Hi Thomas, I see how this could be useful for other deployments that are allowing any TLD in Designate. I think this is something we could add to a "designate/contrib" directory and install with the package, using the "extras" capability to only install the script and unique requirements if this feature is needed. The crontab can be bundled using data_files. I do have a few comments about the code that I would make on the patch for designate: 1. We are moving away from using the legacy Designate client for python bindings, instead preferring to standardize on using the OpenStack SDK. I would prefer the code to use OpenStack SDK. 2. We would want some basic test coverage so we can maintain it. 3. I would like to see a slightly expanded README file that talks a bit more about the configuration file expectations and use case. 4. nit: We can probably condense the HTTP proxy setting down into one configuration setting, if defined it's used, if not don't use a proxy. Michael On Thu, Dec 15, 2022 at 2:29 AM Thomas Goirand <zigo@debian.org> wrote:

Hi,

We wrote this: https://salsa.debian.org/openstack-team/services/designate-tlds

The interesting code bits are in: https://salsa.debian.org/openstack-team/services/designate-tlds/-/blob/debia...

What it does is download the TLD list from https://publicsuffix.org/list/public_suffix_list.dat using requests (with an optional proxy), compare it to the list of TLDs in Designate, and fix the difference.

It's by default setup in a cron every week. Basically, it's just apt-get install designate-tlds, configure keystone_authtoken in /etc/designate-tlds/designate-tlds.conf and set dry_run=false, and you're done! Note I also wrote a patch for puppet-designate [1] to support it.

Moving forward I see 2 solutions: 1- we continue to maintain this separately from Designate 2- our code gets integrated into Designate itself.

Designate team: are you interested for option 2?

Cheers,

Thomas Goirand (zigo)

[1] https://salsa.debian.org/openstack-team/puppet/puppet-module-designate/-/blo...