I already have bind setup to allow DHCP to update. Sometimes I need to tweak things so I use nsupdate. No 'rndc reload' required. nsupdate.txt: delete Zeratul.lan.example.com A send delete 90.6.168.192.in-addr.arpa PTR send add Zeratul.lan.example.com 902 A 192.168.6.89 send add 89.6.168.192.in-addr.arpa 902 PTR Zeratul.lan.example.com send Command: nsupdate -k /etc/named/DHCP_UPDATER.key nsupdate.txt
This could be used for a TXT record.
Bill
On 8/20/2017 3:59 PM, Ralph Seichter wrote:
On 20.08.2017 19:50, KT Walrus wrote:
I use Cloudflare (free DNS) and DNS Made Easy (paid DNS). I would never run my own DNS service except for communicating between my Docker services internally I run my own nameservers for various reasons, not the least of them being DNSSEC. My zones' signing keys never leave my hands.
If you run your own public DNS service (for your Dovecot domains), you should pick one that has an API for updating the DNS records from a script like acme.sh or simply write your own custom hook for acme.sh to use. Nameservers like BIND or Unbound can use text based config files (zone files), which can be generated on the fly with scripts. Add "rndc reload" to the mix, and changes can be made instantaneously, without any special APIs.
What can be a bother is when TTL values are set too high and changes in the zones take too long to propagate, but that's a general issue, and when running your own nameservers you can set these values as low as you require.
-Ralph
P.S.: All this sure is interesting, but way off-topic in regards to Dovecot. ;-)