> On 1. Mar 2020, at 21:13, Brian Candler <b.cand...@pobox.com> wrote:
>
> Depends on what your letsencrypt software uses. I use the bind backend with
> DDNS updates, with dehydrated. There are some sample challenge hooks for
> dehydrated here <https://github.com/dehydrated-io/dehydrated/wiki>, and I see
> all your options covered:
> One which uses DDNS updates:
> https://github.com/dehydrated-io/dehydrated/wiki/example-dns-01-nsupdate-script
>
> <https://github.com/dehydrated-io/dehydrated/wiki/example-dns-01-nsupdate-script>
> One which uses the API: https://github.com/silkeh/pdns_api.sh
> <https://github.com/silkeh/pdns_api.sh>
> One which uses mysql updates:
> https://github.com/antoiner77/dehyrated-pdns/blob/master/pdns.sh
> <https://github.com/antoiner77/dehyrated-pdns/blob/master/pdns.sh>Thanks -
> that is a good hint to look at dehydrated - I was vaguely aware of the
> project, but haven't installed it since I scripted certbot. So from your
> response I gather it is just a matter of preference, there are no real
> drawbacks. So I will reseach the ddns updates further, since that is, what I
> already implemented and it saves me from enabling the HTTP API, which would
> increase complexity...
> To minimise the number of moving parts, I'd start by seeing if LUA records
> can do what you want:
> https://doc.powerdns.com/authoritative/lua-records/index.html
> <https://doc.powerdns.com/authoritative/lua-records/index.html>I missed that
> part of the documentation or better skipped it, because I have no experience
> with LUA, But if that gets me around running a backend, I'll look deeper into
> that.
> There are existing functions for working with dynamic forward and reverse:
>
> https://doc.powerdns.com/authoritative/lua-records/functions.html#reverse-dns-functions
>
> <https://doc.powerdns.com/authoritative/lua-records/functions.html#reverse-dns-functions>
> The documentation says that createReverse with %5% will support the A-B-C-D
> format you want; but createForward doesn't. Confusingly, there is a comment
> in the code
> <https://github.com/PowerDNS/pdns/blob/master/pdns/lua-record.cc#L612> which
> says it does:
>
> if(parts.size()==1) {
> // either hex string, or 12-13-14-15
> // cout<<parts[0]<<endl;
> unsigned int x1, x2, x3, x4;
> if(sscanf(parts[0].c_str()+2, "%02x%02x%02x%02x", &x1, &x2, &x3,
> &x4)==4) {
> return
> std::to_string(x1)+"."+std::to_string(x2)+"."+std::to_string(x3)+"."+std::to_string(x4);
> }
>
>
> }
> return std::string("0.0.0.0");
> });
>
> ... but I can't see anything in the code which actually parses this format.
> So either this is an oversight in the code, or the comment is wrong. It
> looks like it would be a pretty straightforward feature to add.
>
> If there's no way round this, then you can use the full LUA backend instead:
> https://doc.powerdns.com/authoritative/backends/lua2.html
> <https://doc.powerdns.com/authoritative/backends/lua2.html>
Nice! thanks for the pointer, Brian!
Michael.
--
Michael Rommel, Erlangen, Germany
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users