Scroll to navigation

lexicon(1) User Commands lexicon(1)

NAME

lexicon - programmatically manipulate DNS records

DESCRIPTION

This manual documents the tldextract command.

SYNOPSIS

usage: lexicon [-h] [--version] [--delegated DELEGATED] PROVIDER

OPTIONS

-h, --help
show this help message and exit
--version
show the current version of lexicon
--delegated DELEGATED
specify the delegated domain
PROVIDER
specifies the domain provider to create, update, delete or list DNS entries for, from {cloudflare, cloudxns, digitalocean, dnsimple, dnsmadeeasy, dnspark, dnspod, easydns, luadns, namesilo, nsone, pointhq, rage4, route53, vultr, yandex, zonomi}

PROVIDER USAGE

SYNOPSIS

lexicon PROVIDER [-h] [--name NAME] [--content CONTENT] [--ttl TTL] [--priority PRIORITY] [--identifier IDENTIFIER] [--auth-username AUTH_USERNAME] [--auth-token AUTH_TOKEN] ACTION DOMAIN TYPE

OPTIONS

PROVIDER
specifies the domain provider to create, update, delete or list DNS entries for, from {cloudflare, cloudxns, digitalocean, dnsimple, dnsmadeeasy, dnspark, dnspod, easydns, luadns, namesilo, nsone, pointhq, rage4, route53, vultr, yandex, zonomi}
ACTION
specify the action to take, from {create, list, update, delete}
DOMAIN
specify the domain to use, supports subdomains as well
TYPE
specify the entry type, from {A, AAAA, CNAME, MX, NS, SPF, SOA, TXT, SRV, LOC}
-h, --help
print provider-specific help message and exit
--name NAME
specify the record name
--content CONTENT
specify the record content
--ttl TTL
specify the record time-to-live
--priority PRIORITY
specify the record priority
--identifier IDENTIFIER
specify the record for update or delete actions
--auth-username AUTH_USERNAME
specify email address used to authenticate
--auth-token AUTH_TOKEN
specify token used authenticate

EXAMPLES

setup provider environmental variables:
LEXICON_CLOUDFLARE_USERNAME="myusername@example.com" LEXICON_CLOUDFLARE_TOKEN="cloudflare-api-token"
list all TXT records on cloudflare
lexicon cloudflare list example.com TXT
create a new TXT record on cloudflare
lexicon cloudflare create www.example.com TXT --name="_acme-challenge.www.example.com." --content="challenge token"
delete a TXT record on cloudflare
lexicon cloudflare delete www.example.com TXT --name="_acme-challenge.www.example.com." --content="challenge token"
lexicon cloudflare delete www.example.com TXT --identifier="cloudflare record id"

AUTHENTICATION

Most supported DNS services provide an API token, however each service implements authentication differently. Lexicon attempts to standardize authentication around the following CLI flags:
--auth-username
For DNS services that require it, this is usually the account id or email address
--auth-password
For DNS services that do not provide an API token, this is usually the account password
--auth-token
This is the most common auth method, the API token provided by the DNS service

You can see all the --auth-* flags for a specific service by reading the DNS service specific help:

lexicon cloudflare -h

Instead of providing Authentication information via the CLI, you can also specify them via Environmental Variables. Every DNS service and auth flag maps to an Environmental Variable as follows:

LEXICON_{DNS Provider Name}_{Auth Type}

So instead of specifying --auth-username and --auth-token flags when calling the cli, you could instead set the LEXICON_CLOUDFLARE_USERNAME and LEXICON_CLOUDFLARE_TOKEN environmental variables.

LETSENCRYPT INSTRUCTIONS

Lexicon has an example [dehydrated hook file](examples/dehydrated.default.sh) that you can use for any supported provider. All you need to do is set the PROVIDER env variable.
PROVIDER=cloudflare dehydrated --cron --hook dehydrated.default.sh --challenge dns-01

Lexicon can also be used with [Certbot](https://certbot.eff.org/) and the included [Certbot hook file](examples/certbot.default.sh) (requires configuration).

SEE ALSO

For more information about lexicon see https://github.com/AnalogJ/lexicon. This manpage was created by Ana Custura for the Debian project.
February 2018 lexicon