seiso.moe
1# onis
2
3decentralized dns over atproto :3
4
5[pdsls](https://pdsls.dev) is the easiest way to manage your records currently.
6
7needed:
8- atproto account
9- domain
10- access to the domain's current NS settings
11
12## 1. declare your zone
13
14create a `systems.kiri.zone` record on your PDS:
15
16```json
17{
18 "$type": "systems.kiri.zone",
19 "domain": "example.com"
20}
21```
22
23## 2. set up verification
24
25onis needs to confirm you actually control the domain two things are checked:
26
27**a) NS delegation**
28
29```
30ns1.kiri.systems
31ns2.kiri.systems
32```
33
34if you are running this yourself it should match your `expected_ns` config
35
36**b) TXT ownership proof**
37
38```
39_onis-verify.example.com. TXT "did:plc:your-did-here"
40```
41
42once both of these are passing your domain is verified :D
43
44## 3. publish dns records
45
46you will also need to copy the TXT `_onis-verify.example.com` verification check to a `systems.kiri.dns#txtRecord` as well.
47
48**A record:**
49
50```json
51{
52 "$type": "systems.kiri.dns",
53 "domain": "example.com",
54 "ttl": 300,
55 "record": {
56 "$type": "systems.kiri.dns#aRecord",
57 "address": "93.184.216.34"
58 }
59}
60```
61
62**AAAA record:**
63
64```json
65{
66 "$type": "systems.kiri.dns",
67 "domain": "example.com",
68 "ttl": 300,
69 "record": {
70 "$type": "systems.kiri.dns#aaaaRecord",
71 "address": "2001:db8::1"
72 }
73}
74```
75
76**CNAME record:**
77
78```json
79{
80 "$type": "systems.kiri.dns",
81 "domain": "www.example.com",
82 "ttl": 300,
83 "record": {
84 "$type": "systems.kiri.dns#cnameRecord",
85 "cname": "example.com"
86 }
87}
88```
89
90**MX record:**
91
92```json
93{
94 "$type": "systems.kiri.dns",
95 "domain": "example.com",
96 "ttl": 300,
97 "record": {
98 "$type": "systems.kiri.dns#mxRecord",
99 "preference": 10,
100 "exchange": "mail.example.com"
101 }
102}
103```
104
105**TXT record:**
106
107```json
108{
109 "$type": "systems.kiri.dns",
110 "domain": "example.com",
111 "ttl": 300,
112 "record": {
113 "$type": "systems.kiri.dns#txtRecord",
114 "values": ["v=spf1 include:example.com ~all"]
115 }
116}
117```
118
119**SRV record:**
120
121```json
122{
123 "$type": "systems.kiri.dns",
124 "domain": "_sip._tcp.example.com",
125 "ttl": 300,
126 "record": {
127 "$type": "systems.kiri.dns#srvRecord",
128 "priority": 10,
129 "weight": 60,
130 "port": 5060,
131 "target": "sip.example.com"
132 }
133}
134```
135
136`ttl` is optional on all records — if you leave it out, the zone's SOA minimum is used (default 300s).
137*WARNING* => on ns1.kiri.systems and ns2.kiri.systems this is a floor of 60 seconds.
138
139## full example
140
141Here's what a real setup looks like. User `did:plc:adtzorbhmmjbzxsl2y4vqlqs` setting up `blu.red`:
142
143
144**zone declaration** (`systems.kiri.zone` collection):
145https://pds.ls/at://did:plc:adtzorbhmmjbzxsl2y4vqlqs/systems.kiri.zone/3mdr6rm2trm2y
146
147```json
148{
149 "$type": "systems.kiri.zone",
150 "domain": "blu.red"
151}
152```
153
154
155**verification TXT** (`systems.kiri.dns` collection):
156https://pds.ls/at://did:plc:adtzorbhmmjbzxsl2y4vqlqs/systems.kiri.dns/3mdt7enp5nu2y
157
158```json
159{
160 "$type": "systems.kiri.dns",
161 "domain": "_onis-verify.blu.red",
162 "record": {
163 "$type": "systems.kiri.dns#txtRecord",
164 "values": [
165 "did:plc:adtzorbhmmjbzxsl2y4vqlqs"
166 ]
167 }
168}
169```
170## License
171
172MIT