To use this module requires both https://github.com/FLYBYME/config and https://github.com/FLYBYME/config-mixin It also has basic account services required by https://github.com/icebob/kantab/blob/master/backend/services/accounts.service.js
I am taking pull request tips and advice.
Major item I would like to include is dnssec.
NS reocrds are populated from "ddns.domains.nameservers" when creating a new domain. When creating a new domain a SOA record is created with the "ddns.domains.hostmaster"
Your config should look like
defaultConfig: {
"ddns.domains.domain": "example.com",
"ddns.domains.hostmaster": "hostmaster.example.com",
"ddns.domains.nameservers": [
"orion.example.com",
"hades.example.com",
"zeus.example.com"
],
}Maybe sometimes records become out of sync. This might happen when an agent missed the broadcast for remove and create record event.
call v1.domains.sync
The agent should run on every server you want to be a resolver services/ddns.agent.js You can have as many nameservers as you want.
By defualt agent only binds to 127.0.0.1 and ::1 It can resolve to both IPv6 and IPv4
If proxy=true the agent will call v1.dohs.query and will become a recursive resolver. This is so the agent can become a local network resolver. On a public IP this maybe dangerous idea but its your choice.
dcall agent-name v1.ddns.bind --address=10.0.0.1 --proxy=true
dcall agent-name v1.ddns.bind --address=123.123.123.124 --proxy=false
dcall agent-name v1.ddns.bind --address=2001:0db8:85a3:0000:0000:8a2e:0370:7334 --proxy=false
To create a new domain
call v1.domains.create --#userID=QXpWw47NrdUn95gnGwgl --domain=example.com --name=example
{
id: "qxpJdmrOBpH15jaQP00P",
default: false,
domain: "example.com",
name: "example",
tld: "com",
sld: "example",
owner: "QXpWw47NrdUn95gnGwgl",
members: [ "QXpWw47NrdUn95gnGwgl" ],
public: false,
archived: false,
createdAt: 1649100422929
}call v1.domains.find --#userID=QXpWw47NrdUn95gnGwgl
[
{
id: "qxpJdmrOBpH15jaQP00P",
default: false,
domain: "example.com",
name: "example",
tld: "com",
sld: "example",
owner: "QXpWw47NrdUn95gnGwgl",
members: [ "QXpWw47NrdUn95gnGwgl" ],
public: false,
archived: false,
createdAt: 1649100422929
}
]call v1.domains.resolve --#userID=QXpWw47NrdUn95gnGwgl --id=qxpJdmrOBpH15jaQP00P
{
id: "qxpJdmrOBpH15jaQP00P",
default: false,
domain: "example.com",
name: "example",
tld: "com",
sld: "example",
owner: "QXpWw47NrdUn95gnGwgl",
members: [ "QXpWw47NrdUn95gnGwgl" ],
public: false,
archived: false,
createdAt: 1649100422929
}To remove a domain and all its records
call v1.domains.remove --#userID=QXpWw47NrdUn95gnGwgl --id=qxpJdmrOBpH15jaQP00P
"BNkjPMLDy3HqGErJ4aaj"To create a new record
call v1.domains.records.create --#userID=QXpWw47NrdUn95gnGwgl --domain=qxpJdmrOBpH15jaQP00P --fqdn=example.com --type=A --data=1.1.1.1
{
id: 'BNkjPMLDy3HqGErJ4aaj',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'A',
data: '1.1.1.1',
network: null,
ttl: 99,
priority: 5,
flag: 0,
nullified: false,
poison: false,
createdAt: 1651765954239
}To create a new record that resolves to a subnet of 10.0.0.0/8
call v1.domains.records.create --#userID=QXpWw47NrdUn95gnGwgl --domain=qxpJdmrOBpH15jaQP00P --fqdn=example.com --type=A --data=10.0.0.1 --network=10.0.0.0/8
{
id: 'YDkezoz8aPHnOrzDELLW',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'A',
data: '10.0.0.1',
network: '10.0.0.0/8',
ttl: 99,
priority: 5,
flag: 0,
nullified: false,
poison: false,
createdAt: 1651765982890
}call v1.domains.records.find --#userID=QXpWw47NrdUn95gnGwgl --domain=qxpJdmrOBpH15jaQP00P
[
{
id: 'RzkYW0kdBwH0e99aQyZn',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'SOA',
data: 'example.com',
network: null,
ttl: 3600,
priority: 5,
flag: 0,
admin: 'hostmaster.example.com',
serial: 2003080800,
refresh: 86400,
retry: 900,
expiration: 1209600,
minimum: 86400,
nullified: false,
poison: false,
createdAt: 1649100423810
},
{
id: 'rxgGMXgj2ntvxzz297l3',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'CAA',
data: 'letsencrypt.org',
network: null,
ttl: 99,
priority: 5,
flag: 0,
tag: 'issuewild',
nullified: false,
poison: false,
createdAt: 1649100423938
},
{
id: 'MRke6Y9LoLtoeNNYjDXe',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'NS',
data: 'orion.example.com',
network: null,
ttl: 99,
priority: 5,
flag: 0,
nullified: false,
poison: false,
createdAt: 1649100424039
},
{
id: '0qyRNQpLQ8TR6OyGqo4X',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'NS',
data: 'hades.example.com',
network: null,
ttl: 99,
priority: 5,
flag: 0,
nullified: false,
poison: false,
createdAt: 1649100424303
},
{
id: 'xxqWk2ojB9c3WR0jgyX5',
domain: 'qxpJdmrOBpH15jaQP00P',
fqdn: 'example.com',
type: 'NS',
data: 'zeus.example.com',
network: null,
ttl: 99,
priority: 5,
flag: 0,
nullified: false,
poison: false,
createdAt: 1649102415777
}
]To remove a record
call v1.domains.records.remove --#userID=QXpWw47NrdUn95gnGwgl --id=BNkjPMLDy3HqGErJ4aaj
"BNkjPMLDy3HqGErJ4aaj"By default dohs will cache querys for their ttl time DoHs has 3 resolvers. google, cloudflare and cleanbrowsing Adding the flag --provider=cleanbrowsing will use cleanbrowsing as the upsteam resolver default is cloudflare
call v1.dohs.query --fqdn=google.com --type=A --cache=false
[
{
name: 'google.com',
type: 1,
class: 1,
ttl: 300,
address: '142.251.41.46',
data: '142.251.41.46'
}
]The DNS resolver is like DoHs but just uses node UDP. It can be useful to run on every server and test for DNS propagation or if anycast DNS is been used.
call v1.domains.resolver.resolve --fqdn=google.com --type=A --provider=opendns
[ '142.251.41.46' ][
{ "name": "google", "ip": "8.8.8.8" },
{ "name": "quad", "ip": "9.9.9.9" },
{ "name": "opendns", "ip": "208.67.222.220" },
{ "name": "verizon_fios_business", "ip": "98.113.146.9" },
{ "name": "att_services", "ip": "12.121.117.201" },
{ "name": "corporate_west_computer_systems", "ip": "66.206.166.2" },
{ "name": "quad", "ip": "149.112.112.112" },
{ "name": "cogecodata", "ip": "66.199.45.225" },
{ "name": "ionica_llc", "ip": "176.103.130.130" },
{ "name": "liquid_telecommunications_ltd", "ip": "5.11.11.5" },
{ "name": "nforce_entertainment_bv", "ip": "185.107.80.84" },
{ "name": "association_gitoyen", "ip": "80.67.169.12" },
{ "name": "prioritytelecom_spain_sa", "ip": "212.230.255.1" },
{ "name": "oskar_emmenegger", "ip": "194.209.157.109" },
{ "name": "nemoxnet", "ip": "83.137.41.9" },
{ "name": "docklands_data_centre_ltd", "ip": "81.24.196.76" },
{ "name": "mentor_it_as", "ip": "176.62.205.201" },
{ "name": "deutsche_telekom_ag", "ip": "195.243.214.4" },
{ "name": "gestion_de_direccionamiento_uninet", "ip": "201.144.135.211" },
{ "name": "claro_sa", "ip": "200.248.178.54" },
{ "name": "ohana_communications_sdn_bhd", "ip": "103.26.250.4" },
{ "name": "cloudflare_inc", "ip": "1.1.1.1" },
{ "name": "pacific_internet", "ip": "61.8.0.113" },
{ "name": "iconz_ltd", "ip": "210.48.77.68" },
{ "name": "tefincom_sa", "ip": "103.86.99.100" },
{ "name": "lg_dacom_corporation", "ip": "164.124.101.2" },
{ "name": "shenzhen_sunrise_technology_co", "ip": "202.46.32.187" },
{ "name": "teknet_yazlim", "ip": "31.7.37.37" },
{ "name": "mahanagar_telephone_nigam_limited", "ip": "203.94.227.70" },
{ "name": "multinet_pakistan_pvt_ltd", "ip": "125.209.116.22" },
{ "name": "cloudity_network", "ip": "185.83.212.30" },
{ "name": "daniel_cid", "ip": "185.228.168.9" },
{ "name": "pabna_cable_vision", "ip": "103.153.154.2" }
]