uberspace / dino Goto Github PK
View Code? Open in Web Editor NEWa modern DNS record editor for PowerDNS.
License: MIT License
a modern DNS record editor for PowerDNS.
License: MIT License
Currently only the first 20 search results are shown. Steal some code from b62ffb8.
Our dockerfile currently installs the development dependencies and uses runserver
. Neither is a good idea in production.
CMD
to runserverZone names are currently shown just like the PowerDNS API returns them. For zones containing non-ascii characters, the punnycoded form is shown.
Editing punnycoded zones/records is a different beast and handled in #46.
File "/var/dino/.local/lib/python3.6/site-packages/dino/settings.py", line 24, in <module>
os.path.abspath('./dino.cfg'),
File "/usr/lib64/python3.6/posixpath.py", line 376, in abspath
cwd = os.getcwd()
FileNotFoundError: [Errno 2] No such file or directory
su -
cd ~root
sudo -u www-dino /bin/uwsgi --http :8081 --module dino.wsgi
The test coverage currently ends at our pdns wrapper class. Add a new type of tests, spinning up an actual powerdns in docker and test a few basic workflows against it. A new powerdns instance should be used for each test case.
redirect_url
to delete formsredirect_url
to edit formDisplay a link to /admin
in the top-right corner, next to "Logout", if user may has staff permissions.
Write down when one of the following happens:
Display a searchable audit log
Use either the system/models built into the django admin or one of these.
When editing the SOA record created by PowerDNS we end up with two of them. This probably applies to all apex/root records, but I can't test that due to #24.
The powerdns API only supports a single API key with full permissions and is thus not easy to use outside or even inside on organisation.
Use django REST framework or come up with a good reason to use another scheme and use that.
The django TIME_ZONE
config value sets ... the timezone used for logging, auditing and other things. Add the env variable DINO_TIME_ZONE
to enable admins to set it.
Could not create new record. PowerDNS error: RRset www.asd.com. IN CNAME: Conflicts with pre-existing non-CNAME RRset
Depending on the old and new rtype, change the delete behavior. For example, create new SOA before deleting old one, delete old record before creating CNAME,...
currently only the google social provider in django-allauth is enabled. Add a setting to enable arbitrary other ones.
rst is more common in the python world and more easily imported into sphinx or pypi.
DeleteConfirmView
currently implements success_message
handling all on its own.
SuccessMessageMixin
success_message
sSome users might have many look-alike zones. Introduce zone templates (a list of predefined records), allow basic templating within the values (e.g. zone name, current time), allow global and per-tenant templates. Optionally allow users to select a template creating a new zone.
enable users to create records at apex/root using the following as name
:
@
Also consider .
(a dot) and the domain name itself (e.g. example.com
with or without the trailing dot).
SRV records start with an underscore, e.g. _matrix._tcp.example.org
. This currently yields an input validation error.
Currently the search bar is case sensitive. This isn't that intuitive especially for the rrtypes.
Creating a zone or record with umlauts or other non-ascii characters currently yields an PowerDNS API error:
Could not create new record. PowerDNS error: Name '\195\182.asd.com.' contains unsupported characters
This is mainly to enable admins to get a list of tenants for a given domain.
django-allauth is included and configured within dino, but there is no way for users to connect their dino account to a social account.
Permissions are currently enforced on the server side and indicated on the client site by disabling the respective buttons. The server side behavior is already implemented and tested.
btn_perm
Add a small button with an x
. Clicking it clears all search inputs and shows the full list of records/zones.
add a dino config for SECURE_PROXY_SSL_HEADER
to fix full URLs generated by django. This fixes the redirect_uri given to google and others during social login.
Our environment variable loading is currently a bit hacky. Try to find a django app or unrelated library to do the heavy lifting for us. If there is none, make up a better solution ourselves or at least move the current one into a different file for better testing.
Deleting zones in dino works just fine, but the local database is never updated, leading to dormant entries in the DB and UI.
Provide a drop-down to filter record list by type, in addition to free-from search.
Add a DINO_FILES_ROOT
variable, used to derive STATIC_ROOT
(in .../static
) and MEDIA_ROOT
(in .../media
) settings.
PowerDNS requires the content of TXT
records to be quoted and escaped properly. This can be confusing to users. Since we can fully automate the expected behavior, we should hide it from the user.
See https://doc.powerdns.com/authoritative/appendices/types.html#txt for details.
For TXT
records, when saving
"
around record context"
as \"
\
as \\
and when getting:
Zones may not be present in the PowerDNS API when we expect them to. This may happen if some other system changed the data or when PowerDNS temporarily returns no or faulty data.
If we detect that a zone is present in our database, but not in API responses, present the user with a "this zone has vanished, want to delete?" screen. In case the user does not have permission to delete that zone, present a similar screen, asking them to contact their admin.
Dino offers a number of configuration values, which can be set via the environment.
Tenant admins can specify one or more tenants when creating a zone. Add an edit button to change this afterwards.
The django ADMINS
config value allows determines where stacktraces get sent to. Add the env variable DINO_ADMINS
to enable admins to set it.
Currently configuration can only be read from the process environment. While this is handy for docker-base deployments, setting values in a simple text file might be desiderable.
.env-dino
or .dino-env
key-value text file.if a tenant creates a zone, it is currently not associated with any tenant. This means that the tenant cannot edit the zone they just created.
Signup is currently either disabled for everyone or enabled for everyone. Change this so it's disabled for everyone, but enabled for users from a list of domains (e.g. @company.com
).
DINO_VALID_SIGNUP_DOMAINS
setting (type: list)NoNewUsersAccountAdapter.clean_email
NoNewUsersAccountAdapter
a new name ;)clean_email
is actually called for social accounts (it's not.)SocialAccountAdapter
DINO_VALID_SIGNUP_DOMAINS
is set, ...
SOCIALACCOUNT_EMAIL_VERIFICATION = False
SOCIALACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_VERIFICATION = True
ACCOUNT_EMAIL_REQUIRED = True
SOCIALACCOUNT_PROVIDERS = {
'google': {
'AUTH_PARAMS': {
'hd': DINO_VALID_SIGNUP_DOMAINS[0],
}
}
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.