diff --git a/src/yunohost/domain.py b/src/yunohost/domain.py index 560a6fda5..685e60517 100644 --- a/src/yunohost/domain.py +++ b/src/yunohost/domain.py @@ -209,6 +209,11 @@ def domain_dns_conf(domain, ttl=None): for record in dns_conf["mail"]: result += "\n{name} {ttl} IN {type} {value}".format(**record) + result += "\n\n" + result += "; Extra" + for record in dns_conf["extra"]: + result += "\n{name} {ttl} IN {type} {value}".format(**record) + is_cli = True if msettings.get('interface') == 'cli' else False if is_cli: logger.info(m18n.n("domain_dns_conf_is_just_a_recommendation")) @@ -334,6 +339,9 @@ def _build_dns_conf(domain, ttl=3600): {"type": "TXT", "name": "mail._domainkey", "value": "\"v=DKIM1; k=rsa; p=some-super-long-key\"", "ttl": 3600}, {"type": "TXT", "name": "_dmarc", "value": "\"v=DMARC1; p=none\"", "ttl": 3600} ], + "extra": [ + {"type": "CAA", "name": "@", "value": "128 issue 'letsencrypt.org", "ttl": 3600}, + ], } """ @@ -387,10 +395,16 @@ def _build_dns_conf(domain, ttl=3600): ["_dmarc", ttl, "TXT", '"v=DMARC1; p=none"'], ] + # Extra + extra = [ + ["@", ttl, "CAA", "128 issue 'letsencrypt.org'"] + ] + return { "basic": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in basic], "xmpp": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in xmpp], "mail": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in mail], + "extra": [{"name": name, "ttl": ttl, "type": type_, "value": value} for name, ttl, type_, value in extra], } diff --git a/src/yunohost/dyndns.py b/src/yunohost/dyndns.py index 88547b4db..a1427ba29 100644 --- a/src/yunohost/dyndns.py +++ b/src/yunohost/dyndns.py @@ -263,6 +263,7 @@ def dyndns_update(operation_logger, dyn_host="dyndns.yunohost.org", domain=None, ] dns_conf = _build_dns_conf(domain) + del dns_conf["extra"] # Ignore records from the 'extra' category # Delete the old records for all domain/subdomains