cybercinch/directdnsonly
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity
Files
143cf9c7926bfca3d0ac4b9b945ef9cf0909a0ee
directdnsonly/directdnsonly/config/app.yml

70 lines
2.1 KiB
YAML
Raw Normal View History

feat: migrate to Poetry and implement multi-backend DNS management ✨ - Migrated from setuptools to Poetry; added pyproject.toml, poetry.lock, poetry.toml and .python-version (Python 3.11.12) - Built out full directdnsonly Python package with BIND and CoreDNS MySQL backends, CherryPy REST API, persist-queue worker, and vyper-based config - Auth credentials now read from config/env (app.auth_username/password) rather than hardcoded; override via DADNS_APP_AUTH_PASSWORD env var - Added Dockerfile.deepseek: Python 3.11 slim + BIND9 + Poetry install - Rewrote docker-compose.yml for local dev stack (MySQL + dadns services) - Added SQL schema, docker/ BIND configs, justfile, tests, and README - Expanded .gitignore for Poetry/Python project artifacts
2026-02-17 16:12:46 +13:00
---
timezone: Pacific/Auckland
log_level: INFO
queue_location: ./data/queues
app:
auth_username: directdnsonly
auth_password: changeme # Override via DADNS_APP_AUTH_PASSWORD env var
feat: Update dependencies in poetry.lock and pyproject.toml :sparkles: - Added `certifi` version 2026.1.4 and `charset-normalizer` version 3.4.4 to poetry.lock. - Introduced `idna` version 3.11 to poetry.lock. - Updated `requests` to version 2.32.5 in poetry.lock and added it as a dependency in pyproject.toml. - Updated `urllib3` to version 2.6.3 in poetry.lock. - Added extras for `requests` and `urllib3` in poetry.lock.
2026-02-18 07:18:44 +13:00
# Reconciliation poller — queries each DA server and removes orphaned zones
# Disabled by default. Only touches zones registered via DaDNS (in our DB).
# If a DA server is unreachable, that server is skipped entirely.
#reconciliation:
# enabled: true
feat: add test suite, fix backend bugs, remove legacy artifacts 🧪 - Add 73-test suite across conftest, utils, admin API, reconciler, zone parser, and CoreDNS MySQL backend (all green, ~0.5s) - Fix zone_exists filter using wrong column name (name → zone_name) - Fix delete_zone missing dot_fqdn normalization on lookup - Remove spurious unused `from config import config` in coredns_mysql.py - Fix config loader to search module-relative path so tests find app.yml without needing a root-level config/ directory - Remove legacy v1 Flask prototype (app.py), empty config.json, and duplicate root config/app.yml
2026-02-18 22:03:04 +13:00
# dry_run: true # log orphans but do NOT queue deletes — safe first-run mode
feat: Update dependencies in poetry.lock and pyproject.toml :sparkles: - Added `certifi` version 2026.1.4 and `charset-normalizer` version 3.4.4 to poetry.lock. - Introduced `idna` version 3.11 to poetry.lock. - Updated `requests` to version 2.32.5 in poetry.lock and added it as a dependency in pyproject.toml. - Updated `urllib3` to version 2.6.3 in poetry.lock. - Added extras for `requests` and `urllib3` in poetry.lock.
2026-02-18 07:18:44 +13:00
# interval_minutes: 60
feat: add initial_delay_minutes to reconciler for LB stagger 🕐 Configurable startup delay before the first reconciliation pass so that multiple receivers behind a load balancer can be offset without relying on container start order (which is lost on reboot). Set to half the interval on the secondary receiver — e.g. interval 60m → delay 30m. Default is 0 (no change to existing behaviour). Stop event is respected during the delay so the worker shuts down cleanly even mid-wait.
2026-02-19 15:28:30 +13:00
# initial_delay_minutes: 0 # stagger first run when running multiple receivers behind a LB
# # e.g. receiver-1: 0, receiver-2: 30 (half the interval)
feat: Update dependencies in poetry.lock and pyproject.toml :sparkles: - Added `certifi` version 2026.1.4 and `charset-normalizer` version 3.4.4 to poetry.lock. - Introduced `idna` version 3.11 to poetry.lock. - Updated `requests` to version 2.32.5 in poetry.lock and added it as a dependency in pyproject.toml. - Updated `urllib3` to version 2.6.3 in poetry.lock. - Added extras for `requests` and `urllib3` in poetry.lock.
2026-02-18 07:18:44 +13:00
# verify_ssl: true # set false for self-signed DA certs
feat: add test suite, fix backend bugs, remove legacy artifacts 🧪 - Add 73-test suite across conftest, utils, admin API, reconciler, zone parser, and CoreDNS MySQL backend (all green, ~0.5s) - Fix zone_exists filter using wrong column name (name → zone_name) - Fix delete_zone missing dot_fqdn normalization on lookup - Remove spurious unused `from config import config` in coredns_mysql.py - Fix config loader to search module-relative path so tests find app.yml without needing a root-level config/ directory - Remove legacy v1 Flask prototype (app.py), empty config.json, and duplicate root config/app.yml
2026-02-18 22:03:04 +13:00
# ipp: 1000 # items per page when polling DA (default 1000)
feat: Update dependencies in poetry.lock and pyproject.toml :sparkles: - Added `certifi` version 2026.1.4 and `charset-normalizer` version 3.4.4 to poetry.lock. - Introduced `idna` version 3.11 to poetry.lock. - Updated `requests` to version 2.32.5 in poetry.lock and added it as a dependency in pyproject.toml. - Updated `urllib3` to version 2.6.3 in poetry.lock. - Added extras for `requests` and `urllib3` in poetry.lock.
2026-02-18 07:18:44 +13:00
# directadmin_servers:
# - hostname: da1.example.com
# port: 2222
# username: admin
# password: secret
# ssl: true
# - hostname: da2.example.com
# port: 2222
# username: admin
# password: secret
# ssl: true
feat: add peer sync worker for zone_data exchange between nodes 🔄 Adds optional peer-to-peer zone_data replication between directdnsonly instances. Enables eventual consistency in DA Multi-Server topologies without a shared datastore. - InternalAPI: GET /internal/zones (list) and ?domain= (detail) exposes zone_data to peers via existing basic auth - PeerSyncWorker: interval-based daemon thread that fetches zone_data from configured peers, storing newer entries locally; peer downtime is silently skipped and retried next interval - WorkerManager: wires PeerSyncWorker alongside reconciler; exposes peer_syncer_alive in queue_status - Config: peer_sync block with enabled/interval_minutes/peers[] - Tests: 13 tests covering sync, skip-older, skip-unreachable, empty peer list, bad status, and missing zone_data scenarios
2026-02-19 22:16:55 +13:00
# Peer sync — exchange zone_data between directdnsonly instances
# Enables eventual consistency without a shared datastore.
# If a peer is offline, the sync is silently skipped and retried next interval.
# Use the same credentials as the peer's app.auth_username / auth_password.
#peer_sync:
# enabled: true
# interval_minutes: 15
# peers:
# - url: http://ddo-2:2222 # URL of the peer directdnsonly instance
# username: directdnsonly
# password: changeme
feat: migrate to Poetry and implement multi-backend DNS management ✨ - Migrated from setuptools to Poetry; added pyproject.toml, poetry.lock, poetry.toml and .python-version (Python 3.11.12) - Built out full directdnsonly Python package with BIND and CoreDNS MySQL backends, CherryPy REST API, persist-queue worker, and vyper-based config - Auth credentials now read from config/env (app.auth_username/password) rather than hardcoded; override via DADNS_APP_AUTH_PASSWORD env var - Added Dockerfile.deepseek: Python 3.11 slim + BIND9 + Poetry install - Rewrote docker-compose.yml for local dev stack (MySQL + dadns services) - Added SQL schema, docker/ BIND configs, justfile, tests, and README - Expanded .gitignore for Poetry/Python project artifacts
2026-02-17 16:12:46 +13:00
dns:
default_backend: bind
backends:
bind:
type: bind
enabled: true
zones_dir: ./data/zones
named_conf: ./data/named.conf.include
coredns_dc1:
type: coredns_mysql
enabled: true
host: "mysql-dc1"
port: 3306
database: "coredns"
username: "coredns"
password: "coredns123"
table_name: "records"
coredns_dc2:
type: coredns_mysql
enabled: true
host: "mysql-dc2"
port: 3306
database: "coredns"
username: "coredns"
password: "coredns123"
table_name: "records"
Reference in New Issue Copy Permalink