ZoneForge is a management tool for RFC1035/BIND style DNS zone files.
Warning
This is in early development and should be considered unstable until the first official release.
Zone files are a commonly supported standard for serving authoritative DNS zone records, such as in BIND, NSD, and CoreDNS's file plugin. While those DNS server implementations are highly performant and lightweight, they don't provide a user-friendly way to manage their zone's records.
ZoneForge simplifies the management of RFC1035/BIND-style DNS zone files by providing an intuitive web-based interface and REST API, instead of re-inventing an entire DNS server. This project is ideal for administrators who require:
- A centralized, user-friendly tool to manage DNS records.
- Robust REST API.
- Deployment flexibility for various environments.
Environment variables are available to configure the application.
| Variable | Default | Description |
|---|---|---|
| ZONE_FILE_FOLDER | ./lib/examples | The folder path to store/load zone files. |
| DEFAULT_ZONE_TTL | 86400 | The default TTL for new zones. |
Note that deprecated fields are not supported by ZoneForge.
curl -X POST 'http://localhost:5000/api/zone/example.com.' \
--header 'Content-Type: application/json' \
--data '{
"soa_ttl": "3600",
"admin_email": "admin@example.com",
"refresh": "7200",
"retry": "3600",
"expire": "1209600",
"minimum": "3600",
"primary_ns": "ns1.example.com",
"primary_ns_ttl": "3600",
"primary_ns_ip": "192.0.2.1",
"primary_ns_a_ttl": "3600"
}'curl -X GET 'http://localhost:5000/api/zone'curl -X GET 'http://localhost:5000/api/zone/example.com.'curl -X DELETE 'http://localhost:5000/api/zone/example.com.'- Limited support for record types (A, CNAME, SOA, MX, NS, TXT).
- EOL comments are supported in the
commentparameter in record related requests.
curl -X POST 'http://localhost:5000/api/zone/example.com./record/subdomain' \
--header 'Content-Type: application/json' \
--data '{
"type": "CNAME",
"data": "ns100.example.com",
"comment": "Optional comment"
}'curl -X GET 'http://localhost:5000/api/zone/example.com./record/subdomain'curl -X PUT 'http://localhost:5000/api/zone/example.com./record/subdomain' \
--header 'Content-Type: application/json' \
--data '{
"type": "CNAME",
"data": "subdomain2.example.com"
}'curl -X DELETE 'http://localhost:5000/api/zone/example.com./record/subdomain' \
--header 'Content-Type: application/json' \
--data '{
"type": "CNAME",
"data": "subdomain2.example.com"
}'| Feature | Status |
|---|---|
| Web Interface | |
| Create Zones | Complete |
| Delete Zones | Complete |
| Edit Zones | Complete |
| Edit Records | Complete |
| Create Records | Complete |
| Delete Records | Complete |
| Multi-zone Support | Complete |
| Client side validation | Planned |
| REST API | |
| CRUD for DNS Zones | Complete |
| CRUD for DNS Records | Complete |
| Thread Safety for DNS Record CRUD | Backlog |
| Zone Name Mutability | Backlog |
| Patch Method for DNS Zones | Backlog |
| Patch Method for DNS Records | Backlog |
| Management | |
| Expanded Record Type Support | Planned |
| Authentication | Backlog |
| Zone Import/Export | Backlog |
| Preserve Default Zone TTL | Backlog |
| CI/CD | |
| Dockerfile | Planned |
| GitHub Actions Build Pipeline | Planned |
| Package for PyPi/pip | Backlog |
| Test Suite | Backlog |
| GitHub Actions Test Pipeline | Backlog |
| CoreDNS Kubernetes Integration | Backlog |
- Zone File Validator by @woodjme
- DYN
- Oracle
For each domain that a given DNS server is authorative for:
-
First ensure that the zone is enabled for Zone transfer. For Windows DNS, this can be found by right-clicking the Zone -> Properties -> Zone Transfers.
-
Install
digon a unix-like system -
Find the name servers if necessary:
dig example.com -t ns -
Initiate the Zone Transfer:
dig axfr example.com @dns.example.com | grep -E -v '^;' > db.example.com -
The file
db.example.comshould now contain a RFC1035-compatible zone file.
Contributions are welcome. Please follow conventional commit syntax.
Special thanks to the following projects for providing essential libraries: