# README
hetzner-dnsapi-proxy
hetzner-dnsapi-proxy proxies DNS API update requests to the Hetzner DNS API.
Authorization takes place via a list of domains and host addresses allowed to update them for now.
Container image
Get the container image from ghcr.io
TODO
- More elaborate authentication / authorization mechanism
- Add tests
Supported DNS APIs
| API | Endpoint |
|---|---|
| lego HTTP request | POST /httpreq/presentPOST /httpreq/cleanup (always returns 200 OK)(see https://go-acme.github.io/lego/dns/httpreq/) |
| ACMEDNS | POST /acmedns/update(see https://github.com/joohoi/acme-dns#update-endpoint) |
| DirectAdmin | GET /directadmin/CMD_API_SHOW_DOMAINSGET /directadmin/CMD_API_DNS_CONTROL (only adding TXT records, everything else always returns 200 OK)GET /directadmin/CMD_API_DOMAIN_POINTER (only a stub, always returns 200 OK)(see https://www.directadmin.com/api.php and https://www.directadmin.com/features.php?id=504) |
| plain HTTP | GET /plain/update (query params hostname and ip) |
Environment variables
| Variable | Type | Description | Required | Default |
|---|---|---|---|---|
API_TOKEN | string | Auth token for the API | Y | |
API_TIMEOUT | int | Timeout for calls to the API in seconds | N | 15 seconds |
RECORD_TTL | int | TTL that is set when creating/updating records | N | 60 seconds |
ALLOWED_DOMAINS | string | Combination of domains and CIDRs allowed to update them, example:example1.com,127.0.0.1/32;_acme-challenge.example2.com,127.0.0.1/32 | Y | |
LISTEN_ADDR | string | Listen address of hetzner-dnsapi-proxy | N | :8081 |
TRUSTED_PROXIES | string | List of trusted proxy host addresses separated by comma | N | Trust all proxies |
# Packages
No description provided by the author