secondary_refresh = 6*hour, secondary_retry = 1*hour, secondary_expire = 7*day,
# Here come the actual domains. Each takes records as argument, either individually or as lists.
domains = {
- '@': Name(one, mail, HTTPS('0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef')), # this will all all records from the list "one" and the list "mail" to this name
+ '@': Name(one, mail, HTTPS('0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef')), # this will add all records from the list "one" and the list "mail" to this name
+ '@': Name(CAA(0, CAA.Tag.Issue, "letsencrypt.org")),
'ns': Name(one),
'ipv4.ns': Name(one4), # just a single record
'ipv6.ns': Name(one6),
#
'orgstuff': CName('example.org.'), # CNAMEs cannot be combined with other records
#
- 'sub1': Delegation('ns.example.org.'), # this adds an NS record
- 'sub2': SecureDelegation('ns.example.com.', 12345, Algorithm.RSA_SHA256, Digest.SHA256, '0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF'), # this adds an NS and a DS record
+ 'sub1': Delegation('ns.example.org.', 'ns'), # this adds an NS record
+ 'sub2': SecureDelegation(12345, Algorithm.RSA_SHA256, Digest.SHA256, '0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF', 'ns.example.com.'), # this adds an NS and a DS record
#
'local': {
'one': Name(one4),