Add a script for creating DNS records in Cloudflare #692
Conversation
link2xt
left a comment
link2xt
left a comment
There was a problem hiding this comment.
CAA record is simply not created, DKIM key is missing.
Also this script will need to be maintained if merged and we don't use cloudflare so cannot test it.
If we want to automate uploading DNS records to APIs, I would at least use existing solution like https://github.com/StackExchange/dnscontrol instead of rolling out our own that only supports cloudflare and is not used by anyone else.
| create_record "$(generate_post_data_txt_record "$CHATMAIL_FULL_DNS_NAME" '\"v=spf1 a ~all\"')" | ||
| create_record "$(generate_post_data_txt_record "_dmarc.$CHATMAIL_FULL_DNS_NAME" '\"v=DMARC1;p=reject;adkim=s;aspf=s\"')" | ||
| create_record "$(generate_post_data_txt_record "_adsp._domainkey.$CHATMAIL_FULL_DNS_NAME" '\"dkim=discardable\"')" | ||
| create_record "$(generate_post_data_txt_record "opendkim._domainkey.$CHATMAIL_FULL_DNS_NAME" '\"v=DKIM1;k=rsa;p=;s=email;t=s\"')" |
There was a problem hiding this comment.
p= value is empty, so there is no actual DKIM key.
hpk42
left a comment
hpk42
left a comment
There was a problem hiding this comment.
I am generally in favor of finding a way to automatically set DNS records instead of just reading/verifying them.
But maintaining a bash script in scripts/ with manual instructions how to use it is not a good way to introduce it.
Better to think about integration into "cmdeploy" CLI flows related to DNS, and also consider it from the documentation side ("how to deal with DNS" is probably the most major pain point in setting up a relay). We could put the cloud-flare script into an "examples" section after #711 is merged.
A small script that allows you to create all the necessary DNS records in Cloudflare.