diff --git a/external-dns/atproto-txt.yaml b/external-dns/atproto-txt.yaml new file mode 100644 index 00000000..c23b97af --- /dev/null +++ b/external-dns/atproto-txt.yaml @@ -0,0 +1,11 @@ +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: atproto-txt +spec: + endpoints: + - dnsName: _atproto.hashbang.sh + recordTTL: 60 + recordType: TXT + targets: + - 'did=did:plc:d5vnrky4rxilzxou6get5tlt' diff --git a/external-dns/crd.yaml b/external-dns/crd.yaml new file mode 100644 index 00000000..4a4af08f --- /dev/null +++ b/external-dns/crd.yaml @@ -0,0 +1,101 @@ +# https://github.com/kubernetes-sigs/external-dns/blob/cc937a36aa29b2f105788bbc98494a4c06449cd3/docs/sources/crd/crd-manifest.yaml +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.kubernetes.io: https://github.com/kubernetes-sigs/external-dns/pull/2007 + controller-gen.kubebuilder.io/version: v0.15.0 + name: dnsendpoints.externaldns.k8s.io +spec: + group: externaldns.k8s.io + names: + kind: DNSEndpoint + listKind: DNSEndpointList + plural: dnsendpoints + singular: dnsendpoint + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: DNSEndpointSpec defines the desired state of DNSEndpoint + properties: + endpoints: + items: + description: Endpoint is a high-level way of a connection between + a service and an IP + properties: + dnsName: + description: The hostname of the DNS record + type: string + labels: + additionalProperties: + type: string + description: Labels stores labels defined for the Endpoint + type: object + providerSpecific: + description: ProviderSpecific stores provider specific config + items: + description: ProviderSpecificProperty holds the name and value + of a configuration which is specific to individual DNS providers + properties: + name: + type: string + value: + type: string + type: object + type: array + recordTTL: + description: TTL for the record + format: int64 + type: integer + recordType: + description: RecordType type of record, e.g. CNAME, A, AAAA, + SRV, TXT etc + type: string + setIdentifier: + description: Identifier to distinguish multiple records with + the same name and type (e.g. Route53 records with routing + policies other than 'simple') + type: string + targets: + description: The targets the DNS record points to + items: + type: string + type: array + type: object + type: array + type: object + status: + description: DNSEndpointStatus defines the observed state of DNSEndpoint + properties: + observedGeneration: + description: The generation observed by the external-dns controller. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/external-dns/kustomization.yaml b/external-dns/kustomization.yaml index 7b469a11..c8ea92d7 100644 --- a/external-dns/kustomization.yaml +++ b/external-dns/kustomization.yaml @@ -4,13 +4,16 @@ namespace: external-dns commonLabels: app.kubernetes.io/name: external-dns resources: +- crd.yaml - resources.yaml - networkpolicy.yaml - service-monitor.yaml +# Enable when AWS TXT records supported +# - atproto-txt.yaml patches: - path: aws_credentials.yaml generators: - secret-generator.yaml images: - name: registry.k8s.io/external-dns/external-dns - newTag: v0.15.1@sha256:4f3ba4c2bd28030caad05bb7b47fbf47549a46d5e8443b74f0be463550b4fc2b + newTag: v0.16.1@sha256:37d3a7a05c4638b8177382b80a627c223bd84a53c1a91be137245bd3cfdf9986 diff --git a/external-dns/resources.yaml b/external-dns/resources.yaml index fa6000db..37ea208d 100644 --- a/external-dns/resources.yaml +++ b/external-dns/resources.yaml @@ -21,6 +21,13 @@ rules: - apiGroups: [""] resources: ["nodes"] verbs: ["watch", "list"] +# Rules for DNS Endpoints CRD +- apiGroups: ["externaldns.k8s.io"] + resources: ["dnsendpoints"] + verbs: ["get","watch","list"] +- apiGroups: ["externaldns.k8s.io"] + resources: ["dnsendpoints/status"] + verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -55,6 +62,11 @@ spec: - --provider=aws - --txt-owner-id=digitalocean-hashbang - --txt-prefix=_owner. + - --source=crd + - --domain-filter=hashbang.sh + - --managed-record-types=A + - --managed-record-types=CNAME + - --managed-record-types=TXT ports: - containerPort: 7979 name: metrics