X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=README;h=2bc8414d4fbc39943090b129c768201840708bac;hb=bb68fcc5ab280623651b31953e149d364d3f7bf9;hp=065a8e41927a9e7cd391894a41fc1a6a932a3232;hpb=74a9ba010f72c9f220d50d184804b5c5ac234be3;p=zdns.git diff --git a/README b/README index 065a8e4..2bc8414 100644 --- a/README +++ b/README @@ -1,38 +1,41 @@ zdns -- DNS zones creator helper -This is very simple zsh-based helper functions to create DNS zones. +This is very simple Tcl-based helper functions to create DNS zones. Many things are hardcoded there. Basically you just write ordinary -zsh script, sourcing the rc.zsh, containing various helper functions. +Tcl script, sourcing the rc.tcl, containing various helper functions. It expects DOMAIN variable to be set. +Initially that utility was written on zsh, but later it was replaced +with Tcl. + * fqdn(domain) -- prints fully-qualified domain name, taking either "domain.", or "@", or "subdomain" names -* shortened(domain) -- prints $DOMAIN-relative shortened name, printing +* shorten(domain) -- prints $DOMAIN-relative shortened name, printing only subdomain parts or "@" -* zone_start(serial) -- prints SOA record with two predefined (hardcoded) +* zone(serial) -- prints SOA record with two predefined (hardcoded) nameservers and none DMARC policy -* add_mx(domain) -- add predefined MX records for given domain, with +* mx(domain) -- add predefined MX records for given domain, with predefined redirect-based SPF policy -* add_dane(domain) -- add DANE records for given domain. You have to - have tls/ subdirectory, containing zeasypki's state +* dane(domain, [port=443]) -- add DANE records for given domain. You + have to have tls/ subdirectory, containing zeasypki's state (http://www.git.stargrave.org/?p=zeasypki.git;a=blob;f=README) It looks in each CA's subdirectory if keypair exists for the domain, printing necessary CAA and TLSA records -* add_ssh(domain) -- searches for corresponding public key in ssh/ +* ssh(domain) -- searches for corresponding public key in ssh/ subdirectory and (if it exists) prints corresponding SSHFP record -* add_subdomain(domain, addresses) -- adds specified domain with - provided space-separated addresses. It automatically calls add_dane - and add_ssh helpers. Unless $NOSPF=1 is specified, it prints "-all" - SPF policy. If $Y=1 is specified, then it adds "y.domain" address with - predefined $Y6 address and "-all" SPF policy -* add_pgp(keyid, uid) -- prints _openpgpkey DANE record for given - OpenPGP key of desired UID. "uid" is optional and useful only if your - key have got multiple UIDs and you need to add only the single - specified one +* subdomain(domain, addrs, [y nospf dane:PORT]) -- adds specified domain + with provided space-separated addresses. It automatically calls dane + and ssh helpers. Third argument is a list containing three optional + elements. Unless "nospf" is specified, it prints "-all" SPF policy. If + "y" is specified, it adds "y.domain" address with predefined $Y6 + address and "-all" SPF policy +* pgp(keyid, uid) -- prints _openpgpkey DANE record for given OpenPGP + key of desired UID. "uid" is optional and useful only if your key have + got multiple UIDs and you need to add only the single specified one -To omit burden of sourcing rc.zsh, setting $DOMAIN and rebuilding zones +To omit burden of sourcing rc.tcl, setting $DOMAIN and rebuilding zones after its change, there is default.zone.do redo (http://cr.yp.to/redo.html) -target, expecting your script in $domain.zsh file. +target, expecting your script in $domain.tcl file. For example the zone for nncpgo.org domain with mail-capabilities, WWW subdomain (available via Yggdrasil network), OpenPGP DANE key, @@ -48,12 +51,12 @@ created the following way: $ mkdir -p ssh $ print ssh-ed25519 AAAA... > ssh/www.nncpgo.org - $ cat > nncpgo.org.zsh < nncpgo.org.tcl <