A Bind provisioning plugin that uses netbox_dns for its data source
Project description
Netbox Bind Provisioner
A Netbox Plugin that provides a minimal DNS Server for the automatic provisioning of a Bind9 Server from Netbox DNS data (netbox-plugin-dns).
Plugin configuration
The plugin was re-worked; Instead of exporting zone files, it provides an entire (though minimal) DNS Server that is fed directly from Netbox's DNS data. The Server also provides specialized "catalog" zones that bind uses to automatically discover new zones and remove deleted ones. The plugin supports view as well as basic dns security using TSIG.
To work correctly, each view needs a tsig key installed and the
bind-transfer-endpoint needs to be running as its own service in the background
via the manage.py command. Note that dnssec support will be implemented as
soon as bind9 has a mechanism to allow configuration of such via the Catalog
Zones mechanism.
venv/bin/python3 netbox/netbox/manage.py bind-transfer-endpoint --port 5354
Parameters
| Parameter | Description |
|---|---|
| --port | Port to listen on for requests (defaults to 5354) |
| --address | IP of interface to bind to (defaults to 0.0.0.0) |
PLUGINS_CONFIG = {
"netbox_bind_provisioner": {
"tsig_keys": {
"key1name": {
"view": "public",
"keyname": "view1key",
"algorithm": "hmac-sha256",
"secret": "base64-encoded-secret"
},
"key2name": {
"view": "private",
"keyname": "view2key",
"algorithm": "hmac-sha256",
"secret": "base64-encoded-secret"
}
},
}
}
Bind configuration
options {
...
...
allow-update { none; };
allow-query { any; };
allow-recursion { none; };
notify yes;
...
...
};
# ACLs
acl public {
!10.0.0.0/8;
!172.16.0.0/12;
!192.168.0.0/16;
any;
};
acl private {
10.0.0.0/8;
172.16.0.0/12;
192.168.0.0/16;
};
# Zone definitions
view "public" {
key "key1name" {
algorithm hmac-sha256;
secret "base64-encoded-secret";
};
match-clients { public; };
catalog-zones {
zone "catz"
default-masters { 127.0.0.1 port 5354 key "key1name"; }
zone-directory "/var/lib/bind/zones"
min-update-interval 1;
};
zone "catz" {
type slave;
file "/var/lib/bind/zones/catz_public";
masters { 127.0.0.1 port 5354 key "key1name"; };
notify no;
};
};
view "private" {
key "key2name" {
algorithm hmac-sha256;
secret "base64-encoded-secret";
};
match-clients { private; };
catalog-zones {
zone "catz"
default-masters { 127.0.0.1 port 5354 key "key2name"; }
zone-directory "/var/lib/bind/zones"
min-update-interval 1;
};
zone "catz" {
type slave;
file "/var/lib/bind/zones/catz_private";
masters { 127.0.0.1 port 5354 key "key2name"; };
notify no;
};
};
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file netbox_plugin_bind_provisioner-0.9.4.tar.gz.
File metadata
- Download URL: netbox_plugin_bind_provisioner-0.9.4.tar.gz
- Upload date:
- Size: 18.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
216492b00e0e992a3e7188c37d39a1ce65b11ec1d708f68780f12fbb072a608c
|
|
| MD5 |
6e8c60bbdc3ffe02dada0f1c3677c4ef
|
|
| BLAKE2b-256 |
8745809f3fa503a14a5036a50e2041dea5bb51384a873b4eb3cfb07fb0906943
|
File details
Details for the file netbox_plugin_bind_provisioner-0.9.4-py3-none-any.whl.
File metadata
- Download URL: netbox_plugin_bind_provisioner-0.9.4-py3-none-any.whl
- Upload date:
- Size: 17.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4593906562eca582fda140c9eddbc6d54e2219aca4c246824f1622ec11c7b351
|
|
| MD5 |
d4da8e0f87e184a3cc13d9c7154c944c
|
|
| BLAKE2b-256 |
58219cf50011a48bee07f3d069a0c4dfb7bda795f71dd190d589b825acb86e9f
|
