Convert Figma logo to code with AI

StackExchange logodnscontrol

Infrastructure as code for DNS!

3,078
390
3,078
79
View on GitHub

Top Related Projects

octodns's avatar

octodns

3,115

Tools for managing DNS across multiple providers

AnalogJ's avatar

lexicon

1,469

Manipulate DNS records on various DNS providers in a standardized way.

PowerDNS's avatar

pdns

3,614

PowerDNS Authoritative, PowerDNS Recursor, dnsdist

Quick Overview

DNSControl is an infrastructure-as-code tool for managing DNS records across multiple providers. It allows users to define DNS configurations in a high-level language, version control their DNS settings, and automatically push changes to various DNS providers.

Pros

  • Supports multiple DNS providers, allowing for easy management of DNS across different platforms
  • Uses a domain-specific language for defining DNS configurations, making it easier to read and maintain
  • Provides a way to version control DNS settings, enabling better tracking of changes and collaboration
  • Offers a preview feature to see potential changes before applying them

Cons

  • Requires learning a new domain-specific language for configuration
  • May have a steeper learning curve compared to using provider-specific tools
  • Limited to supported DNS providers, which may not include all available options
  • Requires manual setup and maintenance of the tool and its dependencies

Code Examples

  1. Defining a simple DNS configuration:
D("example.com", REG_NONE, 
  A("@", "1.2.3.4"),
  CNAME("www", "@"),
  MX("@", 10, "mail.example.com.")
)
  1. Using variables and loops for more complex configurations:
var IP = "192.168.1.";
D("example.com", REG_NONE, 
  A("@", IP+"1"),
  CNAME("www", "@"),
  LOOP(5, function(i) {
    A("server"+i, IP+(i+1))
  })
)
  1. Configuring multiple providers:
var REG = NewRegistrar("name.com", "NAMEDOTCOM");
var DNS = NewDnsProvider("cloudflare", "CLOUDFLAREAPI");

D("example.com", REG, DnsProvider(DNS),
  A("@", "1.2.3.4"),
  CNAME("www", "@")
)

Getting Started

  1. Install DNSControl:

    go get github.com/StackExchange/dnscontrol

  2. Create a dnsconfig.js file with your DNS configuration:

    var REG = NewRegistrar("name.com", "NAMEDOTCOM");
var DNS = NewDnsProvider("cloudflare", "CLOUDFLAREAPI");

D("example.com", REG, DnsProvider(DNS),
  A("@", "1.2.3.4"),
  CNAME("www", "@")
)

  3. Create a creds.json file with your provider credentials (keep this file secure).

  4. Preview changes:

    dnscontrol preview

  5. Apply changes:

    dnscontrol push

Competitor Comparisons

octodns logo

octodns

3,115

Tools for managing DNS across multiple providers

Pros of octoDNS

  • Supports a wider range of DNS providers out of the box
  • Offers a more flexible configuration system using YAML
  • Provides built-in support for geo-based routing and health checks

Cons of octoDNS

  • Steeper learning curve due to more complex configuration options
  • Less focus on version control and change management features
  • Slower development and release cycle compared to DNSControl

Code Comparison

octoDNS configuration example:

providers:
  config:
    class: octodns.provider.yaml.YamlProvider
    directory: ./config
  route53:
    class: octodns.provider.route53.Route53Provider
    access_key_id: env/AWS_ACCESS_KEY_ID
    secret_access_key: env/AWS_SECRET_ACCESS_KEY

DNSControl configuration example:

var REG_NONE = NewRegistrar('none', 'NONE');
var DNS_CLOUDFLARE = NewDnsProvider('cloudflare', 'CLOUDFLAREAPI');

D('example.com', REG_NONE, DnsProvider(DNS_CLOUDFLARE),
    A('www', '1.2.3.4'),
    CNAME('alias', 'www.example.com.')
);

Both octoDNS and DNSControl are powerful DNS management tools, each with its own strengths. octoDNS offers more flexibility and provider support, while DNSControl focuses on simplicity and version control integration. The choice between them depends on specific project requirements and team preferences.

AnalogJ logo

lexicon

1,469

Manipulate DNS records on various DNS providers in a standardized way.

Pros of Lexicon

  • Supports a wider range of DNS providers (over 50)
  • Offers a command-line interface for easier integration with scripts and automation
  • Provides a Python library for programmatic access to DNS management

Cons of Lexicon

  • Less focus on infrastructure-as-code principles
  • Lacks a domain-specific language for defining DNS configurations
  • May require more manual effort for complex DNS setups

Code Comparison

DNSControl configuration:

D("example.com", REG_NONE, DnsProvider(CLOUDFLARE),
  A("@", "1.2.3.4"),
  CNAME("www", "@"),
  MX("@", 10, "mail.example.com.")
);

Lexicon command-line usage:

lexicon cloudflare create example.com A @ 1.2.3.4
lexicon cloudflare create example.com CNAME www @
lexicon cloudflare create example.com MX @ 10 mail.example.com.

Both tools offer ways to manage DNS records, but DNSControl provides a more declarative approach with its configuration file, while Lexicon focuses on individual record management through command-line operations or Python library calls.

PowerDNS logo

pdns

3,614

PowerDNS Authoritative, PowerDNS Recursor, dnsdist

Pros of pdns

  • Full-featured authoritative DNS server and recursor
  • Supports various backend databases for storing DNS records
  • Highly scalable and suitable for large-scale deployments

Cons of pdns

  • Steeper learning curve for configuration and management
  • Requires more system resources compared to lightweight alternatives
  • Less focus on multi-provider management and abstraction

Code Comparison

pdns (PowerDNS) configuration example:

launch=gmysql
gmysql-host=localhost
gmysql-user=pdns
gmysql-dbname=pdns
gmysql-password=secret

dnscontrol configuration example:

var REG_NONE = NewRegistrar('none', 'NONE');
var DNS_BIND = NewDnsProvider('bind', 'BIND');

D('example.com', REG_NONE, DnsProvider(DNS_BIND),
  A('@', '1.2.3.4'),
  CNAME('www', '@')
);

pdns focuses on server configuration and backend setup, while dnscontrol emphasizes declarative DNS management across multiple providers. pdns is better suited for organizations requiring a full DNS server solution, whereas dnscontrol excels in managing DNS records across various providers with a unified configuration approach.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

DNSControl

StackExchange/dnscontrol/build Google Group PkgGoDev

DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language (DSL) for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, Cloudflare, and Gandi. It can send the same DNS records to multiple providers. It even generates the most beautiful BIND zone files ever. It runs anywhere Go runs (Linux, macOS, Windows). The provider model is extensible, so more providers can be added.

Currently supported DNS providers:

  • Akamai Edge DNS
  • AutoDNS
  • AWS Route 53
  • AXFR+DDNS
  • Azure DNS
  • Azure Private DNS
  • BIND
  • Bunny DNS
  • Cloudflare
  • ClouDNS
  • deSEC
  • DigitalOcean
  • DNS Made Easy
  • DNSimple
  • Domainnameshop (Domeneshop)
  • Exoscale
  • Gandi
  • Gcore
  • Google DNS
  • Hetzner
  • HEXONET
  • hosting.de
  • Huawei Cloud DNS
  • Hurricane Electric DNS
  • INWX
  • Linode
  • Loopia
  • LuaDNS
  • Microsoft Windows Server DNS Server
  • Mythic Beasts
  • Namecheap
  • Name.com
  • Netcup
  • Netlify
  • NS1
  • Oracle Cloud
  • OVH
  • Packetframe
  • Porkbun
  • PowerDNS
  • Realtime Register
  • RWTH DNS-Admin
  • Sakura Cloud
  • SoftLayer
  • TransIP
  • Vultr

Currently supported Domain Registrars:

  • AWS Route 53
  • CSC Global
  • DNSOVERHTTPS
  • Dynadot
  • easyname
  • Gandi
  • HEXONET
  • hosting.de
  • Internet.bs
  • INWX
  • Namecheap
  • Name.com
  • OpenSRS
  • OVH
  • Realtime Register

At Stack Overflow, we use this system to manage hundreds of domains and subdomains across multiple registrars and DNS providers.

You can think of it as a DNS compiler. The configuration files are written in a DSL that looks a lot like JavaScript. It is compiled to an intermediate representation (IR). Compiler back-ends use the IR to update your DNS zones on services such as Route53, Cloudflare, and Gandi, or systems such as BIND.

An Example

dnsconfig.js:

// define our registrar and providers
var REG_NAMECOM = NewRegistrar("name.com");
var r53 = NewDnsProvider("r53")

D("example.com", REG_NAMECOM, DnsProvider(r53),
  A("@", "1.2.3.4"),
  CNAME("www","@"),
  MX("@",5,"mail.myserver.com."),
  A("test", "5.6.7.8")
)

Running dnscontrol preview will talk to the providers (here name.com as registrar and route 53 as the dns host), and determine what changes need to be made.

Running dnscontrol push will make those changes with the provider and my dns records will be correctly updated.

The easiest way to run DNSControl is to use the Docker container:

docker run --rm -it -v "$(pwd):/dns"  ghcr.io/stackexchange/dnscontrol preview

See Getting Started page on documentation site to get started!

Benefits

  • Less error-prone than editing a BIND zone file.
  • More reproducible than clicking buttons on a web portal.
  • Easily switch between DNS providers: The DNSControl language is vendor-agnostic. If you use it to maintain your DNS zone records, you can switch between DNS providers easily. In fact, DNSControl will upload your DNS records to multiple providers, which means you can test one while switching to another. We've switched providers 3 times in three years and we've never lost a DNS record.
  • Adopt CI/CD principles to DNS! At StackOverflow we maintain our DNSControl configurations in Git and use our CI system to roll out changes. Keeping DNS information in a VCS means we have full history. Using CI enables us to include unit-tests and system-tests. Remember when you forgot to include a "." at the end of an MX record? We haven't had that problem since we included a test to make sure Tom doesn't make that mistake... again.
  • Adopt PR-based updates. Allow developers to send updates as PRs, which you can review before you approve.
  • Variables save time! Assign an IP address to a constant and use the variable name throughout the file. Need to change the IP address globally? Just change the variable and "recompile."
  • Macros! Define your SPF records, MX records, or other repeated data once and re-use them for all domains.
  • Control Cloudflare from a single source of truth. Enable/disable Cloudflare proxying (the "orange cloud" button) directly from your DNSControl files.
  • Keep similar domains in sync with transforms and other features. If one domain is supposed to be a filtered version of another, this is easy to set up.
  • It is extendable! All the DNS providers are written as plugins. Writing new plugins is very easy.

Installation

DNSControl can be installed via packages for macOS, Linux and Windows, or from source code. See the official instructions.

Via GitHub Actions (GHA)

See dnscontrol-action or gacts/install-dnscontrol.

Deprecation warnings (updated 2024-03-25)

  • REV() will switch from RFC2317 to RFC4183 in v5.0. This is a breaking change. Warnings are output if your configuration is affected. No date has been announced for v5.0. See https://docs.dnscontrol.org/language-reference/top-level-functions/revcompat
  • MSDNS maintainer needed! Without a new volunteer, this DNS provider will lose support after April 2025. See https://github.com/StackExchange/dnscontrol/issues/2878
  • NAMEDOTCOM and SOFTLAYER need maintainers! These providers have no maintainer. Maintainers respond to PRs and fix bugs in a timely manner, and try to stay on top of protocol changes.
  • get-certs/ACME support is frozen and will be removed without notice between now and July 2025. It has been unsupported since December 2022. If you don't use this feature, do not start. If you do use this feature, migrate ASAP. See discussion in issues/1400

More info at our website

The website: https://docs.dnscontrol.org/

The getting started guide: https://docs.dnscontrol.org/getting-started/getting-started

Stargazers over time

Stargazers over time