Connect to a local knot
It is possible to use it with happyDomain through Dynamic DNS (RFC 2136).
Configure Knot to enable Dynamic DNS
First, you have to edit the main knot configuration file (usually
/etc/knot/knot.conf) to add a secret that will be shared between happyDomain and knot to authenticate the changes. Then you have to indicate which domains will be managed by happyDomain.
Adding a shared secret
Under the main
key section of your configuration, add the following key:
- id: happydomain
<SOME_SECRET> with a string as obtained with
openssl rand -base64 48.
Creating an authorization rule for happyDomain
In addition to the key, you must specify in the configuration how the key can be used.
To do this, under the main
acl section, we add:
- id: acl_happydomain
This associates the
key defined just before with the actions
update, respectively to allow retrieving the zone and to update records.
Associate the authorization to each zone
Now that you have created a rule allowing the
happydomain key to make changes, you need to indicate to which zones this rule applies.
For example, for an existing
happydomain.org zone, we will add the
acl line as follows:
- domain: happydomain.org
acl element is a list, so you may already have other acl elements in this list. In this case you just need to add the
acl_happydomain element to the already existing list.
You have to add this
acl element for each zone, unless you use the following trick.
Associate the authorization to all zones
If you manage many zones, it may be more convenient to set the default authorization for all zones. In this case, instead of the previous section, we will modify the
- id: default
default template is applied to all zones by default. By doing so, all zones will inherit the
Apply the configuration
Now that the configuration file has been modified, tell
knotd to reload its configuration:
Link happyDomain and knot
knot well configured, you can link it to happyDomain using the Dynamic DNS connector :
Then fill in the form with the address where your
knot server is accessible, then fill in the different Key fields with the information from the
- Key Name : corresponds to
idin knot’s configuration ;
- Key Algorithm : corresponds to
- Secret Key : corresponds to
Once the provider is added, it does not allow you to list existing domains, but you can still manually add all your domains.