                                                  |
|  CNAME  |   pubsub               |  `@`                                                  |
|  CNAME  |   vjud                 |  `@`                                                  |
| **MX**  | **@**                  |  `your.domain.tld.`     (and priority: 10)            |
|   TXT   |   @                    |  `"v=spf1 a mx ip4:111.222.33.44 -all"`               |
|   TXT   |  mail._domainkey       |  `"v=DKIM1; k=rsa; p=someHuuuuuuugeKey"`              |
|   TXT   |  _dmarc                |  `"v=DMARC1; p=none"`                                 |

#### A few notes about this table

- Not all these lines are absolutely necessary. For a minimal setup, you only need the records in bold.
- The dot at the end of `your.domain.tld.` is important ;) ;
- `@` corresponds to `your.domain.tld`, and e.g. `muc` corresponds to `muc.your.domain.tld` ;
- These are example values ! See your generated conf for the actual values you should use ;
- We recommend a [TTL](https://en.wikipedia.org/wiki/Time_to_live#DNS_records) of 3600 (1 hour). But you can use something else if you
  know what you're doing ;
- Don't put an IPv6 record if you're not sure IPv6 really works on your server !
  You might have issues with Let's Encrypt if it doesn't.
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`# DNS zone configuration`
Add dns_config.md 2014-06-17 22:11:38 +02:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`DNS (domain name system) is a system that converts human-readable addresses`
			`(domain names) into machine-understandable addresses (IP). For your server to be`
			`easily accessible by human beings, and for some services like mail to work`
			`properly, DNS must be configured.`
Add dns_config.md 2014-06-17 22:11:38 +02:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`If you're using a nohost.me / noho.st domain, the configuration should be`
			`performed automatically. If you're using your own domain name (e.g. bought via`
			`a registrar), you should manually configure your domain on your registrar's`
			`interface.`
Add information in dns section 2017-01-24 23:05:43 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`## Recommended DNS configuration`
Add information in dns section 2017-01-24 23:05:43 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`YunoHost provides a recommended DNS configuration, available via :`
			`- the webadmin, in Domain > your.domain.tld > DNS configuration ;`
			- or the command line, `yunohost domain dns-conf your.domain.tld`
Update dns_config.md 2016-02-15 18:54:04 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`For specific needs or specific setups, and if you know what you're doing, you`
			`might want or have to tweak these or add additional ones (e.g. to handle`
			`subdomains).`
Update dns_config.md 2014-06-17 22:22:15 +02:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`The recommended configuration typically looks like this :`
Update dns_config.md 2014-06-17 22:22:15 +02:00
Update dns_config.md 2016-02-15 18:54:04 +01:00			```bash
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`#`
			`# Basic ipv4/ipv6 records`
			`#`
			`@ 3600 IN A 111.222.33.44`
			`* 3600 IN A 111.222.33.44`
Update dns_config.md 2016-02-16 12:16:24 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`# (If your server is IPv6 capable, there are some AAAA records)`
			`@ 3600 IN AAAA 2222:444:8888:3333:bbbb:5555:3333:1111`
			`* 3600 IN AAAA 2222:444:8888:3333:bbbb:5555:3333:1111`
Update dns_config.md 2014-06-17 22:22:15 +02:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`#`
			`# XMPP`
			`#`
			`_xmpp-client._tcp 3600 IN SRV 0 5 5222 your.domain.tld.`
			`_xmpp-server._tcp 3600 IN SRV 0 5 5269 your.domain.tld.`
			`muc 3600 IN CNAME @`
			`pubsub 3600 IN CNAME @`
			`vjud 3600 IN CNAME @`
Update dns_config.md 2014-06-17 22:29:24 +02:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`#`
			`# Mail (MX, SPF, DKIM and DMARC)`
			`#`
			`@ 3600 IN MX 10 your.domain.tld.`
			`@ 3600 IN TXT "v=spf1 a mx ip4:111.222.33.44 -all"`
			`mail._domainkey 3600 IN TXT "v=DKIM1; k=rsa; p=someHuuuuuuugeKey"`
			`_dmarc 3600 IN TXT "v=DMARC1; p=none"`
			```
Add information in dns section 2017-01-24 23:05:43 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`Though it might be easier to understand it if displayed like this :`
Update dns_config.md Add a note about @ 2014-10-09 10:08:44 +02:00
Update dns_config.md 2016-02-16 12:29:50 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`\| Type \| Name \| Value \|`
			`\| :-----: \| :--------------------: \| :--------------------------------------------------: \|`
			\| A \| @ \| `111.222.333.444` (your IPv4) \|
			\| A \| * \| `111.222.333.444` (your IPv4) \|
			\| AAAA \| @ \| `2222:444:8888:3333:bbbb:5555:3333:1111` (your IPv6) \|
			\| AAAA \| * \| `2222:444:8888:3333:bbbb:5555:3333:1111` (your IPv6) \|
			\| SRV \| _xmpp-client._tcp \| `0 5 5222 your.domain.tld.` \|
			\| SRV \| _xmpp-server._tcp \| `0 5 5269 your.domain.tld.` \|
			\| CNAME \| muc \| `@` \|
			\| CNAME \| pubsub \| `@` \|
			\| CNAME \| vjud \| `@` \|
			\| MX \| @ \| `your.domain.tld.` (and priority: 10) \|
			\| TXT \| @ \| `"v=spf1 a mx ip4:111.222.33.44 -all"` \|
			\| TXT \| mail._domainkey \| `"v=DKIM1; k=rsa; p=someHuuuuuuugeKey"` \|
			\| TXT \| _dmarc \| `"v=DMARC1; p=none"` \|
Update dns_config.md 2014-11-28 20:29:08 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`#### A few notes about this table`
Update dns_config.md 2016-02-16 12:16:24 +01:00
[enh] Rework the DNS config page to be consistent with currently recommended conf in the CLI/webadmin (#595) 2017-11-01 19:23:21 +01:00			`- Not all these lines are absolutely necessary. For a minimal setup, you only need the records in bold.`
			- The dot at the end of `your.domain.tld.` is important ;) ;
			- `@` corresponds to `your.domain.tld`, and e.g. `muc` corresponds to `muc.your.domain.tld` ;
			`- These are example values ! See your generated conf for the actual values you should use ;`
			`- We recommend a [TTL](https://en.wikipedia.org/wiki/Time_to_live#DNS_records) of 3600 (1 hour). But you can use something else if you`
			`know what you're doing ;`
			`- Don't put an IPv6 record if you're not sure IPv6 really works on your server !`
			`You might have issues with Let's Encrypt if it doesn't.`