mirror of
https://github.com/StackExchange/dnscontrol.git
synced 2024-05-11 05:55:12 +00:00
DOC: Apply brand-preferred case (#429)
* Apply brand-preferred case * Apply case to own branding as well
This commit is contained in:
committed by
Tom Limoncelli
parent
608dd7af56
commit
b3e35b56a2
14
README.md
14
README.md
@ -7,16 +7,16 @@
|
||||
DNSControl is a system for maintaining DNS zones. It has two parts:
|
||||
a domain specific language (DSL) for describing DNS zones plus
|
||||
software that processes the DSL and pushes the resulting zones to
|
||||
DNS providers such as Route53, CloudFlare, and Gandi. It can talk
|
||||
to Microsoft ActiveDirectory and it generates the most beautiful
|
||||
DNS providers such as Route53, Cloudflare, and Gandi. It can talk
|
||||
to Microsoft Active Directory and it generates the most beautiful
|
||||
BIND zone files ever. It runs anywhere Go runs (Linux, macOS,
|
||||
Windows). The provider model is extensible, so more providers can be added.
|
||||
|
||||
Currently supported DNS providers:
|
||||
- Active Directory
|
||||
- BIND
|
||||
- CloudFlare
|
||||
- Digitalocean
|
||||
- Cloudflare
|
||||
- DigitalOcean
|
||||
- DNSimple
|
||||
- Exoscale
|
||||
- Gandi
|
||||
@ -37,8 +37,8 @@ and subdomains across multiple registrars and DNS providers.
|
||||
You can think of it as a DNS compiler. The configuration files are
|
||||
written in a DSL that looks a lot like JavaScript. It is compiled
|
||||
to an intermediate representation (IR). Compiler back-ends use the
|
||||
IR to update your DNS zones on services such as Route53, CloudFlare,
|
||||
and Gandi, or systems such as BIND and ActiveDirectory.
|
||||
IR to update your DNS zones on services such as Route53, Cloudflare,
|
||||
and Gandi, or systems such as BIND and Active Directory.
|
||||
|
||||
# An Example
|
||||
|
||||
@ -85,7 +85,7 @@ the variable name throughout the file. Need to change the IP address
|
||||
globally? Just change the variable and "recompile."
|
||||
* Macros! Define your SPF records, MX records, or other repeated
|
||||
data once and re-use them for all domains.
|
||||
* Control CloudFlare from a single location. Enable/disable
|
||||
* Control Cloudflare from a single location. Enable/disable
|
||||
Cloudflare proxying (the "orange cloud" button) directly from your
|
||||
DNSControl files.
|
||||
* Keep similar domains in sync with transforms and other features.
|
||||
|
@ -5,7 +5,7 @@ parameters:
|
||||
- modifiers...
|
||||
---
|
||||
|
||||
`CF_REDIRECT` uses CloudFlare-specific features ("page rules") to
|
||||
`CF_REDIRECT` uses Cloudflare-specific features ("page rules") to
|
||||
generate an HTTP 301 redirect.
|
||||
|
||||
WARNING: If the domain has other pagerules in place, they may be
|
||||
|
@ -7,7 +7,7 @@ Records will be added and updated, but not removed.
|
||||
|
||||
NO_PURGE is generally used in very specific situations:
|
||||
|
||||
* A domain is managed by some other system and DNSControl is only used to insert a few specific records and/or keep them updated. For example a DNS Zone that is managed by ActiveDirectory, but DNSControl is used to update a few, specific, DNS records. In this case we want to specify the DNS records we are concerned with but not delete all the other records. This is a risky use of NO_PURGE since, if NO_PURGE was removed (or buggy) there is a chance you could delete all the other records in the zone, which could be a disaster. That said, domains with some records updated using Dynamic DNS have no other choice.
|
||||
* A domain is managed by some other system and DNSControl is only used to insert a few specific records and/or keep them updated. For example a DNS Zone that is managed by Active Directory, but DNSControl is used to update a few, specific, DNS records. In this case we want to specify the DNS records we are concerned with but not delete all the other records. This is a risky use of NO_PURGE since, if NO_PURGE was removed (or buggy) there is a chance you could delete all the other records in the zone, which could be a disaster. That said, domains with some records updated using Dynamic DNS have no other choice.
|
||||
* To work-around a pseudo record type that is not supported by DNSControl. For example some providers have a fake DNS record type called "URL" which creates a redirect. DNSControl normally deletes these records because it doesn't understand them. NO_PURGE will leave those records alone.
|
||||
|
||||
In this example DNSControl will insert "foo.example.com" into the
|
||||
|
@ -5,7 +5,7 @@ jsId: ACTIVEDIRECTORY_PS
|
||||
title: ActiveDirectory_PS Provider
|
||||
---
|
||||
# ActiveDirectory_PS Provider
|
||||
This provider updates an Microsoft ActiveDirectory server DNS server. It interacts with AD via PowerShell commands that are generated and executed on the local machine. This means that DNSControl must be run on a Windows host. This driver automatically deactivates itself when run on non-Windows systems.
|
||||
This provider updates an Microsoft Active Directory server DNS server. It interacts with AD via PowerShell commands that are generated and executed on the local machine. This means that DNSControl must be run on a Windows host. This driver automatically deactivates itself when run on non-Windows systems.
|
||||
|
||||
# Running on Non-Windows systems
|
||||
For debugging and testing on non-Windows systems, a "fake PowerShell" mode can be used, which will activate the driver and simulate PowerShell as follows:
|
||||
|
@ -119,7 +119,7 @@ D('example2.tld', REG_NONE, DnsProvider(CLOUDFLARE),
|
||||
DNSControl depends on a Cloudflare Global API Key that's available under "My Settings".
|
||||
|
||||
## New domains
|
||||
If a domain does not exist in your CloudFlare account, DNSControl
|
||||
If a domain does not exist in your Cloudflare account, DNSControl
|
||||
will *not* automatically add it. You'll need to do that via the
|
||||
control panel manually or via the `dnscontrol create-domains` command.
|
||||
|
||||
|
@ -8,7 +8,7 @@ jsId: DIGITALOCEAN
|
||||
|
||||
## Configuration
|
||||
In your credentials file, you must provide your
|
||||
[Digitalocean OAuth Token](https://cloud.digitalocean.com/settings/applications)
|
||||
[DigitalOcean OAuth Token](https://cloud.digitalocean.com/settings/applications)
|
||||
|
||||
{% highlight json %}
|
||||
{
|
||||
|
@ -9,9 +9,9 @@ jsId: HEXONET
|
||||
HEXONET is a leading developer and operator of domain names and DNS platforms.
|
||||
Individual, service provider and registrars around the globe choose HEXONET for
|
||||
domains and DNS because of our advanced technology, operational performance and
|
||||
up-time, and most importantly for DNS expertise. DnsControl with HEXONET's DNS
|
||||
up-time, and most importantly for DNS expertise. DNSControl with HEXONET's DNS
|
||||
marries DNS automation with an industry-leading DNS platform that supports DNSSEC,
|
||||
PremiumDNS via Anycast Network, and nearly all of DnsControl's listed provider features.
|
||||
PremiumDNS via Anycast Network, and nearly all of DNSControl's listed provider features.
|
||||
|
||||
## Configuration
|
||||
|
||||
|
@ -1,13 +1,13 @@
|
||||
---
|
||||
layout: default
|
||||
title: DnsControl
|
||||
title: DNSControl
|
||||
---
|
||||
|
||||
<div class="row jumbotron">
|
||||
<div class="col-md-12">
|
||||
<div>
|
||||
<h1 class="hometitle">DnsControl</h1>
|
||||
<p class="lead">DnsControl is an <strong><a href="opinions">opinionated</a></strong> platform for seamlessly managing your DNS configuration across any number of DNS hosts, both in the cloud or in your own infrastructure. It manages all of the domains for the Stack Overflow network, and can do the same for you!</p>
|
||||
<h1 class="hometitle">DNSControl</h1>
|
||||
<p class="lead">DNSControl is an <strong><a href="opinions">opinionated</a></strong> platform for seamlessly managing your DNS configuration across any number of DNS hosts, both in the cloud or in your own infrastructure. It manages all of the domains for the Stack Overflow network, and can do the same for you!</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -7,12 +7,12 @@ title: Let's Encrypt Certificate generation
|
||||
|
||||
The `dnscontrol get-certs` command will obtain or renew TLS certificates for your managed domains via [*Let's Encrypt*](https://letsencrypt.org). This can be extremely useful in situations where other acme clients are problematic. Specifically, this may be useful if:
|
||||
|
||||
- You are already managing dns records with DnsControl.
|
||||
- You are already managing dns records with DNSControl.
|
||||
- You have a large number of domains or dns providers in complicated configurations.
|
||||
- You want **wildcard** certificates, which *require* dns validation.
|
||||
|
||||
At stack overflow we have dual-hosted dns, with most domains having four nameservers from two different cloud DNS providers. DnsControl uses
|
||||
the exact same code as the core DnsControl commands to issue certificates. This means is will work the same regardless of your domain layout or what providers you use.
|
||||
At stack overflow we have dual-hosted dns, with most domains having four nameservers from two different cloud DNS providers. DNSControl uses
|
||||
the exact same code as the core DNSControl commands to issue certificates. This means is will work the same regardless of your domain layout or what providers you use.
|
||||
|
||||
## General Process
|
||||
|
||||
|
@ -47,7 +47,7 @@ NS records for the base domain should not be specified manually, as that will re
|
||||
|
||||
{% include alert.html text="Note: Not all providers allow full control over the NS records of your zone. It is not recommended to use these providers in complicated scenarios such as hosting across multiple providers. See individual provider docs for more info." %}
|
||||
|
||||
DnsControl will also register the authoritative nameserver list with the registrar, so that all nameserver are used in the tld registry.
|
||||
DNSControl will also register the authoritative nameserver list with the registrar, so that all nameserver are used in the TLD registry.
|
||||
|
||||
## 3. Backup providers
|
||||
|
||||
@ -57,4 +57,3 @@ Its nameservers will not be added to the authoritative set. While this may seem
|
||||
|
||||
1. Backup nameservers will still be updated with the NS records from the authoritative nameserver list. This means the records will still need to be updated to correctly "activate" the provider.
|
||||
2. Costs generally scale with utilization, so there is often no real savings associated with an active-passive setup vs an active-active one anyway.
|
||||
|
||||
|
@ -608,7 +608,7 @@ var CF_PROXY_DEFAULT_ON = { cloudflare_proxy_default: 'on' };
|
||||
|
||||
// CUSTOM, PROVIDER SPECIFIC RECORD TYPES
|
||||
|
||||
function _validateCloudFlareRedirect(value) {
|
||||
function _validateCloudflareRedirect(value) {
|
||||
if (!_.isString(value)) {
|
||||
return false;
|
||||
}
|
||||
@ -617,8 +617,8 @@ function _validateCloudFlareRedirect(value) {
|
||||
|
||||
var CF_REDIRECT = recordBuilder('CF_REDIRECT', {
|
||||
args: [
|
||||
['source', _validateCloudFlareRedirect],
|
||||
['destination', _validateCloudFlareRedirect],
|
||||
['source', _validateCloudflareRedirect],
|
||||
['destination', _validateCloudflareRedirect],
|
||||
],
|
||||
transform: function(record, args, modifiers) {
|
||||
record.name = '@';
|
||||
@ -628,8 +628,8 @@ var CF_REDIRECT = recordBuilder('CF_REDIRECT', {
|
||||
|
||||
var CF_TEMP_REDIRECT = recordBuilder('CF_TEMP_REDIRECT', {
|
||||
args: [
|
||||
['source', _validateCloudFlareRedirect],
|
||||
['destination', _validateCloudFlareRedirect],
|
||||
['source', _validateCloudflareRedirect],
|
||||
['destination', _validateCloudflareRedirect],
|
||||
],
|
||||
transform: function(record, args, modifiers) {
|
||||
record.name = '@';
|
||||
|
@ -62,6 +62,6 @@ func newDNS(config map[string]string, metadata json.RawMessage) (providers.DNSSe
|
||||
p.adServer = srv
|
||||
return p, nil
|
||||
}
|
||||
fmt.Printf("WARNING: PowerShell not available. ActiveDirectory will not be updated.\n")
|
||||
fmt.Printf("WARNING: PowerShell not available. Active Directory will not be updated.\n")
|
||||
return providers.None{}, nil
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
### ActiveDirectory
|
||||
### Active Directory
|
||||
|
||||
This provider updates a DNS Zone in an ActiveDirectory Integrated Zone.
|
||||
This provider updates a DNS Zone in an Active Directory Integrated Zone.
|
||||
|
||||
When run on Windows, AD is updated directly. The code generates
|
||||
PowerShell commands, executes them, and checks the results.
|
||||
|
@ -18,7 +18,7 @@ import (
|
||||
|
||||
/*
|
||||
|
||||
Digitalocean API DNS provider:
|
||||
DigitalOcean API DNS provider:
|
||||
|
||||
Info required in `creds.json`:
|
||||
- token
|
||||
@ -39,7 +39,7 @@ var defaultNameServerNames = []string{
|
||||
// NewDo creates a DO-specific DNS provider.
|
||||
func NewDo(m map[string]string, metadata json.RawMessage) (providers.DNSServiceProvider, error) {
|
||||
if m["token"] == "" {
|
||||
return nil, errors.Errorf("no Digitalocean token provided")
|
||||
return nil, errors.Errorf("no DigitalOcean token provided")
|
||||
}
|
||||
|
||||
ctx := context.Background()
|
||||
|
2
vendor/github.com/miekg/dns/COPYRIGHT
generated
vendored
2
vendor/github.com/miekg/dns/COPYRIGHT
generated
vendored
@ -5,5 +5,5 @@ Extensions of the original work are copyright (c) 2011 Miek Gieben
|
||||
Copyright 2011 Miek Gieben. All rights reserved. Use of this source code is
|
||||
governed by a BSD-style license that can be found in the LICENSE file.
|
||||
|
||||
Copyright 2014 CloudFlare. All rights reserved. Use of this source code is
|
||||
Copyright 2014 Cloudflare. All rights reserved. Use of this source code is
|
||||
governed by a BSD-style license that can be found in the LICENSE file.
|
||||
|
Reference in New Issue
Block a user