feat: documentation, and a license
This commit is contained in:
parent
658472902c
commit
9b0768da79
2 changed files with 59 additions and 0 deletions
29
LICENSE
Normal file
29
LICENSE
Normal file
|
|
@ -0,0 +1,29 @@
|
||||||
|
BSD 3-Clause License
|
||||||
|
|
||||||
|
Copyright (c) 2026, Michael Hinz
|
||||||
|
All rights reserved.
|
||||||
|
|
||||||
|
Redistribution and use in source and binary forms, with or without
|
||||||
|
modification, are permitted provided that the following conditions are met:
|
||||||
|
|
||||||
|
1. Redistributions of source code must retain the above copyright notice, this
|
||||||
|
list of conditions and the following disclaimer.
|
||||||
|
|
||||||
|
2. Redistributions in binary form must reproduce the above copyright notice,
|
||||||
|
this list of conditions and the following disclaimer in the documentation
|
||||||
|
and/or other materials provided with the distribution.
|
||||||
|
|
||||||
|
3. Neither the name of the copyright holder nor the names of its
|
||||||
|
contributors may be used to endorse or promote products derived from
|
||||||
|
this software without specific prior written permission.
|
||||||
|
|
||||||
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||||
|
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||||
|
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
|
||||||
|
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
||||||
|
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
||||||
|
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||||
|
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||||
|
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
30
README.md
30
README.md
|
|
@ -4,4 +4,34 @@ Check if the DNSKEY for given domains is the same for the primary and
|
||||||
the secondary DNS server, if not, push by updating the SOA record of
|
the secondary DNS server, if not, push by updating the SOA record of
|
||||||
that zone with the current date and a running number.
|
that zone with the current date and a running number.
|
||||||
|
|
||||||
|
## Prerequisites
|
||||||
|
|
||||||
|
- PowerDNS authoritative server
|
||||||
|
- MySQL/MariaDB backend, and your ability to give the dnssec-fix script access
|
||||||
|
- uv (fantastic package manager for Python)
|
||||||
|
|
||||||
|
## Security
|
||||||
|
|
||||||
|
The script needs the ability to reach all the nameservers mentioned in the config,
|
||||||
|
and has to have an account on the MySQL/MariaDB server that has the SELECT and
|
||||||
|
UPDATE privileges for the records table in the PowerDNS database.
|
||||||
|
|
||||||
|
## Future ideas
|
||||||
|
|
||||||
|
Or ideas for the future...
|
||||||
|
|
||||||
|
- convert to Django for more features:
|
||||||
|
- better logging
|
||||||
|
- delayed action (only publish new SOA records after three mis-lookups in a row)
|
||||||
|
- better configurability
|
||||||
|
- more detailed error handling, recognize timeouts and don't react to them as if
|
||||||
|
the script got "wrong" data
|
||||||
|
- get the list of nameservers from DNS instead of a config file (more correct for
|
||||||
|
zones with varying nameserver configurations)
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
This isn't a big script. It isn't a complicated script either. Actually it's more
|
||||||
|
of a hack. So I license this code with the 3-clause BSD license.
|
||||||
|
|
||||||
Michael Hinz - 2026-02-12
|
Michael Hinz - 2026-02-12
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue