Fortigate
This DNS provider lets you manage DNS zones hosted on a Fortinet FortiGate device via its REST API.
Configuration
The provider is configured using the following environment variables:
FORTIGATE_HOST
: The FortiGate host or IP address (e.g.https://192.168.1.1
)FORTIGATE_TOKEN
: API token with appropriate DNS permissionsFORTIGATE_VDOM
: (optional) Specify the virtual domain (default:root
)FORTIGATE_INSECURE_TLS
: (optional) Set totrue
to disable SSL certificate verification (useful for self-signed certs)
Example creds.json
entry:
{
"FORTIGATE": {
"host": "https://192.168.1.1",
"token": "your-api-token",
"vdom": "root",
"insecure_tls": true
}
}
Usage
To use this provider in a dnsconfig.js
:
D("example.com", REG_NONE, DnsProvider("FORTIGATE"),
A("www", "192.0.2.1"),
CNAME("blog", "external.example.net.")
)
⚠️ TXT records are not supported. See caveats below.
Caveats
❌ PTR records are not supported.
FortiGate does not follow the standard DNS convention of managing
in-addr.arpa
orip6.arpa
zones for reverse DNS. Instead, PTR entries are stored in regular forward zones, and this behavior is incompatible with howdnscontrol
models reverse zones. Because of this mismatch, PTR support is intentionally omitted to avoid unexpected behavior or broken state synchronization.❌ NS and MX records are not supported.
FortiGate does not support fully functional
NS
orMX
record types in its DNS configuration system.❌ TXT records are not supported.
The FortiGate DNS interface does not currently expose support for TXT records via the API.
❌ Wildcard records (
*
) are not supported.FortiGate DNS does not support wildcard records.
✅ Supported record types:
A
,AAAA
,CNAME
.
Development notes
This provider uses the FortiGate REST API (/api/v2/cmdb/system/dns-database
) to manage zones and DNS entries. It assumes you are managing the "shadow" view and expects zones to be configured in primary mode.
Last updated