I’ve put together an updated version of Using OctoDNS To Update DNS which was great but didn’t offer full config automation and new installs stopped working at octoDNS 1.0, I believe. This version should probably be regarded as experimental as it’s my first bash at python and there are quite a few components at play. However, it’s been performing faultlessly in production for several months and I’m hoping others might find it useful. Currently, it only support the legacy Mythic Beasts primary DNS API, v1, but now the bones are in place it’s not much of a stretch to support other DNS providers.
To install…
N.B. sudo isn’t required until Step 6…
1. install python virtual environment
python3 venv /home/sympl/venv
The directory will be created, as necessary. If you’re pointing to an existing venv directory use the --upgrade or --clear options (which will delete all contents).
2. Install required modules
/home/sympl/venv/bin/pip install octodns==1.10.0 octodns-mythicbeasts==0.0.1
3. Copy two scripts to a working directory (e.g., /home/sympl/dns);
- dns-sync - a bash script that activates the virtual environment, calls
octoyaml.pyandoctodns-sync - octoyaml.py - writes a new config file for octoDNS
… and set the files executable.
4. Add the API key file
mythicbeasts.keys must exist in the working directory. This contains the managed domains and passwords as set in the Mythic Beasts Control Panel, one per line…
# Mythic Beasts dns api v1 domains and passwords
# https://www.mythic-beasts.com/support/api/dns
#
# domain and password separated by whitespace
# password minimum length 6, max 254
example.com Hide my Cracking Password, Grommet
example.net DEBUG!,\n{Munge2Rodders}Munge2"\n"ok
5. Test
The first thing to note is that dns-sync will not committ any changes unless run with --doit; without it, you’ll only see an octoDNS Plan.
From the script working directory:
./dns-sync
or if you’re using a non-default venv location
./dns-sync --venv=/home/sympl/.venv22
If you want to restrict processing to named domains or subdomains, specify them:
./dns-sync test.example.com
This filter will not affect octoyaml.py operation – a fully fledged config file is produced on every run (mythicbeasts.yaml).
Logging
dns-sync outputs to console but sends octoyaml and octoDNS showstoppers to ./errors.log - a non-zero sized file means something needs looking at.
octoyaml.py logs to octoyaml.log by default with four backups and file rotation at ~1MB.
octoDNS is governed by a config file named octodns-logging-config.yaml, if present. Without it, no file logging takes place. The example file is set for loglevel WARNING at Console and INFO for octodns.log with 6 backups and file rotation at 2MB.
Setting --debug has a few consequences:
octoyaml.py: verbose console and file logging (octoyaml.log).octoDNS: verbose file logging (octodns.log). This requires a separate logging config file,octodns-logging-config=debug.yaml, which is created if it doesn’t exist. (Edits to the file will be preserved).- An
api-debugTXT record with a timestamp will be set up. Running--debug --doitwill create the record and the next--doitwithout--debugwill delete it.
6. Deploy
If you’re good to go, add an appropriate call to dns-sync in /root/Bytemark/upload
sudo nano /root/Bytemark/upload …
/home/sympl/dns/dns-sync --doit
exit
At this point, all sympl-dns-generate updates are hooked up to the outside world. 