cybercinch/directdnsonly
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity

Add dry-run mode for reconciliation poller #3

New Issue
Closed
opened 2026-02-18 11:01:41 +13:00 by guisea · 1 comment
guisea commented 2026-02-18 11:01:41 +13:00
Owner
Copy Link

The first reconciliation pass on a server that has been running without directdnsonly for years will immediately queue deletes for all orphaned zones. There is currently no way to preview what would be deleted before committing.

Proposed solution:
Add a dry_run: true option to the reconciliation config block. When enabled:

  • The poller runs its full logic (fetch DA domains, compare against DB, identify orphans)
  • Instead of queuing deletes, it logs what would be deleted at WARN level
  • Backfill/migration updates still apply (these are safe writes, not destructive)
  • A summary is logged at the end of each pass

Config:

reconciliation:
  enabled: true
  dry_run: true   # preview mode — log orphans but do not queue deletes
  interval_minutes: 60
  directadmin_servers: ...

This gives operators a way to audit the state of the zone index before enabling live deletion.

The first reconciliation pass on a server that has been running without directdnsonly for years will immediately queue deletes for all orphaned zones. There is currently no way to preview what would be deleted before committing. **Proposed solution:** Add a `dry_run: true` option to the reconciliation config block. When enabled: - The poller runs its full logic (fetch DA domains, compare against DB, identify orphans) - Instead of queuing deletes, it logs what *would* be deleted at WARN level - Backfill/migration updates still apply (these are safe writes, not destructive) - A summary is logged at the end of each pass **Config:** ```yaml reconciliation: enabled: true dry_run: true # preview mode — log orphans but do not queue deletes interval_minutes: 60 directadmin_servers: ... ``` This gives operators a way to audit the state of the zone index before enabling live deletion.
guisea added the enhancement label 2026-02-18 11:01:41 +13:00
guisea commented 2026-02-18 11:03:20 +13:00
Author
Owner
Copy Link

Implemented in app/reconciler.py:

  • dry_run read from config in __init__ (default false)
  • start() logs [DRY-RUN] mode on startup with a prominent warning
  • _reconcile_all logs [DRY-RUN] Would delete orphan: ... at WARN instead of queuing — backfill/migration writes still apply as they are non-destructive
  • Summary log distinguishes dry-run vs live pass
  • Config default added to config/__init__.py
  • app.yml comment block updated with dry_run option

Usage: set reconciliation.dry_run: true for a safe first-run audit pass, then remove or set to false to enable live deletion.

Implemented in `app/reconciler.py`: - `dry_run` read from config in `__init__` (default `false`) - `start()` logs `[DRY-RUN]` mode on startup with a prominent warning - `_reconcile_all` logs `[DRY-RUN] Would delete orphan: ...` at WARN instead of queuing — backfill/migration writes still apply as they are non-destructive - Summary log distinguishes dry-run vs live pass - Config default added to `config/__init__.py` - `app.yml` comment block updated with `dry_run` option **Usage:** set `reconciliation.dry_run: true` for a safe first-run audit pass, then remove or set to `false` to enable live deletion.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
enhancement
New feature or improvement
 tech-debt
Technical debt / cleanup
No Label enhancement
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
cibot guisea
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: cybercinch/directdnsonly#3
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?