diff --git a/commands/types/dnscontrol.d.ts b/commands/types/dnscontrol.d.ts index 80254e3ac..e483007fe 100644 --- a/commands/types/dnscontrol.d.ts +++ b/commands/types/dnscontrol.d.ts @@ -375,7 +375,7 @@ declare function CAA(name: string, tag: "issue" | "issuewild" | "iodef", value: * `CF_REDIRECT` uses Cloudflare-specific features ("Forwarding URL" Page Rules) to * generate a HTTP 301 permanent redirect. * - * If _any_ `CF_REDIRECT` or `CF_TEMP_REDIRECT` functions are used then + * If _any_ `CF_REDIRECT` or [`CF_TEMP_REDIRECT`](CF_TEMP_REDIRECT.md) functions are used then * `dnscontrol` will manage _all_ "Forwarding URL" type Page Rules for the domain. * Page Rule types other than "Forwarding URL” will be left alone. * @@ -406,7 +406,7 @@ declare function CF_REDIRECT(source: string, destination: string, ...modifiers: * `CF_TEMP_REDIRECT` uses Cloudflare-specific features ("Forwarding URL" Page * Rules) to generate a HTTP 302 temporary redirect. * - * If _any_ `CF_REDIRECT` or `CF_TEMP_REDIRECT` functions are used then + * If _any_ [`CF_REDIRECT`](CF_REDIRECT.md) or `CF_TEMP_REDIRECT` functions are used then * `dnscontrol` will manage _all_ "Forwarding URL" type Page Rules for the domain. * Page Rule types other than "Forwarding URL” will be left alone. * @@ -709,8 +709,8 @@ declare function MX(name: string, priority: number, target: string, ...modifiers * This takes exactly one argument: the name of the nameserver. It must end with * a "." if it is a FQDN, just like all targets. * - * This is different than the `NS()` function, which inserts NS records - * in the current zone and accepts a label. `NS()` is useful for downward + * This is different than the [`NS()`](NS.md) function, which inserts NS records + * in the current zone and accepts a label. [`NS()`](NS.md) is useful for downward * delegations. `NAMESERVER()` is for informing upstream delegations. * * For more information, refer to [this page](../../nameservers.md). @@ -735,7 +735,7 @@ declare function MX(name: string, priority: number, target: string, ...modifiers * Nameservers are one of the least * understood parts of DNS, so a little extra explanation is required. * - * * `NS()` lets you add an NS record to a zone, just like A() adds an A + * * [`NS()`](NS.md) lets you add an NS record to a zone, just like [`A()`](A.md) adds an A * record to the zone. This is generally used to delegate a subzone. * * * The `NAMESERVER()` directive speaks to the Registrar about how the parent should delegate the zone. @@ -1007,13 +1007,13 @@ declare function NAMESERVER_TTL(ttl: Duration): DomainModifier; declare function NAPTR(subdomain: string, order: number, preference: number, terminalflag: string, service: string, regexp: string, target: string): DomainModifier; /** - * NO_PURGE indicates that records should not be deleted from a domain. + * `NO_PURGE` indicates that records should not be deleted from a domain. * Records will be added and updated, but not removed. * - * NO_PURGE is generally used in very specific situations: + * `NO_PURGE` is generally used in very specific situations: * - * * A domain is managed by some other system and DNSControl is only used to insert a few specific records and/or keep them updated. For example a DNS Zone that is managed by Active Directory, but DNSControl is used to update a few, specific, DNS records. In this case we want to specify the DNS records we are concerned with but not delete all the other records. This is a risky use of NO_PURGE since, if NO_PURGE was removed (or buggy) there is a chance you could delete all the other records in the zone, which could be a disaster. That said, domains with some records updated using Dynamic DNS have no other choice. - * * To work-around a pseudo record type that is not supported by DNSControl. For example some providers have a fake DNS record type called "URL" which creates a redirect. DNSControl normally deletes these records because it doesn't understand them. NO_PURGE will leave those records alone. + * * A domain is managed by some other system and DNSControl is only used to insert a few specific records and/or keep them updated. For example a DNS Zone that is managed by Active Directory, but DNSControl is used to update a few, specific, DNS records. In this case we want to specify the DNS records we are concerned with but not delete all the other records. This is a risky use of `NO_PURGE` since, if `NO_PURGE` was removed (or buggy) there is a chance you could delete all the other records in the zone, which could be a disaster. That said, domains with some records updated using Dynamic DNS have no other choice. + * * To work-around a pseudo record type that is not supported by DNSControl. For example some providers have a fake DNS record type called "URL" which creates a redirect. DNSControl normally deletes these records because it doesn't understand them. `NO_PURGE` will leave those records alone. * * In this example DNSControl will insert "foo.example.com" into the * zone, but otherwise leave the zone alone. Changes to "foo"'s IP @@ -1026,21 +1026,21 @@ declare function NAPTR(subdomain: string, order: number, preference: number, ter * ); * ``` * - * The main caveat of NO_PURGE is that intentionally deleting records - * becomes more difficult. Suppose a NO_PURGE zone has an record such + * The main caveat of `NO_PURGE` is that intentionally deleting records + * becomes more difficult. Suppose a `NO_PURGE` zone has an record such * as A("ken", "1.2.3.4"). Removing the record from dnsconfig.js will * not delete "ken" from the domain. DNSControl has no way of knowing * the record was deleted from the file The DNS record must be removed - * manually. Users of NO_PURGE are prone to finding themselves with + * manually. Users of `NO_PURGE` are prone to finding themselves with * an accumulation of orphaned DNS records. That's easy to fix for a * small zone but can be a big mess for large zones. * - * Not all providers support NO_PURGE. For example the BIND provider + * Not all providers support `NO_PURGE`. For example the BIND provider * rewrites zone files from scratch each time, which precludes supporting - * NO_PURGE. DNSControl will exit with an error if NO_PURGE is used + * `NO_PURGE`. DNSControl will exit with an error if `NO_PURGE` is used * on a driver that does not support it. * - * There is also `PURGE` command for completeness. `PURGE` is the + * There is also [`PURGE`](PURGE.md) command for completeness. [`PURGE`](PURGE.md) is the * default, thus this command is a no-op. * * @see https://dnscontrol.org/js#NO_PURGE @@ -1119,7 +1119,7 @@ declare function NS1_URLFWD(name: string, target: string, ...modifiers: RecordMo * * `PTR('4.3',` // Assuming the domain is `2.1.in-addr.arpa` * * All magic is RFC2317-aware. We use the first format listed in the - * RFC for both `REV()` and `PTR()`. The format is + * RFC for both [`REV()`](../global/REV.md) and `PTR()`. The format is * `FIRST/MASK.C.B.A.in-addr.arpa` where `FIRST` is the first IP address * of the zone, `MASK` is the netmask of the zone (25-31 inclusive), * and A, B, C are the first 3 octets of the IP address. For example @@ -1151,7 +1151,7 @@ declare function NS1_URLFWD(name: string, target: string, ...modifiers: RecordMo * ); * ``` * - * In the future we plan on adding a flag to `A()` which will insert + * In the future we plan on adding a flag to [`A()`](A.md)which will insert * the correct PTR() record if the appropriate `.arpa` domain has been * defined. * @@ -1160,15 +1160,15 @@ declare function NS1_URLFWD(name: string, target: string, ...modifiers: RecordMo declare function PTR(name: string, target: string, ...modifiers: RecordModifier[]): DomainModifier; /** - * PURGE is the default setting for all domains. Therefore PURGE is + * `PURGE` is the default setting for all domains. Therefore `PURGE` is * a no-op. It is included for completeness only. * - * A domain with a mixture of NO_PURGE and PURGE parameters will abide + * A domain with a mixture of `NO_PURGE` and `PURGE` parameters will abide * by the last one. * * These three examples all are equivalent. * - * PURGE is the default: + * `PURGE` is the default: * * ```javascript * D("example.com", .... , @@ -1200,9 +1200,9 @@ declare function PTR(name: string, target: string, ...modifiers: RecordModifier[ declare const PURGE: DomainModifier; /** - * R53_ALIAS is a Route53 specific virtual record type that points a record at either another record or an AWS entity (like a Cloudfront distribution, an ELB, etc...). It is analogous to a CNAME, but is usually resolved at request-time and served as an A record. Unlike CNAMEs, ALIAS records can be used at the zone apex (`@`) + * `R53_ALIAS` is a Route53 specific virtual record type that points a record at either another record or an AWS entity (like a Cloudfront distribution, an ELB, etc...). It is analogous to a `CNAME`, but is usually resolved at request-time and served as an `A` record. Unlike `CNAME` records, `ALIAS` records can be used at the zone apex (`@`) * - * Unlike the regular ALIAS directive, R53_ALIAS is only supported on Route53. Attempting to use R53_ALIAS on another provider than Route53 will result in an error. + * Unlike the regular [`ALIAS`](ALIAS.md) directive, `R53_ALIAS` is only supported on Route53. Attempting to use `R53_ALIAS` on another provider than Route53 will result in an error. * * The name should be the relative label for the domain. * @@ -1211,7 +1211,7 @@ declare const PURGE: DomainModifier; * The Target can be any of: * * * _CloudFront distribution_: in this case specify the domain name that CloudFront assigned when you created your distribution (note that your CloudFront distribution must include an alternate domain name that matches the record you're adding) - * * _Elastic Beanstalk environment_: specify the CNAME attribute for the environment. The environment must have a regionalized domain name. To get the CNAME, you can use either the [AWS Console](http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html), [AWS Elastic Beanstalk API](http://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html), or the [AWS CLI](http://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html). + * * _Elastic Beanstalk environment_: specify the `CNAME` attribute for the environment. The environment must have a regionalized domain name. To get the `CNAME`, you can use either the [AWS Console](http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html), [AWS Elastic Beanstalk API](http://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html), or the [AWS CLI](http://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html). * * _ELB load balancer_: specify the DNS name that is associated with the load balancer. To get the DNS name you can use either the AWS Console (on the EC2 page, choose Load Balancers, select the right one, choose the description tab), [ELB API](http://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html), the [AWS ELB CLI](http://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html), or the [AWS ELBv2 CLI](http://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html). * * _S3 bucket_ (configured as website): specify the domain name of the Amazon S3 website endpoint in which you configured the bucket (for instance s3-website-us-east-2.amazonaws.com). For the available values refer to the [Amazon S3 Website Endpoints](http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region). * * _Another Route53 record_: specify the value of the name of another record in the same hosted zone. @@ -1256,7 +1256,7 @@ declare function R53_ALIAS(name: string, target: string, zone_idModifier: Domain * * The serial number is managed automatically. It isn't even a field in `SOA()`. * * Most providers automatically generate SOA records. They will ignore any `SOA()` statements. * - * There is more info about SOA in the documentation for the [BIND provider](../../providers/bind.md). + * There is more info about `SOA` in the documentation for the [BIND provider](../../providers/bind.md). * * @see https://dnscontrol.org/js#SOA */ @@ -1281,7 +1281,7 @@ declare function SOA(name: string, ns: string, mbox: string, refresh: number, re declare function SRV(name: string, priority: number, weight: number, port: number, target: string, ...modifiers: RecordModifier[]): DomainModifier; /** - * SSHFP contains a fingerprint of a SSH server which can be validated before SSH clients are establishing the connection. + * `SSHFP` contains a fingerprint of a SSH server which can be validated before SSH clients are establishing the connection. * * **Algorithm** (type of the key) * @@ -1312,7 +1312,7 @@ declare function SRV(name: string, priority: number, weight: number, port: numbe declare function SSHFP(name: string, algorithm: 0 | 1 | 2 | 3 | 4, type: 0 | 1 | 2, value: string, ...modifiers: RecordModifier[]): DomainModifier; /** - * TLSA adds a TLSA record to a domain. The name should be the relative label for the record. + * `TLSA` adds a `TLSA` record to a domain. The name should be the relative label for the record. * * Usage, selector, and type are ints. * @@ -1330,7 +1330,7 @@ declare function SSHFP(name: string, algorithm: 0 | 1 | 2 | 3 | 4, type: 0 | 1 | declare function TLSA(name: string, usage: number, selector: number, type: number, certificate: string, ...modifiers: RecordModifier[]): DomainModifier; /** - * TXT adds an TXT record To a domain. The name should be the relative + * `TXT` adds an `TXT` record To a domain. The name should be the relative * label for the record. Use `@` for the domain apex. * * The contents is either a single or multiple strings. To @@ -1364,7 +1364,7 @@ declare function TLSA(name: string, usage: number, selector: number, type: numbe * * ### TXT record edge cases * - * Most providers do not support the full possibilities of what a TXT + * Most providers do not support the full possibilities of what a `TXT` * record can store. DNSControl can not handle all the edge cases * and incompatibles that providers have introduced. Instead, it * stores the string(s) that you provide and passes them to the provider @@ -1372,14 +1372,14 @@ declare function TLSA(name: string, usage: number, selector: number, type: numbe * reject it. This happens early in the processing, long before * the DNSControl talks to the provider's API. * - * The RFCs specify that a TXT record stores one or more strings, + * The RFCs specify that a `TXT` record stores one or more strings, * each is up to 255 octets (bytes) long. We call these individual * strings *chunks*. Each chunk may be zero to 255 octets long. - * There is no limit to the number of chunks in a TXT record, + * There is no limit to the number of chunks in a `TXT` record, * other than IP packet length restrictions. The contents of each chunk * may be octets of value from 0x00 to 0xff. * - * In reality DNS Service Providers (DSPs) place many restrictions on TXT + * In reality DNS Service Providers (DSPs) place many restrictions on `TXT` * records. * * Some DSPs only support a single string of 255 octets or fewer. @@ -1402,7 +1402,7 @@ declare function TLSA(name: string, usage: number, selector: number, type: numbe * * #### How can you tell if a provider will support a particular `TXT()` record? * - * Include the `TXT()` record in a `D()` as usual, along + * Include the `TXT()` record in a [`D()`](../global/D.md) as usual, along * with the `DnsProvider()` for that provider. Run `dnscontrol check` to * see if any errors are produced. The check command does not talk to * the provider's API, thus permitting you to do this without having an @@ -1601,7 +1601,7 @@ declare function DEFAULTS(...modifiers: DomainModifier[]): void; * ); * ``` * - * NOTE: The `NO_PURGE` is used out of abundance of caution but since no + * NOTE: The [`NO_PURGE`](../domain/NO_PURGE.md) is used out of abundance of caution but since no * `DnsProvider()` statements exist, no updates would be performed. * * @see https://dnscontrol.org/js#DOMAIN_ELSEWHERE @@ -1636,7 +1636,7 @@ declare function DOMAIN_ELSEWHERE(name: string, registrar: string, nameserver_na * ); * ``` * - * NOTE: The `NO_PURGE` is used to prevent DNSControl from changing the records. + * NOTE: The [`NO_PURGE`](../domain/NO_PURGE.md) is used to prevent DNSControl from changing the records. * * @see https://dnscontrol.org/js#DOMAIN_ELSEWHERE_AUTO */ @@ -1644,13 +1644,13 @@ declare function DOMAIN_ELSEWHERE_AUTO(name: string, domain: string, registrar: /** * `D_EXTEND` adds records (and metadata) to a domain previously defined - * by `D()`. It can also be used to add subdomain records (and metadata) + * by [`D()`](D.md). It can also be used to add subdomain records (and metadata) * to a previously defined domain. * * The first argument is a domain name. If it exactly matches a - * previously defined domain, `D_EXTEND()` behaves the same as `D()`, + * previously defined domain, `D_EXTEND()` behaves the same as [`D()`](D.md), * simply adding records as if they had been specified in the original - * `D()`. + * [`D()`](D.md). * * If the domain name does not match an existing domain, but could be a * (non-delegated) subdomain of an existing domain, the new records (and @@ -1659,12 +1659,12 @@ declare function DOMAIN_ELSEWHERE_AUTO(name: string, domain: string, registrar: * * Matching the domain name to previously-defined domains is done using a * `longest match` algorithm. If `domain.tld` and `sub.domain.tld` are - * defined as separate domains via separate `D()` statements, then + * defined as separate domains via separate [`D()`](D.md) statements, then * `D_EXTEND('sub.sub.domain.tld', ...)` would match `sub.domain.tld`, * not `domain.tld`. * * Some operators only act on an apex domain (e.g. - * `CF_REDIRECT` and `CF_TEMP_REDIRECT`). Using them + * [`CF_REDIRECT`](../domain/CF_REDIRECT.md) and [`CF_TEMP_REDIRECT`](../domain/CF_TEMP_REDIRECT.md)). Using them * in a `D_EXTEND` subdomain may not be what you expect. * * ```javascript @@ -1716,7 +1716,7 @@ declare function DOMAIN_ELSEWHERE_AUTO(name: string, domain: string, registrar: * sophisticated configurations, but you shouldn't. Be nice to the next * person that edits the file, who may not be as expert as yourself. * Enhance readability by putting any `D_EXTEND()` statements immediately - * after the original `D()`, like in above example. Avoid the temptation + * after the original [`D()`](D.md), like in above example. Avoid the temptation * to obscure the addition of records to existing domains with randomly * placed `D_EXTEND()` statements. Don't build up a domain using loops of * `D_EXTEND()` statements. You'll be glad you didn't. @@ -1842,7 +1842,7 @@ declare function PANIC(message: string): never; * `REV` returns the reverse lookup domain for an IP network. For * example `REV('1.2.3.0/24')` returns `3.2.1.in-addr.arpa.` and * `REV('2001:db8:302::/48)` returns `2.0.3.0.8.b.d.0.1.0.0.2.ip6.arpa.`. - * This is used in `D()` functions to create reverse DNS lookup zones. + * This is used in [`D()`](D.md) functions to create reverse DNS lookup zones. * * This is a convenience function. You could specify `D('3.2.1.in-addr.arpa', * ...` if you like to do things manually but why would you risk making @@ -1881,8 +1881,8 @@ declare function PANIC(message: string): never; * ); * ``` * - * In the future we plan on adding a flag to `A()` which will insert - * the correct PTR() record if the appropriate `D(REV()` domain (i.e. `.arpa` domain) has been + * In the future we plan on adding a flag to [`A()`](../domain/A.md)which will insert + * the correct PTR() record in the appropriate `D(REV())` domain (i.e. `.arpa` domain) has been * defined. * * @see https://dnscontrol.org/js#REV diff --git a/documentation/adding-new-rtypes.md b/documentation/adding-new-rtypes.md index 26cb8c77a..3c25d31db 100644 --- a/documentation/adding-new-rtypes.md +++ b/documentation/adding-new-rtypes.md @@ -106,7 +106,7 @@ example we removed `providers.CanUseCAA` from the Add a function to `pkg/js/helpers.js` for the new record type. This is the JavaScript file that defines `dnsconfig.js`'s functions like -`A()` and `MX()`. Look at the definition of A, MX and CAA for good +[`A()`](functions/domain/A.md) and [`MX()`](functions/domain/MX.md). Look at the definition of `A`, `MX` and `CAA` for good examples to use as a base. Please add the function alphabetically with the others. Also, please run diff --git a/documentation/cli-variables.md b/documentation/cli-variables.md index 00b6c7426..506137754 100644 --- a/documentation/cli-variables.md +++ b/documentation/cli-variables.md @@ -16,11 +16,14 @@ This would set the variable with the name `testKey` and the value of `testValue` The `CLI_DEFAULTS` feature is used to define default values for when a variable is not defined on the command line. +{% code title="dnsconfig.js" %} ```javascript CLI_DEFAULTS({ "variableName": "defaultValue", }); ``` +{% endcode %} + You need to define this defaults just once in your `dnsconfig.js`. It should be defined **before** using it. @@ -35,6 +38,7 @@ In this configuration: * `dnscontrol push` would generate the external (default) view. * `dnscontrol push -v view=internal` would generate the internal view. +{% code title="dnsconfig.js" %} ```javascript // See https://docs.dnscontrol.org/advanced-features/cli-variables CLI_DEFAULTS({ @@ -59,6 +63,8 @@ D("example.org", REG_NAMECOM, DnsProvider(DNS_NAMECOM), DnsProvider(DNS_BIND), A("sited", host02, TTL(1800)) ); ``` +{% endcode %} + ## Example 2: Different DNS records @@ -70,6 +76,7 @@ In this configuration: * `dnscontrol push` would generate the normal configuration. * `dnscontrol push -v emergency=true` would generate the emergency configuration. +{% code title="dnsconfig.js" %} ```javascript // See https://docs.dnscontrol.org/advanced-features/cli-variables CLI_DEFAULTS({ @@ -102,6 +109,8 @@ if (emergency) { } ``` +{% endcode %} + #### ProTips diff --git a/documentation/code-tricks.md b/documentation/code-tricks.md index 0656793c9..71432758d 100644 --- a/documentation/code-tricks.md +++ b/documentation/code-tricks.md @@ -20,6 +20,7 @@ Domains that use Google G-Suite require a specific list of MX records, plus there are some CNAMEs that are useful (but we only want the CNAMEs on a subset of domains). +{% code title="dnsconfig.js" %} ```javascript var GOOGLE_APPS_DOMAIN_MX = [ MX("@", 1, "aspmx.l.google.com."), @@ -51,6 +52,8 @@ D("aliasdomain.tld", DnsProvider(...), CNAME(...) } ``` +{% endcode %} + # Many domains with the exact same records @@ -59,6 +62,7 @@ records. Solution: Use a loop. (Note: See caveats below.) +{% code title="dnsconfig.js" %} ```javascript // The domains are parked. Use the exact same records for each. _.each( @@ -75,6 +79,8 @@ _.each( } ); ``` +{% endcode %} + # Caveats about getting too fancy diff --git a/documentation/examples.md b/documentation/examples.md index d7b9fa45b..0e5b1262a 100644 --- a/documentation/examples.md +++ b/documentation/examples.md @@ -1,5 +1,6 @@ -## Typical DNS Records +## Typical DNS Records ## +{% code title="dnsconfig.js" %} ```javascript D('example.com', REG, DnsProvider('GCLOUD'), A('@', '1.2.3.4'), // The naked or 'apex' domain. @@ -14,9 +15,11 @@ D('example.com', REG, DnsProvider('GCLOUD'), NS('department2', 'ns2.dnsexample.com.') // for department2.example.com ) ``` +{% endcode %} -## Set TTLs +## Set TTLs ## +{% code title="dnsconfig.js" %} ```javascript var mailTTL = TTL('1h'); @@ -31,9 +34,10 @@ D('example.com', registrar, CNAME('mail', 'mx01') // TTL of 5m, as defined per DefaultTTL() ); ``` +{% endcode %} -## Variables for common IP Addresses - +## Variables for common IP Addresses ## +{% code title="dnsconfig.js" %} ```javascript var addrA = IP('1.2.3.4') @@ -42,17 +46,19 @@ D('example.com', REG, DnsProvider('R53'), A('www', addrA + 1), // 1.2.3.5 ) ``` +{% endcode %} {% hint style="info" %} -**NOTE**: The `IP()` function doesn't currently support IPv6 (PRs welcome!). IPv6 addresses are strings. +**NOTE**: The [`IP()`](functions/global/IP.md) function doesn't currently support IPv6 (PRs welcome!). IPv6 addresses are strings. {% endhint %} - +{% code title="dnsconfig.js" %} ```javascript var addrAAAA = "0:0:0:0:0:0:0:0"; ``` +{% endcode %} -## Variables to swap active Data Center - +## Variables to swap active Data Center ## +{% code title="dnsconfig.js" %} ```javascript var dcA = IP('5.5.5.5'); var dcB = IP('6.6.6.6'); @@ -64,9 +70,10 @@ D('example.com', REG, DnsProvider('R53'), A('@', activeDC + 5), // fixed address based on activeDC ) ``` +{% endcode %} -## Macro for repeated records - +## Macro for repeated records ## +{% code title="dnsconfig.js" %} ```javascript var GOOGLE_APPS_MX_RECORDS = [ MX('@', 1, 'aspmx.l.google.com.'), @@ -91,9 +98,10 @@ D('example.com', REG, DnsProvider('R53'), A('@', '1.2.3.4') ) ``` +{% endcode %} -## Use SPF_BUILDER to add comments to SPF records - +## Use SPF_BUILDER to add comments to SPF records ## +{% code title="dnsconfig.js" %} ```javascript D("example.tld", REG, DSP, ... A("@", "10.2.2.2"), @@ -113,9 +121,10 @@ D("example.tld", REG, DSP, ... }), ); ``` +{% endcode %} -## Dual DNS Providers - +## Dual DNS Providers ## +{% code title="dnsconfig.js" %} ```javascript D('example.com', REG, DnsProvider('R53'), DnsProvider('GCLOUD'), A('@', '1.2.3.4') @@ -133,9 +142,10 @@ D('example3.com', REG, DnsProvider('R53'), DnsProvider('GCLOUD',0), A('@', '1.2.3.4') ) ``` +{% endcode %} -## Set default records modifiers - +## Set default records modifiers ## +{% code title="dnsconfig.js" %} ```javascript DEFAULTS( NAMESERVER_TTL('24h'), @@ -143,26 +153,27 @@ DEFAULTS( CF_PROXY_DEFAULT_OFF ); ``` -# Advanced Examples +# Advanced Examples # -## Automate Fastmail DKIM records +## Automate Fastmail DKIM records ## In this example we need a macro that can dynamically change for each domain. Suppose you have many domains that use Fastmail as an MX. Here's a macro that sets the MX records. - +{% code title="dnsconfig.js" %} ```javascript var FASTMAIL_MX = [ MX('@', 10, 'in1-smtp.messagingengine.com.'), MX('@', 20, 'in2-smtp.messagingengine.com.'), ] ``` +{% endcode %} Fastmail also supplied CNAMES to implement DKIM, and they all match a pattern that includes the domain name. We can't use a simple macro. Instead, we use a function that takes the domain name as a parameter to generate the right records dynamically. - +{% code title="dnsconfig.js" %} ```javascript var FASTMAIL_DKIM = function(the_domain){ return [ @@ -172,9 +183,10 @@ var FASTMAIL_DKIM = function(the_domain){ ] } ``` +{% endcode %} We can then use the macros as such: - +{% code title="dnsconfig.js" %} ```javascript D("example.com", REG_NONE, DnsProvider(DSP_R53_MAIN), FASTMAIL_MX, diff --git a/documentation/functions/domain/CF_REDIRECT.md b/documentation/functions/domain/CF_REDIRECT.md index e9e72d19c..156c9eedb 100644 --- a/documentation/functions/domain/CF_REDIRECT.md +++ b/documentation/functions/domain/CF_REDIRECT.md @@ -14,7 +14,7 @@ parameter_types: `CF_REDIRECT` uses Cloudflare-specific features ("Forwarding URL" Page Rules) to generate a HTTP 301 permanent redirect. -If _any_ `CF_REDIRECT` or `CF_TEMP_REDIRECT` functions are used then +If _any_ `CF_REDIRECT` or [`CF_TEMP_REDIRECT`](CF_TEMP_REDIRECT.md) functions are used then `dnscontrol` will manage _all_ "Forwarding URL" type Page Rules for the domain. Page Rule types other than "Forwarding URL” will be left alone. diff --git a/documentation/functions/domain/CF_TEMP_REDIRECT.md b/documentation/functions/domain/CF_TEMP_REDIRECT.md index 361ba8995..00ec23b86 100644 --- a/documentation/functions/domain/CF_TEMP_REDIRECT.md +++ b/documentation/functions/domain/CF_TEMP_REDIRECT.md @@ -14,7 +14,7 @@ parameter_types: `CF_TEMP_REDIRECT` uses Cloudflare-specific features ("Forwarding URL" Page Rules) to generate a HTTP 302 temporary redirect. -If _any_ `CF_REDIRECT` or `CF_TEMP_REDIRECT` functions are used then +If _any_ [`CF_REDIRECT`](CF_REDIRECT.md) or `CF_TEMP_REDIRECT` functions are used then `dnscontrol` will manage _all_ "Forwarding URL" type Page Rules for the domain. Page Rule types other than "Forwarding URL” will be left alone. diff --git a/documentation/functions/domain/NAMESERVER.md b/documentation/functions/domain/NAMESERVER.md index c3ae38e1d..95e24f4e0 100644 --- a/documentation/functions/domain/NAMESERVER.md +++ b/documentation/functions/domain/NAMESERVER.md @@ -14,8 +14,8 @@ For some registrars this will also add NS records to the zone itself. This takes exactly one argument: the name of the nameserver. It must end with a "." if it is a FQDN, just like all targets. -This is different than the `NS()` function, which inserts NS records -in the current zone and accepts a label. `NS()` is useful for downward +This is different than the [`NS()`](NS.md) function, which inserts NS records +in the current zone and accepts a label. [`NS()`](NS.md) is useful for downward delegations. `NAMESERVER()` is for informing upstream delegations. For more information, refer to [this page](../../nameservers.md). @@ -43,7 +43,7 @@ D("example2.com", REGISTRAR, .... , Nameservers are one of the least understood parts of DNS, so a little extra explanation is required. -* `NS()` lets you add an NS record to a zone, just like A() adds an A +* [`NS()`](NS.md) lets you add an NS record to a zone, just like [`A()`](A.md) adds an A record to the zone. This is generally used to delegate a subzone. * The `NAMESERVER()` directive speaks to the Registrar about how the parent should delegate the zone. diff --git a/documentation/functions/domain/NO_PURGE.md b/documentation/functions/domain/NO_PURGE.md index 7706285eb..2ba183bd4 100644 --- a/documentation/functions/domain/NO_PURGE.md +++ b/documentation/functions/domain/NO_PURGE.md @@ -2,13 +2,13 @@ name: NO_PURGE --- -NO_PURGE indicates that records should not be deleted from a domain. +`NO_PURGE` indicates that records should not be deleted from a domain. Records will be added and updated, but not removed. -NO_PURGE is generally used in very specific situations: +`NO_PURGE` is generally used in very specific situations: -* A domain is managed by some other system and DNSControl is only used to insert a few specific records and/or keep them updated. For example a DNS Zone that is managed by Active Directory, but DNSControl is used to update a few, specific, DNS records. In this case we want to specify the DNS records we are concerned with but not delete all the other records. This is a risky use of NO_PURGE since, if NO_PURGE was removed (or buggy) there is a chance you could delete all the other records in the zone, which could be a disaster. That said, domains with some records updated using Dynamic DNS have no other choice. -* To work-around a pseudo record type that is not supported by DNSControl. For example some providers have a fake DNS record type called "URL" which creates a redirect. DNSControl normally deletes these records because it doesn't understand them. NO_PURGE will leave those records alone. +* A domain is managed by some other system and DNSControl is only used to insert a few specific records and/or keep them updated. For example a DNS Zone that is managed by Active Directory, but DNSControl is used to update a few, specific, DNS records. In this case we want to specify the DNS records we are concerned with but not delete all the other records. This is a risky use of `NO_PURGE` since, if `NO_PURGE` was removed (or buggy) there is a chance you could delete all the other records in the zone, which could be a disaster. That said, domains with some records updated using Dynamic DNS have no other choice. +* To work-around a pseudo record type that is not supported by DNSControl. For example some providers have a fake DNS record type called "URL" which creates a redirect. DNSControl normally deletes these records because it doesn't understand them. `NO_PURGE` will leave those records alone. In this example DNSControl will insert "foo.example.com" into the zone, but otherwise leave the zone alone. Changes to "foo"'s IP @@ -23,19 +23,19 @@ D("example.com", .... , NO_PURGE, ``` {% endcode %} -The main caveat of NO_PURGE is that intentionally deleting records -becomes more difficult. Suppose a NO_PURGE zone has an record such +The main caveat of `NO_PURGE` is that intentionally deleting records +becomes more difficult. Suppose a `NO_PURGE` zone has an record such as A("ken", "1.2.3.4"). Removing the record from dnsconfig.js will not delete "ken" from the domain. DNSControl has no way of knowing the record was deleted from the file The DNS record must be removed -manually. Users of NO_PURGE are prone to finding themselves with +manually. Users of `NO_PURGE` are prone to finding themselves with an accumulation of orphaned DNS records. That's easy to fix for a small zone but can be a big mess for large zones. -Not all providers support NO_PURGE. For example the BIND provider +Not all providers support `NO_PURGE`. For example the BIND provider rewrites zone files from scratch each time, which precludes supporting -NO_PURGE. DNSControl will exit with an error if NO_PURGE is used +`NO_PURGE`. DNSControl will exit with an error if `NO_PURGE` is used on a driver that does not support it. -There is also `PURGE` command for completeness. `PURGE` is the +There is also [`PURGE`](PURGE.md) command for completeness. [`PURGE`](PURGE.md) is the default, thus this command is a no-op. diff --git a/documentation/functions/domain/PTR.md b/documentation/functions/domain/PTR.md index e7c8b27b1..b1b8f28a7 100644 --- a/documentation/functions/domain/PTR.md +++ b/documentation/functions/domain/PTR.md @@ -53,7 +53,7 @@ are all equivalent: * `PTR('4.3',` // Assuming the domain is `2.1.in-addr.arpa` All magic is RFC2317-aware. We use the first format listed in the -RFC for both `REV()` and `PTR()`. The format is +RFC for both [`REV()`](../global/REV.md) and `PTR()`. The format is `FIRST/MASK.C.B.A.in-addr.arpa` where `FIRST` is the first IP address of the zone, `MASK` is the netmask of the zone (25-31 inclusive), and A, B, C are the first 3 octets of the IP address. For example @@ -91,6 +91,6 @@ D(REV('2001:db8:302::/48'), REGISTRAR, DnsProvider(BIND), ``` {% endcode %} -In the future we plan on adding a flag to `A()` which will insert +In the future we plan on adding a flag to [`A()`](A.md)which will insert the correct PTR() record if the appropriate `.arpa` domain has been defined. diff --git a/documentation/functions/domain/PURGE.md b/documentation/functions/domain/PURGE.md index 4e30d0428..4624fce48 100644 --- a/documentation/functions/domain/PURGE.md +++ b/documentation/functions/domain/PURGE.md @@ -2,15 +2,15 @@ name: PURGE --- -PURGE is the default setting for all domains. Therefore PURGE is +`PURGE` is the default setting for all domains. Therefore `PURGE` is a no-op. It is included for completeness only. -A domain with a mixture of NO_PURGE and PURGE parameters will abide +A domain with a mixture of `NO_PURGE` and `PURGE` parameters will abide by the last one. These three examples all are equivalent. -PURGE is the default: +`PURGE` is the default: {% code title="dnsconfig.js" %} ```javascript diff --git a/documentation/functions/domain/R53_ALIAS.md b/documentation/functions/domain/R53_ALIAS.md index a5db2f46d..28f628c58 100644 --- a/documentation/functions/domain/R53_ALIAS.md +++ b/documentation/functions/domain/R53_ALIAS.md @@ -11,9 +11,9 @@ parameter_types: provider: ROUTE53 --- -R53_ALIAS is a Route53 specific virtual record type that points a record at either another record or an AWS entity (like a Cloudfront distribution, an ELB, etc...). It is analogous to a CNAME, but is usually resolved at request-time and served as an A record. Unlike CNAMEs, ALIAS records can be used at the zone apex (`@`) +`R53_ALIAS` is a Route53 specific virtual record type that points a record at either another record or an AWS entity (like a Cloudfront distribution, an ELB, etc...). It is analogous to a `CNAME`, but is usually resolved at request-time and served as an `A` record. Unlike `CNAME` records, `ALIAS` records can be used at the zone apex (`@`) -Unlike the regular ALIAS directive, R53_ALIAS is only supported on Route53. Attempting to use R53_ALIAS on another provider than Route53 will result in an error. +Unlike the regular [`ALIAS`](ALIAS.md) directive, `R53_ALIAS` is only supported on Route53. Attempting to use `R53_ALIAS` on another provider than Route53 will result in an error. The name should be the relative label for the domain. @@ -22,7 +22,7 @@ Target should be a string representing the target. If it is a single label we wi The Target can be any of: * _CloudFront distribution_: in this case specify the domain name that CloudFront assigned when you created your distribution (note that your CloudFront distribution must include an alternate domain name that matches the record you're adding) -* _Elastic Beanstalk environment_: specify the CNAME attribute for the environment. The environment must have a regionalized domain name. To get the CNAME, you can use either the [AWS Console](http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html), [AWS Elastic Beanstalk API](http://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html), or the [AWS CLI](http://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html). +* _Elastic Beanstalk environment_: specify the `CNAME` attribute for the environment. The environment must have a regionalized domain name. To get the `CNAME`, you can use either the [AWS Console](http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html), [AWS Elastic Beanstalk API](http://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html), or the [AWS CLI](http://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html). * _ELB load balancer_: specify the DNS name that is associated with the load balancer. To get the DNS name you can use either the AWS Console (on the EC2 page, choose Load Balancers, select the right one, choose the description tab), [ELB API](http://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html), the [AWS ELB CLI](http://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html), or the [AWS ELBv2 CLI](http://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html). * _S3 bucket_ (configured as website): specify the domain name of the Amazon S3 website endpoint in which you configured the bucket (for instance s3-website-us-east-2.amazonaws.com). For the available values refer to the [Amazon S3 Website Endpoints](http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region). * _Another Route53 record_: specify the value of the name of another record in the same hosted zone. diff --git a/documentation/functions/domain/SOA.md b/documentation/functions/domain/SOA.md index 89ec70ee3..31734d0e4 100644 --- a/documentation/functions/domain/SOA.md +++ b/documentation/functions/domain/SOA.md @@ -37,4 +37,4 @@ The email address should be specified like a normal RFC822/RFC5322 address (user * The serial number is managed automatically. It isn't even a field in `SOA()`. * Most providers automatically generate SOA records. They will ignore any `SOA()` statements. -There is more info about SOA in the documentation for the [BIND provider](../../providers/bind.md). +There is more info about `SOA` in the documentation for the [BIND provider](../../providers/bind.md). diff --git a/documentation/functions/domain/SSHFP.md b/documentation/functions/domain/SSHFP.md index 56f667a7c..51b528c63 100644 --- a/documentation/functions/domain/SSHFP.md +++ b/documentation/functions/domain/SSHFP.md @@ -14,7 +14,7 @@ parameter_types: "modifiers...": RecordModifier[] --- -SSHFP contains a fingerprint of a SSH server which can be validated before SSH clients are establishing the connection. +`SSHFP` contains a fingerprint of a SSH server which can be validated before SSH clients are establishing the connection. **Algorithm** (type of the key) diff --git a/documentation/functions/domain/TLSA.md b/documentation/functions/domain/TLSA.md index c3362019f..b68eb509d 100644 --- a/documentation/functions/domain/TLSA.md +++ b/documentation/functions/domain/TLSA.md @@ -16,7 +16,7 @@ parameter_types: "modifiers...": RecordModifier[] --- -TLSA adds a TLSA record to a domain. The name should be the relative label for the record. +`TLSA` adds a `TLSA` record to a domain. The name should be the relative label for the record. Usage, selector, and type are ints. diff --git a/documentation/functions/domain/TXT.md b/documentation/functions/domain/TXT.md index a49ddaf44..183948f86 100644 --- a/documentation/functions/domain/TXT.md +++ b/documentation/functions/domain/TXT.md @@ -10,7 +10,7 @@ parameter_types: "modifiers...": RecordModifier[] --- -TXT adds an TXT record To a domain. The name should be the relative +`TXT` adds an `TXT` record To a domain. The name should be the relative label for the record. Use `@` for the domain apex. The contents is either a single or multiple strings. To @@ -49,7 +49,7 @@ if it does not handle multiple strings. ### TXT record edge cases -Most providers do not support the full possibilities of what a TXT +Most providers do not support the full possibilities of what a `TXT` record can store. DNSControl can not handle all the edge cases and incompatibles that providers have introduced. Instead, it stores the string(s) that you provide and passes them to the provider @@ -57,14 +57,14 @@ verbatim. The provider may opt to accept the data, fix it, or reject it. This happens early in the processing, long before the DNSControl talks to the provider's API. -The RFCs specify that a TXT record stores one or more strings, +The RFCs specify that a `TXT` record stores one or more strings, each is up to 255 octets (bytes) long. We call these individual strings *chunks*. Each chunk may be zero to 255 octets long. -There is no limit to the number of chunks in a TXT record, +There is no limit to the number of chunks in a `TXT` record, other than IP packet length restrictions. The contents of each chunk may be octets of value from 0x00 to 0xff. -In reality DNS Service Providers (DSPs) place many restrictions on TXT +In reality DNS Service Providers (DSPs) place many restrictions on `TXT` records. Some DSPs only support a single string of 255 octets or fewer. @@ -87,7 +87,7 @@ double quotes, back-ticks, or other chars. #### How can you tell if a provider will support a particular `TXT()` record? -Include the `TXT()` record in a `D()` as usual, along +Include the `TXT()` record in a [`D()`](../global/D.md) as usual, along with the `DnsProvider()` for that provider. Run `dnscontrol check` to see if any errors are produced. The check command does not talk to the provider's API, thus permitting you to do this without having an diff --git a/documentation/functions/global/DOMAIN_ELSEWHERE.md b/documentation/functions/global/DOMAIN_ELSEWHERE.md index d7bff9d05..bfcb367f9 100644 --- a/documentation/functions/global/DOMAIN_ELSEWHERE.md +++ b/documentation/functions/global/DOMAIN_ELSEWHERE.md @@ -40,6 +40,6 @@ D("example.com", REG_NAMEDOTCOM, {% endcode %} {% hint style="info" %} -**NOTE**: The `NO_PURGE` is used out of abundance of caution but since no +**NOTE**: The [`NO_PURGE`](../domain/NO_PURGE.md) is used out of abundance of caution but since no `DnsProvider()` statements exist, no updates would be performed. {% endhint %} diff --git a/documentation/functions/global/DOMAIN_ELSEWHERE_AUTO.md b/documentation/functions/global/DOMAIN_ELSEWHERE_AUTO.md index 110cd9062..3c11a7756 100644 --- a/documentation/functions/global/DOMAIN_ELSEWHERE_AUTO.md +++ b/documentation/functions/global/DOMAIN_ELSEWHERE_AUTO.md @@ -44,5 +44,5 @@ D("example.com", REG_NAMEDOTCOM, {% endcode %} {% hint style="info" %} -**NOTE**: The `NO_PURGE` is used to prevent DNSControl from changing the records. +**NOTE**: The [`NO_PURGE`](../domain/NO_PURGE.md) is used to prevent DNSControl from changing the records. {% endhint %} diff --git a/documentation/functions/global/D_EXTEND.md b/documentation/functions/global/D_EXTEND.md index 73fb100e6..9b0d9848d 100644 --- a/documentation/functions/global/D_EXTEND.md +++ b/documentation/functions/global/D_EXTEND.md @@ -9,13 +9,13 @@ parameter_types: --- `D_EXTEND` adds records (and metadata) to a domain previously defined -by `D()`. It can also be used to add subdomain records (and metadata) +by [`D()`](D.md). It can also be used to add subdomain records (and metadata) to a previously defined domain. The first argument is a domain name. If it exactly matches a -previously defined domain, `D_EXTEND()` behaves the same as `D()`, +previously defined domain, `D_EXTEND()` behaves the same as [`D()`](D.md), simply adding records as if they had been specified in the original -`D()`. +[`D()`](D.md). If the domain name does not match an existing domain, but could be a (non-delegated) subdomain of an existing domain, the new records (and @@ -24,12 +24,12 @@ names (labels), and targets (as appropriate). See the examples below. Matching the domain name to previously-defined domains is done using a `longest match` algorithm. If `domain.tld` and `sub.domain.tld` are -defined as separate domains via separate `D()` statements, then +defined as separate domains via separate [`D()`](D.md) statements, then `D_EXTEND('sub.sub.domain.tld', ...)` would match `sub.domain.tld`, not `domain.tld`. Some operators only act on an apex domain (e.g. -`CF_REDIRECT` and `CF_TEMP_REDIRECT`). Using them +[`CF_REDIRECT`](../domain/CF_REDIRECT.md) and [`CF_TEMP_REDIRECT`](../domain/CF_TEMP_REDIRECT.md)). Using them in a `D_EXTEND` subdomain may not be what you expect. {% code title="dnsconfig.js" %} @@ -83,7 +83,7 @@ ProTips: `D_EXTEND()` permits you to create very complex and sophisticated configurations, but you shouldn't. Be nice to the next person that edits the file, who may not be as expert as yourself. Enhance readability by putting any `D_EXTEND()` statements immediately -after the original `D()`, like in above example. Avoid the temptation +after the original [`D()`](D.md), like in above example. Avoid the temptation to obscure the addition of records to existing domains with randomly placed `D_EXTEND()` statements. Don't build up a domain using loops of `D_EXTEND()` statements. You'll be glad you didn't. diff --git a/documentation/functions/global/REV.md b/documentation/functions/global/REV.md index 2199aebda..9aba56cd6 100644 --- a/documentation/functions/global/REV.md +++ b/documentation/functions/global/REV.md @@ -10,7 +10,7 @@ ts_return: string `REV` returns the reverse lookup domain for an IP network. For example `REV('1.2.3.0/24')` returns `3.2.1.in-addr.arpa.` and `REV('2001:db8:302::/48)` returns `2.0.3.0.8.b.d.0.1.0.0.2.ip6.arpa.`. -This is used in `D()` functions to create reverse DNS lookup zones. +This is used in [`D()`](D.md) functions to create reverse DNS lookup zones. This is a convenience function. You could specify `D('3.2.1.in-addr.arpa', ...` if you like to do things manually but why would you risk making @@ -51,6 +51,6 @@ D(REV('2001:db8:302::/48'), REGISTRAR, DnsProvider(BIND), ``` {% endcode %} -In the future we plan on adding a flag to `A()` which will insert -the correct PTR() record if the appropriate `D(REV()` domain (i.e. `.arpa` domain) has been +In the future we plan on adding a flag to [`A()`](../domain/A.md)which will insert +the correct PTR() record in the appropriate `D(REV())` domain (i.e. `.arpa` domain) has been defined. diff --git a/documentation/getting-started.md b/documentation/getting-started.md index 526d3eca9..cae42c28a 100644 --- a/documentation/getting-started.md +++ b/documentation/getting-started.md @@ -84,6 +84,7 @@ and renaming it. The file looks like: +{% code title="dnsconfig.js" %} ```javascript // Providers: @@ -96,6 +97,7 @@ D('example.com', REG_NONE, DnsProvider(DNS_BIND), A('@', '1.2.3.4') ); ``` +{% endcode %} Modify this file to match your particular providers and domains. See [the DNSConfig docs](js.md) and [the provider docs](providers.md) for more details. diff --git a/documentation/nameservers.md b/documentation/nameservers.md index a16b82ebf..e7f2e1a57 100644 --- a/documentation/nameservers.md +++ b/documentation/nameservers.md @@ -8,6 +8,7 @@ The document shows examples of many common and uncommon configurations. All the examples use the variables. Substitute your own. +{% code title="dnsconfig.js" %} ```javascript // ========== Registrars: @@ -27,6 +28,8 @@ var DNS_GOOGLE = NewDnsProvider("gcp_main"); var DNS_CLOUDFLARE = NewDnsProvider("cloudflare_main"); var DNS_BIND = NewDnsProvider("bind"); ``` +{% endcode %} + # Typical Delegations @@ -38,12 +41,15 @@ Use the same provider as a registrar and DNS service. Why? Simplicity. +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_NAMECOM), A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Different provider for REG and DNS @@ -54,13 +60,15 @@ Why? Some registrars do not provide DNS server, or their service is sub-standard and you want to use a high-performance DNS server. - +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_AWS), A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Registrar is elsewhere @@ -73,12 +81,15 @@ You don't have access to the registrar, or the registrar is not supported by DNSControl. However you do have API access for updating the zone's records (most likely at a different provider). +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_THIRDPARTY, DnsProvider(DNS_NAMECOM), A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Zone is elsewhere @@ -90,6 +101,7 @@ We are delegating the domain to someone else. In this example we're pointing the domain to the nsone.net DNS service, which someone else is controlling. +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, NAMESERVER("dns1.p03.nsone.net."), @@ -98,6 +110,8 @@ D("example1.com", REG_NAMECOM, NAMESERVER("dns4.p03.nsone.net."), ); ``` +{% endcode %} + ## Override nameservers @@ -110,6 +124,7 @@ nameservers are, or the API is returning invalid data, or if the API returns no information. Sometimes APIs return no (useful) information when the domain is new; this is a good temporary work-around until the API starts working. +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_CLOUDFLARE, 0), // Set the DNS provider but ignore the nameservers it suggests (0 == take none of the names it reports) @@ -118,6 +133,8 @@ D("example1.com", REG_NAMECOM, A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Add nameservers @@ -127,6 +144,7 @@ Use the default nameservers from the registrar but add additional ones. Why? Usually only to correct a bug or misconfiguration elsewhere. +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_NAMECOM), @@ -134,6 +152,8 @@ D("example1.com", REG_NAMECOM, A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Shadow nameservers @@ -147,6 +167,7 @@ There are many reasons to do this: * You want your DNS records stored somewhere else in case you have to switch over in an emergency. * You are sending the zone to a local caching DNS server. +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_NAMECOM), // Our real DNS server @@ -155,6 +176,8 @@ D("example1.com", REG_NAMECOM, A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Dual DNS Providers @@ -175,6 +198,7 @@ More info: https://www.dns-oarc.net/files/workshop-201203/OARC-workshop-London-2 **NOTE**: This is overkill unless you have millions of users and strict up-time requirements. {% endhint %} +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_AWS, 2), // Take 2 nameservers from AWS @@ -182,6 +206,8 @@ D("example1.com", REG_NAMECOM, A("@", "10.2.3.4") ); ``` +{% endcode %} + # Other uses @@ -201,6 +227,7 @@ this is the output of DNSControl, not the input. **NOTE**: This won't work if you use pseudo rtypes that BIND doesn't support. {% endhint %} +{% code title="dnsconfig.js" %} ```javascript D("example1.com", REG_NAMECOM, DnsProvider(DNS_NAMECOM), @@ -208,6 +235,8 @@ D("example1.com", REG_NAMECOM, A("@", "10.2.3.4") ); ``` +{% endcode %} + ## Monitor delegation @@ -221,6 +250,7 @@ Sometimes you just want to know if something changes! See the [DNS-over-HTTPS Provider](providers/dnsoverhttps.md) documentation for more info. +{% code title="dnsconfig.js" %} ```javascript var REG_MONITOR = NewRegistrar('DNS-over-HTTPS'); @@ -229,6 +259,8 @@ D("example1.com", REG_MONITOR, NAMESERVER("ns2.example1.com."), ); ``` +{% endcode %} + {% hint style="info" %} **NOTE**: This checks the NS records via a DNS query. It does not check the @@ -244,6 +276,7 @@ DNSControl has some built-in macros that you might find useful. Easily delegate a domain to a specific list of nameservers. +{% code title="dnsconfig.js" %} ```javascript DOMAIN_ELSEWHERE("example1.com", REG_NAMECOM, [ "dns1.example.net.", @@ -251,18 +284,23 @@ DOMAIN_ELSEWHERE("example1.com", REG_NAMECOM, [ "dns3.example.net.", ]); ``` +{% endcode %} + ## `DOMAIN_ELSEWHERE_AUTO` -Easily delegate a domain to a nameservers via an API query. +Easily delegate a domain to a nameserver via an API query. This is similar to `DOMAIN_ELSEWHERE` but the list of nameservers is queried from the API of a single DNS provider. +{% code title="dnsconfig.js" %} ```javascript DOMAIN_ELSEWHERE_AUTO("example1.com", REG_NAMECOM, DNS_AWS); DOMAIN_ELSEWHERE_AUTO("example2.com", REG_NAMECOM, DNS_GOOGLE); ``` +{% endcode %} + # Limits diff --git a/documentation/typescript.md b/documentation/typescript.md index 535a694c2..7bfd67bbe 100644 --- a/documentation/typescript.md +++ b/documentation/typescript.md @@ -36,9 +36,12 @@ type checking (i.e. red squiggly underlines when you misuse APIs), there is one Add this comment to the top of your `dnsconfig.js` file: +{% code title="dnsconfig.js" %} ```javascript // @ts-check ``` +{% endcode %} + That should be all you need to do! @@ -58,9 +61,12 @@ Bug: Values passed to `CLI_DEFAULTS` (and the corresponding `-v` command-line op Workaround: create a new `.d.ts` file in the same folder as your `dnsconfig.js` file. In that file, add the following line for each variable you want to use (replacing `VARIABLE_NAME` with the name of the variable). +{% code title=".d.ts" %} ```javascript declare const VARIABLE_NAME: string; ``` +{% endcode %} + This will tell TypeScript that the variable exists, and that it’s a string. diff --git a/documentation/why-the-dot.md b/documentation/why-the-dot.md index 5b6109b8f..835459215 100644 --- a/documentation/why-the-dot.md +++ b/documentation/why-the-dot.md @@ -29,12 +29,15 @@ add the domain to it. Here are four examples: +{% code title="dnsconfig.js" %} ```javascript CNAME("foo", "bar") // Permitted. (expands to bar.$DOMAIN) CNAME("foo", "bar.com.") // Permitted. (we are certain what the user wants) CNAME("foo", "bar.com") // ERROR (ambiguous) CNAME("foo", "meta.xyz") // ERROR (ambiguous) ``` +{% endcode %} + The first 2 examples are permitted. The last 2 examples are ambiguous and are therefore are considered errors.