mafoo.org.uk/mythic-beasts-dns-sync
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Compare commits

base: mafoo.org.uk:4427f42e637b1f2bf91697454d581be119ec7b2c
Branches Tags
mafoo.org.uk:main mafoo.org.uk:autobuild mafoo.org.uk:feature/handle-sshfp
mafoo.org.uk:v1.2 mafoo.org.uk:v1.1 mafoo.org.uk:v1.1-rc1 mafoo.org.uk:v1.0-rc2 mafoo.org.uk:v1.0-rc1
..
compare: mafoo.org.uk:95f0148af94e4c654560e7ddbe049584a8e270fc
Branches Tags
mafoo.org.uk:autobuild mafoo.org.uk:main mafoo.org.uk:feature/handle-sshfp
mafoo.org.uk:v1.2 mafoo.org.uk:v1.1 mafoo.org.uk:v1.1-rc1 mafoo.org.uk:v1.0-rc2 mafoo.org.uk:v1.0-rc1

2 Commits
4427f42e63 ... 95f0148af9

Author SHA1 Message Date
Matthew Slowe
95f0148af9 Implement dry-run 2021-06-16 17:01:01 +01:00
Matthew Slowe
405903f0f5 Basic readme 2021-06-16 17:00:53 +01:00
2 changed files with 101 additions and 14 deletions
Expand all files Collapse all files

79
README.md Normal file
View File

@@ -0,0 +1,79 @@
# Mythic Beasts DNS manager
A simple management agent for controlling your DNS entries on the Mythic Beasts platform using a (version-controllable) YAML file.
This client uses the DNSv2 API (https://www.mythic-beasts.com/support/api/dnsv2) for which you'll need to create a key (https://www.mythic-beasts.com/customer/api-users).
## Configuration
1. Create an API key via https://www.mythic-beasts.com/customer/api-users
2. Create a YAML file
```yaml
defaults:
ttl:
example.com: 3600
api: https://api.mythic-beasts.com/dns/v2/zones
api_host: api.mythic-beasts.com:443
realm: Mythic Beasts DNS API
auth:
key: mykey
secret: mysecret
zones:
example.com:
```
3. Under `zones -> example.com`, prepare your DNS entries using the schema:
```yaml
zones:
example.com:
name1:
TYPE: value
name2:
TYPE:
- value1
- value2
name3.subdomain:
TYPE: value
```
Currently only a single zone is supported.
## Supported types
The client currently supports all of the Record Types implemented by the Mythic Beasts API except `SSHFP` and `TLSA`.
## Value syntax
The value for simple record types is the plain value as expected (eg. `A: 10.54.22.9` or `AAAA: 2a01:332::2`).
The value for complex types, such as `MX` is as per the standard zone file (eg. `MX: 10 mta.example.com`) At some point this will become parametrised.
## The Root object (`@`)
To refer to the base/root domain, use the `"@"` key:
```yaml
zones:
example.com:
"@":
A: 10.54.22.9
AAAA: 2a01:332::2
MX:
- 10 mta1.example.com
- 10 mta2.example.com
```
# Running
Invoke the docker container with the input yaml file:
```bash
docker run --rm -ti -v "${PWD}:/a" -w /a fooflington/mythic-beasts-dns mafoo.org.uk.yml
```
## Dry run
Pass the environment variable `DRY_RUN` to prevent any changes:
```bash
docker run --rm -ti -v "${PWD}:/a" -w /a -e DRY_RUN=1 fooflington/mythic-beasts-dns mafoo.org.uk.yml
```

36
manage-dns.pl
View File

@@ -13,6 +13,7 @@ use WWW::Form::UrlEncoded::PP qw/build_urlencoded/;
my $in = YAML::Tiny->read(shift); my $in = YAML::Tiny->read(shift);
my $ua = LWP::UserAgent->new; my $ua = LWP::UserAgent->new;
my %seen; my %seen;
my $DRY_RUN = $ENV{DRY_RUN};
sub _debug { sub _debug {
print STDERR ("=== DEBUG ===\n", Dumper(@_), "=== END ===\n") if $ENV{DEBUG} or $in->[0]->{debug}; print STDERR ("=== DEBUG ===\n", Dumper(@_), "=== END ===\n") if $ENV{DEBUG} or $in->[0]->{debug};
@@ -51,6 +52,8 @@ sub is_unsupported($) {
return $supported_types{$type}; return $supported_types{$type};
} }
_notice("Dry run - no changes will be applied") if ${DRY_RUN};
if($ENV{DEBUG} or $in->[0]->{debug}) { if($ENV{DEBUG} or $in->[0]->{debug}) {
use LWP::Debug qw(+); use LWP::Debug qw(+);
$ua->add_handler( $ua->add_handler(
@@ -178,31 +181,36 @@ sub check_and_update_record($$$$$) {
# Update the record # Update the record
$record->{ttl} = $in->[0]->{defaults}->{ttl}->{$zone}; $record->{ttl} = $in->[0]->{defaults}->{ttl}->{$zone};
_debug("Update ", $url, $record, to_json($record)); _debug("Update ", $url, $record, to_json($record));
my $res = $ua->put( unless ($DRY_RUN) {
$url, my $res = $ua->put(
"Content-Type" => "application/json", $url,
"Content" => to_json({ records => [ $record ] }), "Content-Type" => "application/json",
); "Content" => to_json({ records => [ $record ] }),
warn "Failed to update $url: " . $res->status_line unless $res->is_success; );
warn "Failed to update $url: " . $res->status_line unless $res->is_success;
}
} }
} else { } else {
# Create new record # Create new record
my $new = format_record($zone, $type, $host, $value); my $new = format_record($zone, $type, $host, $value);
_notice("Created new record: %s %s %s", $host, $type, $value); _notice("Created new record: %s %s %s", $host, $type, $value);
_debug($new); _debug($new);
my $res = $ua->post( unless ($DRY_RUN) {
$url, my $res = $ua->post(
"Content-Type" => "application/json", $url,
Content => to_json({ "Content-Type" => "application/json",
records => [ $new ] Content => to_json({
}) records => [ $new ]
); })
warn "Failed to create $url: " . $res->status_line . "\n" . $res->content unless $res->is_success; );
warn "Failed to create $url: " . $res->status_line . "\n" . $res->content unless $res->is_success;
}
} }
} }
sub delete_record($$) { sub delete_record($$) {
my ($zone, $record) = @_; my ($zone, $record) = @_;
return if $DRY_RUN;
my $url = $in->[0]->{defaults}->{api} . "/$zone/records/$record->{host}/$record->{type}?host=$record->{host}&data=$record->{data}"; my $url = $in->[0]->{defaults}->{api} . "/$zone/records/$record->{host}/$record->{type}?host=$record->{host}&data=$record->{data}";
my $res = $ua->delete($url); my $res = $ua->delete($url);