I made an API for bind9! Want to see it in action – jump to here in the setup vid:
https://youtu.be/ZNEtmWhu1HI?t=375
Recently I have been looking for an api for a bind server. I found an existing project, https://github.com/dmyerscough/BIND-RESTful, which is quite nice but didn’t have some of the functionality I needed. I looked at updating the existing project, but instead decided to write a new API from scratch, inspired by that project.
So what I have written is:
- FastAPI-based framework
- input validation, provided by FastAPI
- Ability to create, replace, get, and delete DNS records
- Ability to get JSON dump of whole DNS zonefile
- auto-created documentation from API framework
The project lives here: https://gitlab.com/jaytuck/bind-rest-api
I’ve also make a docker image for running the project easily: https://hub.docker.com/r/jaytuckey/bind-rest-api
I have made a demo video of myself setting up the project on my machine:
Participation is welcome! If you have questions or encounter issues don’t hesitate to leave a comment or get in contact: https://jaytuckey.name/about/
5 replies on “A bind9 Rest API tool – bind-rest-api”
Thanks for your work. Can you explain how the username and password work? What do I need to configure on BIND’s end?
Hi Ashwin, there are two flows that need authentication:
http -> API (this needs an API key, which you put in the apikeys.pass file)
API -> bind9 (this needs a bind TSIG key)
To generate a TSIG key see the bind9 docs: https://bind9.readthedocs.io/en/v9_16_9/advanced.html#tsig
I hope this provides some pointers, I’ll try to update the docs on Gitlab to reflect this.
Ok, I have updated the Readme.md on Gitlab.
Hello Jay,
Great job, I will try to implement your code.
Just to confirm me, I would like to be able to modify multples zones included on the db bind9 files.
It will be OK ?
Take care
Thomas
Hi Thomas,
Yes it should be able to modify anything that bind9 will accept as a `dynamic zone update` – see the docs here on dynamic update in bind9:
https://bind9.readthedocs.io/en/v9_16_11/advanced.html#dynamic-update
The way the tool works is it creates dynamic update messages from the API calls, then sends them to the bind9 server.
Don’t forget to add the zones you want to allow updates for into the config.env file:
BIND_ALLOWED_ZONES=example.com,example.org
– Jay