lexicon

NAME

lexicon - programmatically manipulate DNS records

DESCRIPTION

This manual documents the tldextract command.

SYNOPSIS

usage: lexicon [-h] [--version] [--delegated DELEGATED] PROVIDER

OPTIONS

-h, --help

show this help message and exit

--version

show the current version of lexicon

--delegated DELEGATED

specify the delegated domain

PROVIDER

specifies the domain provider to create, update, delete or list DNS entries for, from {cloudflare, cloudxns, digitalocean, dnsimple, dnsmadeeasy, dnspark, dnspod, easydns, luadns, namesilo, nsone, pointhq, rage4, route53, vultr, yandex, zonomi}

PROVIDER USAGE

SYNOPSIS

lexicon PROVIDER [-h] [--name NAME] [--content CONTENT] [--ttl TTL]
[--priority PRIORITY] [--identifier IDENTIFIER] [--auth-username
AUTH_USERNAME] [--auth-token AUTH_TOKEN] ACTION DOMAIN TYPE

OPTIONS

PROVIDER

specifies the domain provider to create, update, delete or list DNS entries for, from {cloudflare, cloudxns, digitalocean, dnsimple, dnsmadeeasy, dnspark, dnspod, easydns, luadns, namesilo, nsone, pointhq, rage4, route53, vultr, yandex, zonomi}

ACTION

specify the action to take, from {create, list, update, delete}

DOMAIN

specify the domain to use, supports subdomains as well

TYPE

specify the entry type, from {A, AAAA, CNAME, MX, NS, SPF, SOA, TXT, SRV, LOC}

-h, --help

print provider-specific help message and exit

--name NAME

specify the record name

--content CONTENT

specify the record content

--ttl TTL

specify the record time-to-live

--priority PRIORITY

specify the record priority

--identifier IDENTIFIER

specify the record for update or delete actions

--auth-username AUTH_USERNAME

specify email address used to authenticate

--auth-token AUTH_TOKEN

specify token used authenticate

EXAMPLES

setup provider environmental variables:

LEXICON_CLOUDFLARE_USERNAME="myusername@example.com" LEXICON_CLOUDFLARE_TOKEN="cloudflare-api-token"

list all TXT records on cloudflare

lexicon cloudflare list example.com TXT

create a new TXT record on cloudflare

lexicon cloudflare create www.example.com TXT --name="_acme-challenge.www.example.com." --content="challenge token"

delete a TXT record on cloudflare

lexicon cloudflare delete www.example.com TXT --name="_acme-challenge.www.example.com." --content="challenge token"

lexicon cloudflare delete www.example.com TXT --identifier="cloudflare record id"

AUTHENTICATION

Most supported DNS services provide an API token, however each service implements authentication differently. Lexicon attempts to standardize authentication around the following CLI flags:
--auth-username

For DNS services that require it, this is usually the account id or email address

--auth-password

For DNS services that do not provide an API token, this is usually the account password

--auth-token

This is the most common auth method, the API token provided by the DNS service

You can see all the --auth-* flags for a specific service by reading the DNS service specific help:

lexicon cloudflare -h

Instead of providing Authentication information via the CLI, you can also specify them via Environmental Variables. Every DNS service and auth flag maps to an Environmental Variable as follows:

LEXICON_{DNS Provider Name}_{Auth Type}

So instead of specifying --auth-username and --auth-token flags when calling the cli, you could instead set the LEXICON_CLOUDFLARE_USERNAME and LEXICON_CLOUDFLARE_TOKEN environmental variables.

LETSENCRYPT INSTRUCTIONS

Lexicon has an example [dehydrated hook file](examples/dehydrated.default.sh) that you can use for any supported provider. All you need to do is set the PROVIDER env variable.

PROVIDER=cloudflare dehydrated --cron --hook dehydrated.default.sh --challenge dns-01

Lexicon can also be used with [Certbot](https://certbot.eff.org/) and the included [Certbot hook file](examples/certbot.default.sh) (requires configuration).

SEE ALSO

For more information about lexicon see https://github.com/AnalogJ/lexicon. This manpage was created by Ana Custura for the Debian project.