
<html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div><blockquote type="cite" class=""><div class="">On 1. Mar 2020, at 21:13, Brian Candler <<a href="mailto:b.candler@pobox.com" class="">b.candler@pobox.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">

  

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" class="">

  

  <div class="">

    <div class="moz-cite-prefix">Depends on what your letsencrypt software uses.   I use the bind

      backend with DDNS updates, with dehydrated.  There are some sample

      challenge hooks for dehydrated <a moz-do-not-send="true" href="https://github.com/dehydrated-io/dehydrated/wiki" class="">here</a>,

      and I see all your options covered:</div><p class="">One which uses DDNS updates: <a href="https://github.com/dehydrated-io/dehydrated/wiki/example-dns-01-nsupdate-script" class="">https://github.com/dehydrated-io/dehydrated/wiki/example-dns-01-nsupdate-script</a></p><p class="">One which uses the API: <a href="https://github.com/silkeh/pdns_api.sh" class="">https://github.com/silkeh/pdns_api.sh</a></p><p class="">One which uses mysql updates: <a href="https://github.com/antoiner77/dehyrated-pdns/blob/master/pdns.sh" class="">https://github.com/antoiner77/dehyrated-pdns/blob/master/pdns.sh</a></p></div></div></blockquote>Thanks - that is a good hint to look at dehydrated - I was vaguely aware of the project, but haven't installed it since I scripted certbot.  So from your response I gather it is just a matter of preference, there are no real drawbacks. So I will reseach the ddns updates further, since that is, what I already implemented and it saves me from enabling the HTTP API, which would increase complexity...<br class=""><br class=""><blockquote type="cite" class=""><div class=""><div class=""><p class="">

    </p>

    <p class="">To minimise the number of moving parts, I'd start by seeing if

      LUA records can do what you want: <a href="https://doc.powerdns.com/authoritative/lua-records/index.html" class="">https://doc.powerdns.com/authoritative/lua-records/index.html</a></p></div></div></blockquote><div>I missed that part of the documentation or better skipped it, because I have no experience with LUA, But if that gets me around running a backend, I'll look deeper into that.</div><br class=""><blockquote type="cite" class=""><div class=""><div class=""><p class="">There are existing functions for working with dynamic forward and

      reverse:<br class="">

    </p><p class=""><a href="https://doc.powerdns.com/authoritative/lua-records/functions.html#reverse-dns-functions" class="">https://doc.powerdns.com/authoritative/lua-records/functions.html#reverse-dns-functions</a></p><p class="">The documentation says that createReverse with %5% will support

      the A-B-C-D format you want; but createForward doesn't. 

      Confusingly, there is a <a moz-do-not-send="true" href="https://github.com/PowerDNS/pdns/blob/master/pdns/lua-record.cc#L612" class="">comment

        in the code</a> which says it does:<br class="">

    </p><p class=""><tt class="">      if(parts.size()==1) {</tt><tt class=""><br class="">

      </tt><tt class="">        // either hex string, <font color="#ff0000" class=""><b class="">or

            12-13-14-15</b></font></tt><tt class=""><br class="">

      </tt><tt class="">        //        cout<<parts[0]<<endl;</tt><tt class=""><br class="">

      </tt><tt class="">        unsigned int x1, x2, x3, x4;</tt><tt class=""><br class="">

      </tt><tt class="">        if(sscanf(parts[0].c_str()+2, "%02x%02x%02x%02x",

        &x1, &x2, &x3, &x4)==4) {</tt><tt class=""><br class="">

      </tt><tt class="">          return

std::to_string(x1)+"."+std::to_string(x2)+"."+std::to_string(x3)+"."+std::to_string(x4);</tt><tt class=""><br class="">

      </tt><tt class="">        }</tt><tt class=""><br class="">

      </tt><tt class=""><br class="">

      </tt><tt class=""><br class="">

      </tt><tt class="">      }</tt><tt class=""><br class="">

      </tt><tt class="">      return std::string("0.0.0.0");</tt><tt class=""><br class="">

      </tt><tt class="">    });</tt><br class="">

    </p><p class="">... but I can't see anything in the code which actually parses

      this format.  So either this is an oversight in the code, or the

      comment is wrong.  It looks like it would be a pretty

      straightforward feature to add.<br class="">

    </p><p class="">If there's no way round this, then you can use the full LUA

      backend instead: <a href="https://doc.powerdns.com/authoritative/backends/lua2.html" class="">https://doc.powerdns.com/authoritative/backends/lua2.html</a></p></div></div></blockquote></div><div>Nice! thanks for the pointer, Brian!</div><div><br class=""></div><div>  Michael.</div><div class=""><br class=""></div><div class=""><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">-- </div><div style="caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Michael Rommel, Erlangen, Germany</div></div></body></html>