Skip to content
Top-level domain name registry service on Google App Engine
Java JavaScript HTML CSS TSQL Python Other
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.


Type Name Latest commit message Commit time
Failed to load latest commit information.
buildSrc Add Test suite support for JUnit 5 classes (#549) Apr 8, 2020
common Add a task to compile javadoc across all packages (#597) May 27, 2020
config Fix flaky tests due to Entity name conflicts (#569) Apr 28, 2020
core Add createVKey() at the EppResource level (#600) May 29, 2020
db Generate sql schema for BillingEvent (#565) May 27, 2020
docs (docs): fixed small errors (#572) May 11, 2020
gradle Upgrade to Gradle 6.4.1 (#590) May 18, 2020
integration Add Test suite support for JUnit 5 classes (#549) Apr 8, 2020
java-format Print filenames that need to be reformatted (#386) Nov 26, 2019
networking Log information about SSL connection from the client (#586) May 14, 2020
prober Add a task to compile javadoc across all packages (#597) May 27, 2020
processor Add annotation processor to generate converter for VKey (#566) Apr 29, 2020
proxy Add a task to compile javadoc across all packages (#597) May 27, 2020
python/google/registry/scripts Remove Bazel build (#94) Jun 13, 2019
release Use JSON API for Maven Repo on GCS (#483) Feb 12, 2020
services Supress exccesive logging message from Cloud SQL (#540) Mar 31, 2020
third_party/objectify/v4_1 Upgradle JUnit to 4.13 (#442) Jan 14, 2020
util Add a task to compile javadoc across all packages (#597) May 27, 2020
.gcloudignore Build docker image of nomulus tool (#142) Jul 17, 2019
.gitignore Make Gradle dependency cache shareable in GCB (#479) Feb 10, 2020
.lgtm.yml Add customized .lgtm.yml (#191) Jul 23, 2019
AUTHORS Change all references to Domain Registry to Nomulus Oct 14, 2016 Add Google Java Style Guide info and link to Nov 15, 2016
CONTRIBUTORS Add shicong@ and gbrodman@ to CONTRIBUTORS Jun 13, 2019
LICENSE Fix a typo (#174) Jul 15, 2019 Use for code search (#512) Mar 12, 2020
appengine_war.gradle Remove separate deployment of persistence.xml (#563) Apr 23, 2020
build.gradle Add a task to compile javadoc across all packages (#597) May 27, 2020
dependencies.gradle Add annotation processor to generate converter for VKey (#566) Apr 29, 2020
dependency_lic.gradle Upgrade Gradle license report plugin to latest version (1.13) (#492) Feb 25, 2020 Create a nom_build wrapper script (#508) Mar 10, 2020
gradlew Upgrade to Gradle 6.4.1 (#590) May 18, 2020
gradlew.bat Upgrade to Gradle 6.4.1 (#590) May 18, 2020
java_common.gradle Actually run JUnit 5 tests (#545) Apr 6, 2020
nom_build Create a nom_build wrapper script (#508) Mar 10, 2020
nomulus-logo.png Update Nomulus logo May 23, 2017
package-lock.json Run "npm audit fix" to fix a vulnerability (#592) May 20, 2020
package.json Run automated NPM update (#554) Apr 11, 2020
projects.gradle Make dev project configurable (#371) Nov 22, 2019
settings.gradle Add annotation processor to generate converter for VKey (#566) Apr 29, 2020
utils.gradle Use Flyway to deploy SQL schema to non-prod (#255) Sep 6, 2019
vnames.json Create kzip file for Kythe cross-referencing (#424) Jan 3, 2020


Internal Build FOSS Build LGTM License Code Search
Build Status for Google Registry internal build Build Status for the open source build Total alerts License for this repo Link to Code Search

Nomulus logo


Nomulus is an open source, scalable, cloud-based service for operating top-level domains (TLDs). It is the authoritative source for the TLDs that it runs, meaning that it is responsible for tracking domain name ownership and handling registrations, renewals, availability checks, and WHOIS requests. End-user registrants (i.e. people or companies that want to register a domain name) use an intermediate domain name registrar acting on their behalf to interact with the registry.

Nomulus runs on Google App Engine and is written primarily in Java. It is the software that Google Registry uses to operate TLDs such as .google, .app, .how, .soy, and .みんな. It can run any number of TLDs in a single shared registry system using horizontal scaling. Its source code is publicly available in this repository under the Apache 2.0 free and open source license.

Getting started

The following resources provide information on getting the code and setting up a running system:

If you are thinking about running a production registry service using our platform, please drop by the user group and introduce yourself and your use case. To report issues or make contributions, use GitHub issues and pull requests.


Nomulus has the following capabilities:

  • Extensible Provisioning Protocol (EPP): An XML protocol that is the standard format for communication between registrars and registries. It includes operations for registering, renewing, checking, updating, and transferring domain names.
  • DNS interface: The registry provides a pluggable interface that can be implemented to handle different DNS providers. It includes a sample implementation using Google Cloud DNS as well as an RFC 2136 compliant implementation that works with BIND.
  • WHOIS: A text-based protocol that returns ownership and contact information on registered domain names.
  • Registration Data Access Protocol (RDAP): A JSON API that returns structured, machine-readable information about domain name ownership. It is essentially a newer version of WHOIS.
  • Registry Data Escrow (RDE): A daily export of all ownership information for a TLD to a third party escrow provider to allow take-over by another registry operator in the event of serious failure. This is required by ICANN for all new gTLDs.
  • Premium pricing: Communicates prices for premium domain names (i.e. those that are highly desirable) and supports configurable premium registration and renewal prices. An extensible interface allows fully programmatic pricing.
  • Billing history: A full history of all billable events is recorded, suitable for ingestion into an invoicing system.
  • Registration periods: Qualified Launch Partner, Sunrise, Landrush, Claims, and General Availability periods of the standard gTLD lifecycle are all supported.
  • Brand protection for trademark holders (via TMCH): Allows rights-holders to protect their brands by blocking registration of domains using their trademark. This is required by ICANN for all new gTLDs.
  • Registrar support console: A self-service web console that registrars can use to manage their accounts in the registry system.
  • Reporting: Support for required external reporting (such as ICANN monthly registry reports, CZDS, Billing and Registration Activity) as well as internal reporting using BigQuery.
  • Administrative tool: Performs the full range of administrative tasks needed to manage a running registry system, including creating and configuring new TLDs.
  • DNS interface: An interface for DNS operations is provided so you can write an implementation for your chosen provider, along with a sample implementation that uses Google Cloud DNS. If you are using Google Cloud DNS you may need to understand its capabilities and provide your own multi-AS solution.
  • GAE Proxy: App Engine Standard only serves HTTP/S traffic. A proxy to forward traffic on EPP and WHOIS ports to App Engine via HTTPS is provided. Instructions on setting up the proxy on Google Kubernetes Engine is available. Running the proxy on GKE supports IPv4 and IPv6 access, per ICANN's requirements for gTLDs. The proxy can also run as a single jar file, or on other Kubernetes providers, with modifications.

Additional components

Registry operators interested in deploying Nomulus will likely require some additional components that are need to be configured separately.

  • A way to invoice registrars for domain name registrations and accept payments. Nomulus records the information required to generate invoices in billing events.
  • Fully automated reporting to meet ICANN's requirements for gTLDs. Nomulus includes substantial reporting functionality but some additional work will be required by the operator in this area.
  • A secure method for storing cryptographic keys. A keyring interface is provided for plugging in your own implementation (see configuration doc for details).
  • System status and uptime monitoring.

Outside references

  • Donuts Registry has helped review the code and provided valuable feedback
  • CoCCa and FRED are other open-source registry platforms in use by many TLDs
  • We are not aware of any fully open source domain registrar projects, but open source EPP Toolkits (not yet tested with Nomulus; may require integration work) include:
  • Some Open Source DNS Projects that may be useful, but which we have not tested:
You can’t perform that action at this time.