diff --git a/docs/_providers/doh.md b/docs/_providers/doh.md index bd74cd14b..d90846b3f 100644 --- a/docs/_providers/doh.md +++ b/docs/_providers/doh.md @@ -6,7 +6,7 @@ jsId: DNSOVERHTTPS --- # DNS-over-HTTPS Provider -This is a read-only/monitoring "registrar". It does a DNS NS lookup to confirm the nameserver servers are correct. This "registrar" is unable to update the NS servers but will alert you if they are incorrect. A common use of this provider is when the domain is with a registrar that does not have an API. +This is a read-only/monitoring "registrar". It does a DNS NS lookup to confirm the nameserver servers are correct. This "registrar" is unable to update/correct the NS servers but will alert you if they are incorrect. A common use of this provider is when the domain is with a registrar that does not have an API. ## Configuration The DNS-over-HTTPS provider does not require anything in `creds.json`. By default, it uses Google Public DNS however you may configure an alternative RFC 8484 DoH provider. @@ -19,10 +19,10 @@ The DNS-over-HTTPS provider does not require anything in `creds.json`. By defaul } {% endhighlight %} -Some common DoH providers are `cloudflare-dns.com` [Cloudflare](https://developers.cloudflare.com/1.1.1.1/dns-over-https), `9.9.9.9` [Quad9](https://www.quad9.net/about/), and `dns.google` [Google Public DNS](https://developers.google.com/speed/public-dns/docs/doh) +Some common DoH providers are `cloudflare-dns.com` ([Cloudflare](https://developers.cloudflare.com/1.1.1.1/dns-over-https)), `9.9.9.9` ([Quad9](https://www.quad9.net/about/)), and `dns.google` ([Google Public DNS](https://developers.google.com/speed/public-dns/docs/doh)). ## Metadata -This provider does not recognize any special metadata fields unique to Internet.bs. +This provider does not recognize any special metadata fields unique to DOH. ## Usage Example Javascript: diff --git a/docs/nameservers.md b/docs/nameservers.md index ddac2684e..54cf3a1f8 100644 --- a/docs/nameservers.md +++ b/docs/nameservers.md @@ -1,12 +1,9 @@ --- layout: default -title: Nameservers +title: Nameservers and Delegations --- -# Nameservers - -{% highlight javascript %} -{% endhighlight %} +# Nameservers and Delegations DNSControl can handle a variety of provider scenarios. The registrar and DNS provider can be the same company, different company, they can even be unknown! @@ -15,7 +12,7 @@ The document shows examples of many common and uncommon configurations. * TOC {:toc} -## Constants +# Constants All the examples use the variables. Substitute your own. @@ -39,6 +36,8 @@ var DNS_CLOUDFLARE = NewDnsProvider("cloudflare_main", "CLOUDFLAREAPI"); var DNS_BIND = NewDnsProvider("bind", "BIND"); {% endhighlight %} +# Typical Delegations + ## Same provider for REG and DNS Purpose: @@ -165,28 +164,6 @@ D("example1.com", REG_NAMECOM, ); {% endhighlight %} -## Backup your zone - -Purpose: -Make backups of DNS records in a zone. This generates a zonefile listing all -the records in the zone. - -Why? -You want to write out a BIND-style zonefile for debugging, historical, or -auditing purposes. Some sites do backups of these zonefiles to create a history -of changes. This is different than keeping a history of `dnsconfig.js` because -this is the output of DNSControl, not the input. - -NOTE: This won't work if you use pseudo rtypes that BIND doesn't support. - -{% highlight javascript %} -D("example1.com", REG_NAMECOM, - DnsProvider(DNS_NAMECOM), - DnsProvider(DNS_BIND, 0), // Don't activate any nameservers related to BIND. - A("@", "10.2.3.4") -); -{% endhighlight %} - ## Dual DNS Providers Purpose: @@ -212,6 +189,51 @@ D("example1.com", REG_NAMECOM, ); {% endhighlight %} +# Other uses + +## Make zonefile backups + +Purpose: +Make backups of DNS records in a zone. This generates a zonefile listing all +the records in the zone. + +Why? +You want to write out a BIND-style zonefile for debugging, historical, or +auditing purposes. Some sites do backups of these zonefiles to create a history +of changes. This is different than keeping a history of `dnsconfig.js` because +this is the output of DNSControl, not the input. + +NOTE: This won't work if you use pseudo rtypes that BIND doesn't support. + +{% highlight javascript %} +D("example1.com", REG_NAMECOM, + DnsProvider(DNS_NAMECOM), + DnsProvider(DNS_BIND, 0), // Don't activate any nameservers related to BIND. + A("@", "10.2.3.4") +); +{% endhighlight %} + +## Monitor delegation + +Purpose: +You don't control the registrar but want to detect if the delegation changes. +You can specify the existing nameservers in `dnsconfig.js` and you will get +a notified if the delegation diverges. + +Why? +Sometimes you just want to know if something changes! + +See the DNS-over-HTTPS Provider documentation for more info. + +{% highlight javascript %} +var REG_MONITOR = NewRegistrar('DNS-over-HTTPS', 'DNSOVERHTTPS'); + +D("example1.com", REG_MONITOR, + NAMESERVER("ns1.example1.com."), + NAMESERVER("ns2.example1.com."), +); +{% endhighlight %} + # Helper macros DNSControl has some built-in macros that you might find useful. @@ -240,6 +262,6 @@ DOMAIN_ELSEWHERE_AUTO("example1.com", REG_NAMECOM, DNS_AWS); DOMAIN_ELSEWHERE_AUTO("example2.com", REG_NAMECOM, DNS_GOOGLE); {% endhighlight %} -# Warning! +# Limits {% include alert.html text="Note: Not all providers allow full control over the NS records of your zone. It is not recommended to use these providers in complicated scenarios such as hosting across multiple providers. See individual provider docs for more info." %}