zdns -- DNS zones creator helper

This is very simple zsh-based helper functions to create DNS zones.
Many things are hardcoded there. Basically you just write ordinary
zsh script, sourcing the rc.zsh, containing various helper functions.
It expects DOMAIN variable to be set.

* fqdn(domain) -- prints fully-qualified domain name, taking either
  "domain.", or "@", or "subdomain" names
* shortened(domain) -- prints $DOMAIN-relative shortened name, printing
  only subdomain parts or "@"
* zone_start(serial) -- prints SOA record with two predefined (hardcoded)
  nameservers and none DMARC policy
* add_mx(domain) -- add predefined MX records for given domain, with
  predefined redirect-based SPF policy
* add_dane(domain) -- add DANE records for given domain. You have to
  have tls/ subdirectory, containing zeasypki's state
  (http://www.git.stargrave.org/?p=zeasypki.git;a=blob;f=README)
  It looks in each CA's subdirectory if keypair exists for the domain,
  printing necessary CAA and TLSA records
* add_ssh(domain) -- searches for corresponding public key in ssh/
  subdirectory and (if it exists) prints corresponding SSHFP record
* add_subdomain(domain, addresses) -- adds specified domain with
  provided space-separated addresses. It automatically calls add_dane
  and add_ssh helpers. Unless $NOSPF=1 is specified, it prints "-all"
  SPF policy. If $Y=1 is specified, then it adds "y.domain" address with
  predefined $Y6 address and "-all" SPF policy
* add_pgp(keyid, uid) -- prints _openpgpkey DANE record for given
  OpenPGP key of desired UID. "uid" is optional and useful only if your
  key have got multiple UIDs and you need to add only the single
  specified one

To omit burden of sourcing rc.zsh, setting $DOMAIN and rebuilding zones
after its change, there is default.zone.do redo (http://cr.yp.to/redo.html)
target, expecting your script in $domain.zsh file.

For example the zone for nncpgo.org domain with mail-capabilities, WWW
subdomain (available via Yggdrasil network), OpenPGP DANE key,
openpgp-subdomain for WKD and necessary DANE/SSH records could be
created the following way:

    $ ln -fs /path/to/zeasypki/state tls
    $ [[ -d tls/ee/ecdsa/ca.cypherpunks.ru/openpgpkey.nncpgo.org ]]
    $ [[ -d tls/ee/gost/cagost.cypherpunks.ru/openpgpkey.nncpgo.org ]]
    $ [[ -d tls/ee/ecdsa/ca.cypherpunks.ru/www.nncpgo.org ]]
    $ [[ -d tls/ee/gost/cagost.cypherpunks.ru/www.nncpgo.org ]]

    $ mkdir -p ssh
    $ print ssh-ed25519 AAAA... > ssh/www.nncpgo.org

    $ cat > nncpgo.org.zsh <<EOF
    zone_start 2012011633
    add_mx @
    Y=1 add_subdomain www "$GW4 $GW6 $VPS4 $VPS6"
    Y=1 add_subdomain openpgpkey "$GW4 $GW6"
    add_pgp releases@nncpgo.org
    EOF

    $ redo nncpgo.org.zone

It will produce:

    $TTL 21600
    $ORIGIN nncpgo.org.
    nncpgo.org. 21600 IN SOA uz5....ns7.stargrave.org. admin.nncpgo.org. (
        2012011633 ; Serial
        12h ; Refresh
        2h ; Retry
        2w ; Expire
        6h ; TTL
    )
    @ NS uz5....ns7.stargrave.org.
    @ NS uz5....ns5.stargrave.org.
    _dmarc TXT "v=DMARC1; p=none"
    @ MX 10 mailfake0.stargrave.org.
    @ MX 20 mail2.stargrave.org.
    @ MX 30 mailfake1.stargrave.org.
    @ TXT "v=spf1 redirect=_spf.stargrave.org"
    www A 91.211.5.21
    www AAAA 2a03:e2c0:2663:1::1
    www A 45.10.110.72
    www AAAA 2a04:ac00:a:146::25
    www CAA 0 issue "ca.cypherpunks.ru"
    _443._tcp.www TLSA 3 1 1 0a77...d187
    www CAA 0 issue "cagost.cypherpunks.ru"
    _443._tcp.www TLSA 3 1 1 9b98...7b3a
    www TXT "v=spf1 -all"
    y.www AAAA 21a:af91:8d0e:b05:9645:e4e9:12be:3c39
    y.www TXT "v=spf1 -all"
    openpgpkey A 91.211.5.21
    openpgpkey AAAA 2a03:e2c0:2663:1::1
    openpgpkey CAA 0 issue "ca.cypherpunks.ru"
    _443._tcp.openpgpkey TLSA 3 1 1 ddf4...e89c
    openpgpkey CAA 0 issue "cagost.cypherpunks.ru"
    _443._tcp.openpgpkey TLSA 3 1 1 2075...7c3d
    openpgpkey TXT "v=spf1 -all"
    y.openpgpkey AAAA 21a:af91:8d0e:b05:9645:e4e9:12be:3c39
    y.openpgpkey TXT "v=spf1 -all"
    ; NNCP releases <releases@nncpgo.org>
    2019...15ac._openpgpkey TYPE61 \# 655 (...)