> On 1. Mar 2020, at 21:13, Brian Candler <b.cand...@pobox.com> wrote:
> 
> Depends on what your letsencrypt software uses.   I use the bind backend with 
> DDNS updates, with dehydrated.  There are some sample challenge hooks for 
> dehydrated here <https://github.com/dehydrated-io/dehydrated/wiki>, and I see 
> all your options covered:
> One which uses DDNS updates: 
> https://github.com/dehydrated-io/dehydrated/wiki/example-dns-01-nsupdate-script
>  
> <https://github.com/dehydrated-io/dehydrated/wiki/example-dns-01-nsupdate-script>
> One which uses the API: https://github.com/silkeh/pdns_api.sh 
> <https://github.com/silkeh/pdns_api.sh>
> One which uses mysql updates: 
> https://github.com/antoiner77/dehyrated-pdns/blob/master/pdns.sh 
> <https://github.com/antoiner77/dehyrated-pdns/blob/master/pdns.sh>Thanks - 
> that is a good hint to look at dehydrated - I was vaguely aware of the 
> project, but haven't installed it since I scripted certbot.  So from your 
> response I gather it is just a matter of preference, there are no real 
> drawbacks. So I will reseach the ddns updates further, since that is, what I 
> already implemented and it saves me from enabling the HTTP API, which would 
> increase complexity...

> To minimise the number of moving parts, I'd start by seeing if LUA records 
> can do what you want: 
> https://doc.powerdns.com/authoritative/lua-records/index.html 
> <https://doc.powerdns.com/authoritative/lua-records/index.html>I missed that 
> part of the documentation or better skipped it, because I have no experience 
> with LUA, But if that gets me around running a backend, I'll look deeper into 
> that.

> There are existing functions for working with dynamic forward and reverse:
> 
> https://doc.powerdns.com/authoritative/lua-records/functions.html#reverse-dns-functions
>  
> <https://doc.powerdns.com/authoritative/lua-records/functions.html#reverse-dns-functions>
> The documentation says that createReverse with %5% will support the A-B-C-D 
> format you want; but createForward doesn't.  Confusingly, there is a comment 
> in the code 
> <https://github.com/PowerDNS/pdns/blob/master/pdns/lua-record.cc#L612> which 
> says it does:
> 
>       if(parts.size()==1) {
>         // either hex string, or 12-13-14-15
>         //        cout<<parts[0]<<endl;
>         unsigned int x1, x2, x3, x4;
>         if(sscanf(parts[0].c_str()+2, "%02x%02x%02x%02x", &x1, &x2, &x3, 
> &x4)==4) {
>           return 
> std::to_string(x1)+"."+std::to_string(x2)+"."+std::to_string(x3)+"."+std::to_string(x4);
>         }
> 
> 
>       }
>       return std::string("0.0.0.0");
>     });
> 
> ... but I can't see anything in the code which actually parses this format.  
> So either this is an oversight in the code, or the comment is wrong.  It 
> looks like it would be a pretty straightforward feature to add.
> 
> If there's no way round this, then you can use the full LUA backend instead: 
> https://doc.powerdns.com/authoritative/backends/lua2.html 
> <https://doc.powerdns.com/authoritative/backends/lua2.html>
Nice! thanks for the pointer, Brian!

  Michael.

-- 
Michael Rommel, Erlangen, Germany
_______________________________________________
Pdns-users mailing list
Pdns-users@mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users

Reply via email to