Caddy and Dynamic DNS

1. The problem I’m having:

I can use the RFC2136 to get a LetsEncrypt certificate just fine. Is it possible to CRUD DNS records with Caddy - maybe caddy-dynamicdns but I can see no records of RFC2136 in there.

2. Error messages and/or full log output:

Not applicable at this time

3. Caddy version:


4. How I installed and ran Caddy:

FROM caddy:2.6.2-builder AS builder

RUN xcaddy build v2.6.2 --with

FROM caddy:2.6.2

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

a. System environment:

c. Service/unit/compose file:

version: '3.3'

    image: caddy-with-dns:2.6.2
      - "8443:443"
      - $PWD/Caddyfile:/etc/caddy/Caddyfile
      - $PWD/site:/srv
      - caddy_data:/data
      - caddy_config:/config


d. My complete Caddy config:


<myhost>:443 {
        log {
                level DEBUG
                output file /dev/stdout
        reverse_proxy http://<myhost>:8080 {
                header_up +X-SSH-Endpoint "{host}:50022"
                header_down +X-SSH-Endpoint "{host}:50022"
        tls {
          dns rfc2136 {
            key_name "<key>"
            key_alg "hmac-sha512"
            key "<redacted>"
            server "<srv>4:53"
        encode zstd gzip

5. Links to relevant resources:

I don’t understand the question. Can you elaborate?

Sorry, apologies.

Is there a plugin that can create/update/delete DNS records (A/AAAA or CNAMES) for a RFC2136 provider ?

Ah, yeah that’s what GitHub - mholt/caddy-dynamicdns: Caddy app that keeps your DNS records (A/AAAA) pointed at itself. is for! It takes a DNS providers module as input.

OK thanks, there is no mention of rfc2136 in there and reference to TSIG setup is all so wasn’t sure.

Because it takes any DNS provider module as input. That includes your RFC2136 one.

It wouldn’t make sense for it to list every existing DNS provider module in that project’s readme, there could be an infinite amount, and keeping a list up to date in that readme would be a waste of time.

Yes thank you I get that I was just making sure. I will try and figure out the TSIG setup which I guess wouldn’t be a million miles away from the LetsEncrypt one. Appreciate the help.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.