Cloudflare API tokens are a new way to authenticate to Cloudflare API.
Unlike the Global API key, tokens can be given specific permissions to
only access parts of the API. See [1] for details.
[1] https://blog.cloudflare.com/api-tokens-general-availability/
This commit introduces a new credential for cloudflare called
`apitoken`, which is mutually exclusive with `apiuser` and `apikey`.
In order for DNSControl to work with this token, it should have the
right to read DNS zones and edit DNS records.
Closes #534
FYI: The support is very minimal. It only supports redirect if it is the last item in an SPF record. At that point, it is equivalent to include.
* In SFP, treat redirect like a special include.
* Document SPF redirect: limited implementation.
* docs improvements
* Updated matrix as part of "go generate" (e.g. adds SSHFP row)
* Commiting full matrix file
* Added docs for SSHFP record
* Matrix: Mark OVH as SSHFP-capable in docs (see PR #482)
* Improve comments in checkLabel
* Reformat labelUnderscores to make it easier to add to
* Add to exception list for label warnings
* Add underscores in hostnames to the opinions list.
- Support DelegationSet for Route53 (create-domains only)
- Retry Route53 operations which fail for rate limits under large numbers of domains
- Support for name_server_set for GCloud (create-domains only)
- Docs for both
* Maint: run generate for missing documentation
Apparently current master is missing some generated documentation.
* Populate ovh zones cache as early as possible (#412)
We are caching the OVH zones in GetNameservers.
It turns out it isn’t a good idea, because GetNameServers will not be called
if the user selects no name servers for a given domain by using for example:
```
D(‘my domain’, DnsProvider(ovh, 0)) {
}
```
The subsequent GetDomainCorrections would automatically fail
with an unknown domain error, because the zones cache hasn’t been
filled in.
To solve the issue, the ovh provider now populates the zones cache during
initialisation.
The `GANDI` provider also seems to be unable to see new domains (the
ones bought through the new interface), but I didn't mention that as
it may be a bug that could be solves at some point.
* Manual rebase of get-certs branch
* fix endpoints, add verbose flag
* more stable pre-check behaviour
* start of docs
* docs for get-certs
* don't require cert for dnscontrol
* fix up directory paths
* small doc tweaks
* Initial commit for OpenSRS registrar support #272
* sort existing name servers before comparing.
* vendor philhug/opensrs-go
* Update docs for OpenSRS #272
* Cache OpenSRS client to prevent http connection leak
* run go fmt
* govendor gopkg.in/yaml.v2
* Ignore YAML and BIND test data litter. Create README.txt files to force git to create subdirectories.
* Update convertzone to also read OctoDNS files
* Add gandi LiveDNS api provider
* vendor testify and gandi live DNS
* govendor update github.com/prasmussen/gandi-api/{client,live_dns}
* Fix Gandi-livedns TXT unit test
* TravisCI should use go 1.10
