README
¶
RFC2136 for libdns
This package implements the libdns interfaces for RFC2136.
Authenticating
This package can optionally use TSIG authentication, which uses HMAC to sign the requests with a secret key. Using TSIG authentication is strongly recommended, as otherwise you would be allowing anyone who can access your RFC2136-supporting DNS server to make DNS updates.
Generate a TSIG key
If you are managing your own DNS server, you may use the tsig-keygen command, which comes with bind9, to generate a key that can be used with this provider.
$ keyname=libdns keyfile=libdns.key; tsig-keygen $keyname > $keyfile
This will generate a key with the name libdns with the default algorithm hmac-sha256. The file will look something like this:
key "libdns" {
algorithm hmac-sha256;
secret "rfXPtMx3r1kl0QzpuwBtexbl2pUJesmZc35UcvzGdwE=";
};
You can then configure bind9, if that's your DNS server of choice, to use this key file with the allow-transfer option of the zone configuration.
zone "sub.example.org" {
...
allow-transfer {
key "libdns";
};
allow-update {
key "libdns";
};
...
};
Development
Testing
Run a local dns server (for example bind9).
Set the required environment variables (see provider_test.go).
Do not run the tests against a production server!
Documentation
¶
Overview ¶
Package rfc2136 implements a DNS record management client compatible with the libdns interfaces for rfc2136.
Index ¶
- type Provider
- func (p *Provider) AppendRecords(ctx context.Context, zone string, records []libdns.Record) ([]libdns.Record, error)
- func (p *Provider) DeleteRecords(ctx context.Context, zone string, records []libdns.Record) ([]libdns.Record, error)
- func (p *Provider) GetRecords(ctx context.Context, zone string) ([]libdns.Record, error)
- func (p *Provider) SetRecords(ctx context.Context, zone string, records []libdns.Record) ([]libdns.Record, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Provider ¶
type Provider struct {
// The address of the DNS server which supports RFC2136.
// In the form "host" or "host:port"
Nameserver string `json:"nameserver,omitempty"`
// The algorithm to use for TSIG.
// See https://github.com/miekg/dns/blob/master/tsig.go for available modes.
// The trailing dot is not required.
TSIGAlgorithm string `json:"tsig_algorithm,omitempty"`
// The key name used when generating the key.
TSIGKeyName string `json:"tsig_keyname,omitempty"`
// The secret used to compute the signature.
TSIGSecret string `json:"tsig_secret,omitempty"`
// contains filtered or unexported fields
}
Provider facilitates DNS record manipulation for dns servers implementing rfc2136.
func (*Provider) AppendRecords ¶
func (p *Provider) AppendRecords(ctx context.Context, zone string, records []libdns.Record) ([]libdns.Record, error)
AppendRecords adds records to the zone. It returns the records that were added.
func (*Provider) DeleteRecords ¶
func (p *Provider) DeleteRecords(ctx context.Context, zone string, records []libdns.Record) ([]libdns.Record, error)
DeleteRecords deletes the records from the zone. It returns the records that were deleted.
func (*Provider) GetRecords ¶
GetRecords lists all the records in the zone.
Source Files