On Wed, Nov 22, 2017 at 12:57:31PM +0100, Nicolas Dandrimont wrote: > * Julien Cristau <jcris...@debian.org> [2017-11-22 12:16:05 +0100]: > > On 11/22/2017 01:38 AM, Nicolas Dandrimont wrote: [...] > > > 1/ DNS updates > > > > > > We would like to be able to update DNS entries for a subtree of > > > debconf.org to > > > accommodate dynamic cloud instances. Our previous setup used > > > video.debconf.org, > > > but we would like to move *streaming* to *.live.debconf.org, which will > > > allow > > > video.debconf.org to be reused for a static documentation / video player / > > > streaming player website. Could we enable the videoteam user on vittoria > > > (or > > > another role user) to do so? > > > > Is the idea to have DNS updates triggered automatically or by humans? > > If the former, I wonder if using a third party DNS provider's API would > > be better than direct git commits to our repo. We recently got access > > to netnod's API thing, so that might be an option (haven't played with > > it yet). Something like route53 might be another. If updates would be > > triggered by humans then we could give those users access to the zone. > > Having it controlled by humans through your git repo now (so we're sure we can > have things set up for the miniconf without poking you too much), and > scripting > an external API during our sprint so we can have a turn-key setup for future > events sounds like a fair compromise. > > I propose the following zones: > - live.debconf.org controlled through git by {olasd@d.o, ivodd@d.o, > stefanor@d.o} > - live-test.debconf.org to be set up to be handled by an external API > > Once the external API has been tested we can switch that over.
DNS has support for authenticated dynamic updates. Bind supports that. Why not use that? nsupdate -k <TSIG key> <update filename> where <update filename> contains something like: server 192.168.0.1 update delete host01.live-test.debconf.org update add newhost.live-test.debconf.org 86400 IN A a.b.c.d. You generate a TSIG key with ddns-confgen. Done. -- Could you people please use IRC like normal people?!? -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008 Hacklab