[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS delegation

From: Tobias Geerinckx-Rice
Subject: Re: DNS delegation
Date: Fri, 15 Mar 2019 15:11:02 +0100


Julien Lepiller wrote:
Was it… DNS-01 challenges? That doesn't even care about IPs at all.

Does it mean we need to manually update the zone?

I was about to write ‘no, ha ha, imagine that’, but then I remembered that you're using the Guix service configuration wrappers which do hard-code the zone data in the system configuration :-/

You can always delegate a subdomain just for the ACME challenges, though, and have that statefully updated by a certbot hook. I'm being vague because I don't know the exact names, but it's completely supported.

How do you automate that process?

Me personally? RFC-2136 (‘nsupdate’) dynamic updates, allowed only from localhost. But I never use Guix's service configuration wrappers.

Kind regards,


reply via email to

[Prev in Thread] Current Thread [Next in Thread]