Updates a DNS zone managed by OVH, using OVH API.
The source of truth is a plain-text file containing one DNS record per line. If a difference is found between the contents of the file and the current records, then the OVH API is queried to add or delete records until they match what is defined in the file.
./ovh_reconciler.py \
--input=dns-zones.txt \
--application_secret=186f21790a66a1c873efa4a1e7720c45c \
--application_key=1b0c24317eba8cdb \
--consumer_key=9f953cd64e5d32233192730ad1cdaaf1 \
--dns_zone=myzone.frWhere dns-zones.txt is a text file containing one record per line, for instance:
blog IN A 18.204.249.102
ng IN CNAME nginx
ftp IN CNAME @
ovh IN AAAA 2001:41d0:402:3300::1d20
_dmarc IN TXT ( "v=DMARC1; p=none" )
The application secret, application key and consumer key are issued by OVH when creating an API token.
This script requires the following permissions on /domain/zone/myzone.fr: GET
to fetch the current records and compare them with the intent, POST to create
new records and DELETE to remove records.
-
--input: Can be either a path towards a file containing the source of truth for the DNS zones, or '-' to read from stdio. -
--verbosity: Set to 1 to log extra debugging information -
--dry_run: Do not add/remove DNS zones, only print to screen what would be done. Note that OVH API is still queried, but only to read the existing records. -
--application_secret,--application_key,--consumer_key: values provided by OVH API upon creating a new token.
Only records of type A, AAAA, CNAME and TXT are supported. Other record types are ignored.