Categories
Linux Systems Administration

A bind9 Rest API tool – bind-rest-api

I made an API for bind9! Want to see it in action – jump to here in the setup vid:
https://youtu.be/ZNEtmWhu1HI?t=375

Recently I have been looking for an api for a bind server. I found an existing project, https://github.com/dmyerscough/BIND-RESTful, which is quite nice but didn’t have some of the functionality I needed. I looked at updating the existing project, but instead decided to write a new API from scratch, inspired by that project.

So what I have written is:

  • FastAPI-based framework
  • input validation, provided by FastAPI
  • Ability to create, replace, get, and delete DNS records
  • Ability to get JSON dump of whole DNS zonefile
  • auto-created documentation from API framework

The project lives here: https://gitlab.com/jaytuck/bind-rest-api

I’ve also make a docker image for running the project easily: https://hub.docker.com/r/jaytuckey/bind-rest-api

I have made a demo video of myself setting up the project on my machine:

Participation is welcome! If you have questions or encounter issues don’t hesitate to leave a comment or get in contact: https://jaytuckey.name/about/

5 replies on “A bind9 Rest API tool – bind-rest-api”

Thanks for your work. Can you explain how the username and password work? What do I need to configure on BIND’s end?

Hello Jay,

Great job, I will try to implement your code.
Just to confirm me, I would like to be able to modify multples zones included on the db bind9 files.
It will be OK ?

Take care

Thomas

Hi Thomas,
Yes it should be able to modify anything that bind9 will accept as a `dynamic zone update` – see the docs here on dynamic update in bind9:
https://bind9.readthedocs.io/en/v9_16_11/advanced.html#dynamic-update

The way the tool works is it creates dynamic update messages from the API calls, then sends them to the bind9 server.

Don’t forget to add the zones you want to allow updates for into the config.env file:
BIND_ALLOWED_ZONES=example.com,example.org
– Jay

Leave a Reply

Your email address will not be published.