danectl-nsupdate - Adapt danectl DNS RR output for BIND9 nsupdate
danectl rollover <cert-name> | danectl-nsupdate <ttl> | nsupdate
danectl tlsa-check <cert-name> | danectl-nsupdate <ttl> | nsupdate
danectl sshfp-check <hostname> | danectl-nsupdate <ttl> | nsupdate
danectl -1 smimea-check <cert.pem> | danectl-nsupdate <ttl> | nsupdate
danectl -1 openpgpkey-check <email> | danectl-nsupdate <ttl> | nsupdatedanectl-nsupdate is an output adapter for danectl(1). Certain danectl(1) commands (see the examples above) produce output that indicates DNS RRs that need to be removed or added to the DNS.
This adapter is a filter that accepts that output from danectl(1), and produces the corresponding input for nsupdate(1) to implement the indicated changes via dynamic DNS updates.
There are many ways to implement changes to the DNS. danectl currently provides two adapters for this purpose. Contributions of more adapters would be welcomed.
The multi-line danectl(1) output for SMIMEA and OPENPGPKEY DNS RRs is not supported. The single-line output must be used (see the examples above).
danectl(1), nsupdate(1), danectl-zonefile(1).
raf <raf@raf.org>