github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

Updated dnsapi (markdown)

master
Sergey Ponomarev 2023-06-06 16:00:18 +03:00
parent c9bd1528a8
commit 94ec50b6b2
1 changed files with 134 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

199
dnsapi.md

@ -4,6 +4,7 @@ If your DNS provider doesn't provide API access, you can use our DNS alias mode:
https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode
* [1. CloudFlare](#dns_cf)
* [2. DNSPod.cn Option:](#dns_dp)
* [4. Use GoDaddy.com domain API to automatically issue cert](#dns_gd)
@ -70,7 +71,11 @@ https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode
* [75. Use DDNSS.de API](#dns_ddnss)
* [76. Use NLnetLabs NSD](#dns_nsd)
<a name="dns_cf" />
<a name="dns_cf" />
## 1. CloudFlare Option:
Cloudflare Domain API offers two methods to automatically issue certs.
@ -105,7 +110,8 @@ Ok, let's issue a cert now:
The `CF_Key` and `CF_Email` or `CF_Token`and `CF_Account_ID`will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dp" />
<a name="dns_dp" />
## 2. DNSPod.cn Option:
The DNSPod.cn Domain API option requires that you first login to your account to get a DNSPod API Key and ID.
@ -128,7 +134,8 @@ The `DP_Id` and `DP_Key` will be saved in `~/.acme.sh/account.conf` and will be
~~Removed~~
<a name="dns_gd" />
<a name="dns_gd" />
## 4. Use GoDaddy.com domain API to automatically issue cert
First you need to login to your GoDaddy account to get your API Key and Secret.
@ -150,7 +157,8 @@ Ok, let's issue a cert now:
The `GD_Key` and `GD_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_pdns" />
<a name="dns_pdns" />
## 5. Use PowerDNS embedded API to automatically issue cert
First you need to login to your PowerDNS account to enable the API and set your API-Token in the configuration.
@ -172,13 +180,15 @@ Ok, let's issue a cert now:
The `PDNS_Url`, `PDNS_ServerId`, `PDNS_Token` and `PDNS_Ttl` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_ovh" />
<a name="dns_ovh" />
## 6. Use OVH, Kimsufi, So you Start API to automatically issue cert
https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api
<a name="dns_nsupdate" />
<a name="dns_nsupdate" />
## 7. Use nsupdate to automatically issue cert
First, generate a key for updating the zone
@ -246,7 +256,8 @@ Ok, let's issue a cert now:
The `NSUPDATE_SERVER`, `NSUPDATE_KEY`, and `NSUPDATE_ZONE` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_lua" />
<a name="dns_lua" />
## 8. Use LuaDNS domain API
Get your API token at https://api.luadns.com/settings
@ -264,7 +275,8 @@ To issue a cert:
The `LUA_Key` and `LUA_Email` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_me" />
<a name="dns_me" />
## 9. Use DNSMadeEasy domain API
Get your API credentials at https://cp.dnsmadeeasy.com/account/info
@ -282,7 +294,8 @@ To issue a cert:
The `ME_Key` and `ME_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_aws" />
<a name="dns_aws" />
## 10. Use Amazon Route53 domain API
https://github.com/Neilpang/acme.sh/wiki/How-to-use-Amazon-Route53-API
@ -306,7 +319,8 @@ export AWS_DNS_SLOWRATE=1 (sleep between API requests in seconds)
The `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY` and `AWS_DNS_SLOWRATE` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. The `AWS_DNS_SLOWRATE` will enable the sleep between API requests to AWS servers. It will help to mitigate the AWS rate limit
<a name="dns_ali" />
<a name="dns_ali" />
## 11. Use Aliyun domain API to automatically issue cert
First you need to login to your Aliyun account to get your RAM API key.
@ -325,7 +339,8 @@ Ok, let's issue a cert now:
The `Ali_Key` and `Ali_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_ispconfig" />
<a name="dns_ispconfig" />
## 12. Use ISPConfig 3.1 API
This only works for ISPConfig 3.1 (and newer).
@ -349,7 +364,8 @@ To issue a cert:
The `ISPC_User`, `ISPC_Password`, `ISPC_Api`and `ISPC_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_ad" />
<a name="dns_ad" />
## 13. Use Alwaysdata domain API
First you need to login to your Alwaysdata account to get your API Key.
@ -368,7 +384,8 @@ The `AD_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused
when needed.
<a name="dns_linode_v4" />
<a name="dns_linode_v4" />
## 14. Use Linode domain API
### Cloud Manager ###
@ -399,7 +416,8 @@ The `LINODE_V4_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be
reused when needed.
<a name="dns_freedns" />
<a name="dns_freedns" />
## 15. Use FreeDNS
[FreeDNS](https://freedns.afraid.org/) does not provide an API to update DNS records (other than IPv4 and IPv6
@ -431,7 +449,8 @@ If you have any issues with FreeDNS API please report them here...
https://github.com/Neilpang/acme.sh/issues/2305
<a name="dns_cyon" />
<a name="dns_cyon" />
## 16. Use cyon.ch
You only need to set your cyon.ch login credentials.
@ -456,7 +475,8 @@ The `CY_Username`, `CY_Password` and `CY_OTP_Secret` will be saved in `~/.acme.s
~~Removed~~
<a name="dns_gandi_livedns" />
<a name="dns_gandi_livedns" />
## 18. Use Gandi LiveDNS API
You must enable the new Gandi LiveDNS API first and then create your api key, See: https://api.gandi.net/docs/livedns/
@ -471,7 +491,8 @@ Ok, let's issue a cert now:
```
<a name="dns_knot" />
<a name="dns_knot" />
## 19. Use Knot (knsupdate) DNS API to automatically issue cert
First, generate a TSIG key for updating the zone.
@ -524,7 +545,8 @@ Ok, let's issue a cert now:
The `KNOT_SERVER` and `KNOT_KEY` and `KNOT_ZONE` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dgon" />
<a name="dns_dgon" />
## 20. Use DigitalOcean API (native)
You need to obtain a read and write capable API key from your DigitalOcean account. See: https://www.digitalocean.com/help/api/
@ -539,7 +561,8 @@ Ok, let's issue a cert now:
```
<a name="dns_cloudns" />
<a name="dns_cloudns" />
## 21. Use ClouDNS.net API
You need to set the HTTP API user ID and password credentials. See: https://www.cloudns.net/wiki/article/42/. For security reasons, it's recommended to use a sub user ID that only has access to the necessary zones, as a regular API user has access to your entire account.
@ -559,7 +582,8 @@ Ok, let's issue a cert now:
The `CLOUDNS_AUTH_ID` and `CLOUDNS_AUTH_PASSWORD` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_infoblox" />
<a name="dns_infoblox" />
## 22. Use Infoblox API
First you need to create/obtain API credentials on your Infoblox appliance.
@ -578,7 +602,8 @@ Note: This script will automatically create and delete the ephemeral txt record.
The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_vscale" />
<a name="dns_vscale" />
## 23. Use VSCALE API
First you need to create/obtain API tokens on your [settings panel](https://vscale.io/panel/settings/tokens/).
@ -593,7 +618,8 @@ Ok, let's issue a cert now:
```
<a name="dns_dynu" />
<a name="dns_dynu" />
## 24. Use Dynu API
First you need to create/obtain API credentials from your Dynu account. See: https://www.dynu.com/resources/api/documentation
@ -611,7 +637,8 @@ Ok, let's issue a cert now:
The `Dynu_ClientId` and `Dynu_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dnsimple" />
<a name="dns_dnsimple" />
## 25. Use DNSimple API
First you need to login to your DNSimple account and generate a new oauth token.
@ -639,7 +666,8 @@ If you have any issues with this integration please report them to
https://github.com/pho3nixf1re/acme.sh/issues.
<a name="dns_nsone" />
<a name="dns_nsone" />
## 26. Use NS1.com API
```sh
@ -652,7 +680,8 @@ Ok, let's issue a cert now:
```
<a name="dns_duckdns" />
<a name="dns_duckdns" />
## 27. Use DuckDNS.org API
```sh
@ -666,7 +695,8 @@ acme.sh --insecure --issue --dns dns_duckdns -d mydomain.duckdns.org
```
<a name="dns_namecom" />
<a name="dns_namecom" />
## 28. Use Name.com API
Create your API token here: https://www.name.com/account/settings/api
@ -688,7 +718,8 @@ If you had Two-step Authentication enabled, make sure to change your security se
For issues, please report to https://github.com/raidenii/acme.sh/issues.
<a name="dns_dyn" />
<a name="dns_dyn" />
## 29. Use Dyn Managed DNS API to automatically issue cert
First, login to your Dyn Managed DNS account: https://portal.dynect.net/login/
@ -722,7 +753,8 @@ Ok, let's issue a cert now:
The `DYN_Customer`, `DYN_Username` and `DYN_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_yandex" />
<a name="dns_yandex" />
## 30. Use pdd.yandex.ru API
```sh
@ -739,7 +771,8 @@ Sometimes cloudflare / google doesn't pick new dns records fast enough. You can
For issues, please report to https://github.com/non7top/acme.sh/issues.
<a name="dns_he" />
<a name="dns_he" />
## 31. Use Hurricane Electric
[Hurricane Electric he.net](https://dns.he.net/) doesn't have an API so just set your login credentials like so:
@ -777,7 +810,8 @@ Ok, let's issue a cert now:
The `UNO_Key` and `UNO_User` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_inwx" />
<a name="dns_inwx" />
## 33. Use INWX
[INWX.de](https://www.inwx.de/) offers a [xmlrpc api](https://www.inwx.de/de/help/apidoc) with your standard login credentials, set them like so:
@ -820,7 +854,8 @@ Now you cann issue a cert:
Both, `SERVERCOW_API_Username` and `SERVERCOW_API_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_namesilo" />
<a name="dns_namesilo" />
## 35. Use Namesilo.com API
You'll need to generate an API key at https://www.namesilo.com/account/api-manager
@ -836,7 +871,8 @@ And now you can issue certs with:
./acme.sh --issue --dns dns_namesilo --dnssleep 900 -d example.com -d www.example.com
```
<a name="dns_autodns" />
<a name="dns_autodns" />
## 36. Use autoDNS (InternetX)
[InternetX](https://www.internetx.com/) offers a [xml api](https://help.internetx.com/display/API/AutoDNS+XML-API) with your standard login credentials, set them like so:
@ -856,7 +892,8 @@ Then you can issue your certificates with:
The `AUTODNS_USER`, `AUTODNS_PASSWORD` and `AUTODNS_CONTEXT` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_azure" />
<a name="dns_azure" />
## 37. Use Azure DNS
You have to create a service principal first. See:[How to use Azure DNS](https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Azure-DNS)
@ -889,7 +926,8 @@ Issuing certificates using managed identity clears previously set settings: `AZU
`AZUREDNS_SUBSCRIPTIONID` and `AZUREDNS_MANAGEDIDENTITY` will be saved in ~/.acme.sh/account.conf for future use.
<a name="dns_selectel" />
<a name="dns_selectel" />
## 38. Use selectel.com(selectel.ru) domain API to automatically issue cert
First you need to login to your account to get your API key from: https://my.selectel.ru/profile/apikeys.
@ -907,7 +945,8 @@ Ok, let's issue a cert now:
The `SL_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_zonomi" />
<a name="dns_zonomi" />
## 39. Use zonomi.com domain API to automatically issue cert
First you need to login to your account to find your API key from: http://zonomi.com/app/dns/dyndns.jsp
@ -931,7 +970,8 @@ Ok, let's issue a cert now:
The `ZM_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_dreamhost" />
<a name="dns_dreamhost" />
## 40. Use DreamHost DNS API
DNS API keys may be created at https://panel.dreamhost.com/?tree=home.api.
@ -946,7 +986,8 @@ The 'DH_API_KEY' will be saved in `~/.acme.sh/account.conf` and will
be reused when needed.
<a name="dns_da" />
<a name="dns_da" />
## 41. Use DirectAdmin API
The DirectAdmin interface has its own Let's encrypt functionality, but this
script can be used to generate certificates for names which are not hosted on
@ -975,7 +1016,8 @@ Ok, let's issue a cert now:
The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_zilore" />
<a name="dns_zilore" />
## 42. Use KingHost DNS API
API access must be enabled at https://painel.kinghost.com.br/painel.api.php
@ -989,7 +1031,8 @@ export KINGHOST_Password="yourpassword"
The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_zilore" />
<a name="dns_zilore" />
## 43. Use Zilore DNS API
First, get your API key at https://my.zilore.com/account/api
@ -1005,7 +1048,8 @@ Ok, let's issue a cert now:
The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_loopia" />
<a name="dns_loopia" />
## 44. Use Loopia API
User must provide login credentials to the Loopia API.
@ -1044,7 +1088,8 @@ The exported variables will be saved in `~/.acme.sh/account.conf` and
will be reused when needed.
<a name="dns_acmedns" />
<a name="dns_acmedns" />
## 45. Use ACME DNS API
ACME DNS is a limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
@ -1080,7 +1125,8 @@ export TELE3_Secret="<secret>"
The TELE3_Key and TELE3_Secret will be saved in ~/.acme.sh/account.conf and will be reused when needed.
<a name="dns_euserv" />
<a name="dns_euserv" />
## 47. Use Euserv.eu API
First you need to login to your euserv.eu account and activate your API Administration (API Verwaltung).
@ -1104,7 +1150,8 @@ The `EUSERV_Username` and `EUSERV_Password` will be saved in `~/.acme.sh/account
Please report any issues to https://github.com/initit/acme.sh or to <github@initit.de>
<a name="dns_gcloud" />
<a name="dns_gcloud" />
## 48. Use DNSPod.com domain API to automatically issue cert
First you need to get your API Key and ID by this [get-the-user-token](https://www.dnspod.com/docs/info.html#get-the-user-token).
@ -1143,7 +1190,8 @@ export CLOUDSDK_ACTIVE_CONFIG_NAME=default # see the note above
`dns_gcloud` also supports [DNS alias mode](https://github.com/Neilpang/acme.sh/wiki/DNS-alias-mode).
<a name="dns_netcup" />
<a name="dns_netcup" />
## 50. Use ConoHa API
First you need to login to your ConoHa account to get your API credentials.
@ -1185,7 +1233,8 @@ Removed
https://github.com/acmesh-official/acme.sh/pull/4049
<a name="dns_namecheap" />
<a name="dns_namecheap" />
## 53. Use Namecheap
You will need your namecheap username, API KEY (https://www.namecheap.com/support/api/intro.aspx) and your external IP address (or a URL to get it), this IP will need to be whitelisted at Namecheap.
@ -1210,7 +1259,8 @@ Now you can issue a certificate.
If you find any bugs of namecheap dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2107
<a name="dns_mydnsjp" />
<a name="dns_mydnsjp" />
## 54. Use MyDNS.JP API
First, register to MyDNS.JP and get MasterID and Password.
@ -1228,7 +1278,8 @@ To issue a certificate:
The `MYDNSJP_MasterID` and `MYDNSJP_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_hostingde" />
<a name="dns_hostingde" />
## 55. Use hosting.de API
Create an API key in your hosting.de account here: https://secure.hosting.de
@ -1254,7 +1305,8 @@ Ok, let's issue a cert now:
The hosting.de API key and endpoint will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_neodigit" />
<a name="dns_neodigit" />
## 56. Use Neodigit.net API
```sh
@ -1269,7 +1321,8 @@ Ok, let's issue a cert now:
Neodigit API Token will be saved in `~/.acme.sh/account.conf` and will be used when needed.
<a name="dns_exoscale" />
<a name="dns_exoscale" />
## 57. Use Exoscale API
Create an API key and secret key in the Exoscale account section
@ -1289,7 +1342,8 @@ Now, let's issue a cert:
The `EXOSCALE_API_KEY` and `EXOSCALE_SECRET_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_pointhq" />
<a name="dns_pointhq" />
## 58. Using PointHQ API to issue certs
Log into [PointHQ account management](https://app.pointhq.com/profile) and copy the API key from the page there.
@ -1305,7 +1359,8 @@ You can then issue certs by using:
```
<a name="dns_active24" />
<a name="dns_active24" />
## 59. Use Active24 API
Create an API token in the Active24 account section, documentation on https://faq.active24.com/cz/790131-REST-API-rozhran%C3%AD.
@ -1324,7 +1379,8 @@ Now, let's issue a cert, set `dnssleep` for propagation new DNS record:
The `ACTIVE24_Token` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_doapi" />
<a name="dns_doapi" />
## 60. Use do.de API
Create an API token in your do.de account ([Create token here](https://www.do.de/account/letsencrypt/) | [Documentation](https://www.do.de/wiki/LetsEncrypt_-_Entwickler)).
@ -1342,7 +1398,8 @@ To issue a certificate run:
The API token will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_nw" />
<a name="dns_nw" />
## 61. Use Nexcess API
First, you'll need to login to the [Nexcess.net Client Portal](https://portal.nexcess.net) and [generate a new API token](https://portal.nexcess.net/api-token).
@ -1365,7 +1422,8 @@ The `NW_API_TOKEN` and `NW_API_ENDPOINT` will be saved in `~/.acme.sh/account.co
If you find any bugs of Nexcess dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2088
<a name="dns_nw" />
<a name="dns_nw" />
## 62. Use Thermo.io API
First, you'll need to login to the [Thermo.io Client Portal](https://core.thermo.io) and [generate a new API token](https://core.thermo.io/api-token).
@ -1386,7 +1444,8 @@ Finally, we'll issue the certificate: (Thermo DNS publishes at max every 15 minu
The `NW_API_TOKEN` and `NW_API_ENDPOINT` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
<a name="dns_nw" />
<a name="dns_nw" />
## 63. Use Futurehosting API
First, you'll need to login to the [Futurehosting Client Portal](https://my.futurehosting.com) and [generate a new API token](https://my.futurehosting.com/api-token).
@ -1424,7 +1483,8 @@ Now, let's issue a cert:
If you find any bugs of Rackspace dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2091
<a name="dns_online" />
<a name="dns_online" />
## 65. Use Online API
First, you'll need to retrive your API key, which is available under https://console.online.net/en/api/access
@ -1444,7 +1504,8 @@ To issue a cert run:
If you find any bugs of online.net dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2093
<a name="dns_mydevil" />
<a name="dns_mydevil" />
## 66. Use MyDevil.net
Make sure that you can execute own binaries:
@ -1466,7 +1527,8 @@ To issue a new certificate, run:
After certificate is ready, you can install it with [deploy command](https://github.com/Neilpang/acme.sh/wiki/deployhooks#14-deploy-your-cert-on-mydevilnet).
<a name="dns_cn" />
<a name="dns_cn" />
## 67. Use Core-Networks API to automatically issue cert
First you need to login to your Core-Networks account to set up an API-User.
@ -1523,7 +1585,8 @@ To issue a cert run:
If you find any bugs of zone.eu (zone.ee) dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2146
<a name="dns_ultra" />
<a name="dns_ultra" />
## 70. Use UltraDNS API
UltraDNS is a paid for service that provides DNS, as well as Web and Mail forwarding (as well as reporting, auditing, and advanced tools).
@ -1547,7 +1610,8 @@ To issue a cert run:
`ULTRA_USR` and `ULTRA_PWD` will be saved in `~/.acme.sh/account.conf` and will be resued when needed.
<a name="dns_desec" />
<a name="dns_desec" />
## 71. Use deSEC.io
Sign up for dynDNS at https://desec.io first.
@ -1564,7 +1628,8 @@ To issue a certificate run:
If you find any bugs of deSEC.io API, please report here: https://github.com/Neilpang/acme.sh/issues/2180
<a name="dns_openprovider" />
<a name="dns_openprovider" />
## 72. Use OpenProvider API
First, you need to enable API access and retrieve your password hash on https://rcp.openprovider.eu/account/dashboard.php
@ -1580,7 +1645,8 @@ export OPENPROVIDER_PASSWORDHASH="<hash>"
If you find any bugs of OpenProvider dns API, please report here: https://github.com/Neilpang/acme.sh/issues/2104
<a name="dns_maradns" />
<a name="dns_maradns" />
## 73. Use MaraDNS API
Make sure you've configured MaraDNS properly and setup a zone file for your domain. See [`csv2(5)`](https://manpages.debian.org/stretch/maradns/csv2.5.en.html).
@ -1604,7 +1670,8 @@ Issuing a certificate:
If you find any bugs of MaraDNS DNS API, please report here: https://github.com/Neilpang/acme.sh/issues/2072
<a name="dns_hetzner" />
<a name="dns_hetzner" />
## 74. Use Hetzner API
Get the API Token:
@ -1616,7 +1683,8 @@ export HETZNER_Token="<token>"
./acme.sh --issue --dns dns_hetzner -d example.com -d www.example.com --server letsencrypt
```
<a name="dns_ddnss" />
<a name="dns_ddnss" />
## 75. Use DDNSS.de API
First create an account at https://ddnss.de. After that create a new host record.
@ -1636,7 +1704,8 @@ After that you can issue a new certificate:
If you find any bugs of ddnss.de API, please report here: https://github.com/Neilpang/acme.sh/issues/2230
<a name="dns_nsd" />
<a name="dns_nsd" />
## 76. Use NLnetLabs NSD
You need to export two variables. Your zonefile which the script will automatically edit: