To reduce toil and keep consistency between services such as acme-chief and ncredir (we have amassed a lot of drift over the years), let's automate the whole process.
- Automate propagation of MarkMonitor-registered domains down to ncredir and acme-chief
- Note that MarkMonitor is read-only
- Note that WMF has their MarkMonitor API usage limited to our production IP range
- Adapt the work of ncmonitor and extend it to
- Automate adding the domains to acme-chief for HTTPS certificates
- Automate adding domain redirection with ncredir
- Implement this automation into the production environment safely (MarkMonitor API is limited to our production IP range)