We created a basic gandi.cli wrapper to manage your DNS zone files in a git repository and by command line!
Gandi is a famous French domain name registration and at ToucanToco we really enjoy their services. Gandi provides you with two tools to be able to manage your domain names:
- the usual and common web admin console
- the gandi.cli(Gandi CLI Python script) to play directly with Gandi’s API in command line
To facilitate your DNS changes, Gandi implemented a versioning system: for each modification you need to create a new version of your zone that you will be able to edit (by adding, deleting or modifying one or several entries). Once your modifications are done, you need to save and enable that version. Thus you can enable a previous version whenever you need it, and it’s great!
However, we were still in need of some useful features:
- to be able to compare easily 2 versions of a given DNS zone
- to be able to know when and who edited a DNS zone
- to be able to have a workflow review
- to be able to make bulk modifications (like changing all TTLs for a given pattern in a DNS zone)
- to be able to do everything with only one basic one-liner command (without specifying any options)
By creating this humble and basic ToucanToco/gandi-dnsManager project, I hope to make up for those deficiencies. Obviously, this project is not a game changer but it could be interesting (at least for us :P).
The idea behind this project:
- the project is a basic gandi.cli wrapper which will manage the autosetup, options and path to store your future DNS zone files… without having to think about them, thus giving you the opportunity to only focus on DNS zones :)
- a git repository to let you compare and follow contributions and modifications of your DNS zones
There are only two prerequisites:
Before using it, you need to run a tiny setup step by launching the following command:
$ ./dnsManager.sh setupAccount tuesday 1 november 2016, 11:33:09 (UTC+0100) :: Setup your env - virtualenv missing, let's create it Running virtualenv with interpreter /usr/bin/python2 New python executable in /tmp/dnsManager/.pyenvGandi/bin/python2 Also creating executable in /tmp/dnsManager/.pyenvGandi/bin/python Installing setuptools, pkg_resources, pip, wheel...done. - gandi cli missing, let's install it Collecting gandi.cli Collecting pyyaml (from gandi.cli) Collecting click>=3.1 (from gandi.cli) Collecting requests (from gandi.cli) Using cached requests-2.11.1-py2.py3-none-any.whl Requirement already satisfied (use --upgrade to upgrade): setuptools in ./.pyenvGandi/lib/python2.7/site-packages (from gandi.cli) Collecting IPy (from gandi.cli) Installing collected packages: pyyaml, click, requests, IPy, gandi.cli Successfully installed IPy-0.83 click-6.6 gandi.cli-0.19 pyyaml-3.12 requests-2.11.1 - init gandi credentials - cf https://www.gandi.net/admin/api_key Welcome to GandiCLI, let's configure a few things before we start. Api key: YOUR_GANDI_API_KEY Environnment [production]/ote: SSH keyfile [~/.ssh/id_rsa.pub]: Setup completed. You can now: * use 'gandi' to see all commands. * use 'gandi vm create' to create and access a Virtual Machine. * use 'gandi paas create' to create and access a SimpleHosting instance. tuesday 1 november 2016, 11:33:22 (UTC+0100) :: Setup done
This is it, now you’re ready to play!
Please note you don’t have to set your SSH keyfile in this DNS context. That’s not necessary.
If everything is ok, you should be able to list all the domains linked to your Gandi’s account:
$ ./dnsManager.sh setupAccount tuesday 1 november 2016, 17:10:43 (UTC+0200) :: List all registered domains: toucantoco.guru tuesday 1 november 2016, 17:10:44 (UTC+0200) :: List done
Now, imagine a use case where we need to modify the toucantoco.guru DNS zone. The process could be as the following:
Dump the latest version of the zone file
$ ./dnsManager.sh getLastDomainZone toucantoco.guru tuesday 1 november 2016, 17:16:43 (UTC+0200) :: Dump zone for toucantoco.guru tuesday 1 november 2016, 17:16:44 (UTC+0200) :: Dump done, check new file: ./dns_zones/toucantoco.guru.txt
Edit the zone
$ vim ./dns_zones/toucantoto.guru.txt
Push the updates on Gandi
$ ./dnsManager.sh updateDomainZone toucantoco.guru tuesday 1 november 2016, 17:19:20 (UTC+0200) :: Update DNS zone toucantoco.guru Creating new zone file Updating zone records Activation of new zone version tuesday 1 november 2016, 17:19:21 (UTC+0200) :: Update done, check new file: ./dns_zones/toucantoco.guru.txt tuesday 1 november 2016, 17:19:21 (UTC+0200) :: Please don't forget to commit your changes suggestion: git add ./dns_zones/toucantoco.guru.txt git commit 'toucantoco.guru :: update/delete/add entries'
And finally commit and push your commit in your own repository
$ git add dns_zones/toucantoco.guru.txt $ git commit -m 'toucantoco.guru :: add XXX subdomain' $ git push
Thus, we quickly update a DNS zone by using simple commands. Everything is committed so you can easily compare versions and follow logs and contributors.
With this approach you could imagine more ambitious workflows:
- you create pull requests
- after reviewing and validations, the pull request is merged
- once merged, the CI tool launches the update of the modified DNS zone. Or just use a
post-receiveto launch update of the zone.
Thus everything could be automated!
Easy, isn’t it? Now it’s your turn to play with it thanks to ToucanToco/gandi-dnsManager. If you have any suggestions or improvements, don’t hesitate to open an issue or push a pull request! We will be glad to discuss and improve this tiny project :)
Some useful notes:
- if you have any doubts about your DNS modification, read the Zone file Wikipedia page
- all zone files are stored in
- before editing and updating a zone, be sure to have the latest version of the zone (eg:
./dnsManager.sh getLastDomainZone mydomain.com). To avoid crushing uncommitted modifications
- Gandi’s API doesn’t allow to download complete zones with more than 500 entries