New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configure automatically the DNS records using lexicon #1194
Conversation
… (and backward-compability)
…/yunohost into enh-dns-autoconf
…/yunohost into enh-dns-autoconf
…/yunohost into enh-dns-autoconf
…/yunohost into enh-dns-autoconf
…/yunohost into enh-dns-autoconf
💥 Our code is ready to be tested. We'll be happy to discuss bugs, design questions and refactoring proposals. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your work, i made a lot of suggestion, i hope you wouldn't be afraid.
Don't forget you have 3 different situations:
Situation A : domain + sub domains
toto.com
foo.toto.com
bar.toto.com
Situation B : sub domain
ynh.toto.com
(i.e. the admin owns toto.com
but uses that domain for other things than their yunohost server, and in the context of yunohost only use a sudomain ynh.toto.com
- and possibly sub-sub domains like foo.ynh.toto.com
, bar.ynh.toto.com
)
Situation C : several sub domains
foo.toto.com
bar.toto.com
(similar to B but with several of them, but the actual root zone is toto.com)
Situation D : dyndns domain
foo.nohost.me
(This doesn't fall under the usecase of "managing the registrar / zone with lexicon" considering that this is already managed by Yunohost but it should be kept in mind as it may influence the design around the whole dns-zone generation and how-to-detect-the-parent-domain)
And of course you can have a mix with several topdomain:
toto.com
foo.toto.com
bar.toto.com
foo.titi.com
bar.titi.com
foo.tutu.com
data/other/providers_list.yml
Outdated
@@ -0,0 +1,218 @@ | |||
aliyun: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- This list should use YunoHost Args format to be able to build nice form inside webadmin. We need info like (type, help, default, example...)
- Be sure to list keys according to lexicon version (we might add lexicon on our debian package chain to get an earlier version). However, we could have difficult migrations issues with this. I don't know what to do (i set this point for the next meetings https://pad.lqdn.fr/p/yunohost-01-06-2021 )
- About i18n, be sure to find a way to avoid to have 100 auth_id to translate in the same way
src/yunohost/domain.py
Outdated
final_lexicon = ConfigResolver().with_dict(dict_object=base_config).with_dict(dict_object=record_config) | ||
# print('final_lexicon:', final_lexicon); | ||
client = Client(final_lexicon) | ||
distant_records[key] = client.execute() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might want to use dig() function from yunohost.utils.network
here
We should think about what we want to do with DNS cache policy.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remember that we could have several A or several MX for the same key
(qname)
src/yunohost/domain.py
Outdated
|
||
# Finally, push the new record or update the existing one | ||
record_config = { | ||
"action": "update" if it_exists else "create", # create, list, update, delete |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the case of several answers for a couple (qname, type):
If answers differs for a (qname, type) couple between remote and local, we probably need to delete first and create next all couple needed.
Co-authored-by: ljf (zamentur) <zamentur@users.noreply.github.com>
If it's not a production server, you can do this:
|
… make possible migrations easier idk
Ok, that's my first review, if there are missing things please tell me, so first during install my server tells me a traceback :
Then after installation here are the different outputs of the associated commands
But I think the real path is yunohost/data/other/providers_list.yml so now the copy has result okay
No output, I guess the copy is good !
Outputs all supported registrar, no issue.
Module not found, trying to install publicsuffixlist..
Installed successfully
No outputs, I think it's okay
Outputs look ok
Mmmmh I think it's not okay
Right now configuration is okay yunohost domain push_config is now yunohost domain registrar push portail.awmreunion.re
Sorry, for truncating personal informations, please ask me if you need them... I can't push dns config and with this config only portail.portail.awmreunion.re was added in cloudflare instead of portail.awmreunion.re and all others dns records. In the last ouput there are also outputs of lexicon, to help you more. But i think the issue is in local dns record set by yunohost instance Sorry for this very huge review but I really want the enhancement added to the next version. Thanks for reading ! EDIT (ljf) : i remove your email from the json output |
It seems the cloudflare API need a service key. It's probably an issue with the version of lexicon. |
It’s not relate to a servIce key because cloud flare SRV Records need an service entry like XMPP as service, also there’s error in dns scheme because lexicon push portail.portail.awmreunion.re but the real domain should be just portail.awmreunion.re https://www.cloudflare.com/fr-fr/learning/dns/dns-records/dns-srv-record/ |
I tested on another yunohost instance with another domain and another provider (digitalocean) but same issue happen with SRV record.. |
… stuff to create/update/delete
The problem
DNS configuration is tedious to apply by hand
(oriignal issue)
Solution
Lexicon is a library that permits to programmaticaly set DNS records with an API key provided by the registrar.
PR Status
Work in Progress!
For now, we didn't begin to use lexicon:
Our PR permits to change some settings of the DNS generated records.
How to test
First install lexicon on yunohost :
apt install lexicon
.Copy
yunohost/data/other/providers_list.yml
to/usr/share/yunohost/other/providers_list.yml
Some commands to try:
yunohost domain registrar set <domain> <registrar-name>
and answer the interactive questionsyunohost domain dns-conf <domain>
yunohost app setting
)yunohost domain setting ...
/etc/yunohost/domains.yml
where all the settings are stored.yunohost domain dns-conf <domain>
yunohost domain push_config
. Firstly, check the generated config to confirm you it's what you want, and backup your DNS entries, as this function has not been deeply tested.Look for differences in the
actionsmap.yml
anddomains.py
to see all the new available commands! :)