fix: adjust TTLs

- increase generated ones - decrease acme one to avoid caching-related failures and retries
ipshipyard · Jan 31, 2025 · 799065b · 799065b
1 parent 80ca56c
commit 799065b
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/acme/reader.go b/acme/reader.go
@@ -17,7 +17,8 @@ type acmeReader struct {
 	Datastore   datastore.Datastore
 }
 
-const ttl = 1 * time.Hour
+// The TTL for the _acme-challenge TXT record is as short as possible, typically 60 seconds or less.
+const ttl = 60 * time.Second
 
 // ServeDNS implements the plugin.Handler interface.
 func (p acmeReader) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {

diff --git a/ipparser/plugin.go b/ipparser/plugin.go
@@ -45,7 +45,9 @@ type ipParser struct {
 	ForgeDomain string
 }
 
-const ttl = 24 * time.Hour
+// The TTL for self-referential ip.peerid.etld A/AAAA records can be as long as possible.
+// We will be increasing this over time, as infrastructure ossifies.
+const ttl = 7 * 24 * time.Hour
 
 // ServeDNS implements the plugin.Handler interface.
 func (p ipParser) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) {

diff --git a/zones/libp2p.direct b/zones/libp2p.direct
@@ -3,7 +3,7 @@ $ORIGIN libp2p.direct.
 
 ;; SOA Records
 @                               86400   IN      SOA     aws1.libp2p.direct. domains.ipshipyard.com. (
-                                                        2025011601  ; serial
+                                                        2025020101  ; serial
                                                         86400       ; refresh
                                                         2400        ; retry
                                                         604800      ; expire
@@ -42,9 +42,6 @@ ns1.libp2p.direct.              86400   IN      AAAA    2604:2dc0:101:100::265
 ns2.libp2p.direct.              86400   IN      A       15.204.28.76
 ns2.libp2p.direct.              86400   IN      AAAA    2604:2dc0:202:200::64e
 
-;; TODO: ns3 was renamed to aws1, fine to remove once we migrate away from ns1 as primary
-ns3.libp2p.direct.              86400   IN      CNAME   aws1.libp2p.direct.
-
 ;; Limit allowed CAs to Let's Encrypt, we discussed feasibility with them and no concerns were raised:
 ;; https://community.letsencrypt.org/t/feedback-on-raising-certificates-per-registered-domain-to-enable-peer-to-peer-networking/223003
 libp2p.direct.                                    86400   IN        CAA     0 issue "letsencrypt.org"