Tech Blog

How to simply manage your Gandi domains | Toucan Toco

Written by Erwan Ben Souiden | Nov 10, 2016 5:00:00 AM

We created a basic gandi.cli wrapper to manage your DNS zone files in a git repository and by command line!

Gandi is a famous French domain name registration and at ToucanToco we really enjoy their services. Gandi provides you with two tools to be able to manage your domain names:

  • the usual and common web admin console
  • the gandi.cli(Gandi CLI Python script) to play directly with Gandi’s API in command line

To facilitate your DNS changes, Gandi implemented a versioning system: for each modification you need to create a new version of your zone that you will be able to edit (by adding, deleting or modifying one or several entries). Once your modifications are done, you need to save and enable that version. Thus you can enable a previous version whenever you need it, and it’s great!

However, we were still in need of some useful features:

  • to be able to compare easily 2 versions of a given DNS zone
  • to be able to know when and who edited a DNS zone
  • to be able to have a workflow review
  • to be able to make bulk modifications (like changing all TTLs for a given pattern in a DNS zone)
  • to be able to do everything with only one basic one-liner command (without specifying any options)

By creating this humble and basic ToucanToco/gandi-dnsManager project, I hope to make up for those deficiencies. Obviously, this project is not a game changer but it could be interesting (at least for us :P).

The idea behind this project:

  • the project is a basic gandi.cli wrapper which will manage the autosetup, options and path to store your future DNS zone files… without having to think about them, thus giving you the opportunity to only focus on DNS zones :)
  • a git repository to let you compare and follow contributions and modifications of your DNS zones

This script is really easy to use. You will either need to download the latest archive of the script or just basically fork the repository ToucanToco/gandi-dnsManager.

There are only two prerequisites:

That’s all!

Before using it, you need to run a tiny setup step by launching the following command:

$ ./dnsManager.sh setupAccount

tuesday 1 november 2016, 11:33:09 (UTC+0100)	::	Setup your env

			- virtualenv missing, let's create it
Running virtualenv with interpreter /usr/bin/python2
New python executable in /tmp/dnsManager/.pyenvGandi/bin/python2
Also creating executable in /tmp/dnsManager/.pyenvGandi/bin/python
Installing setuptools, pkg_resources, pip, wheel...done.

			- gandi cli missing, let's install it
Collecting gandi.cli
Collecting pyyaml (from gandi.cli)
Collecting click>=3.1 (from gandi.cli)
Collecting requests (from gandi.cli)
  Using cached requests-2.11.1-py2.py3-none-any.whl
Requirement already satisfied (use --upgrade to upgrade): setuptools in ./.pyenvGandi/lib/python2.7/site-packages (from gandi.cli)
Collecting IPy (from gandi.cli)
Installing collected packages: pyyaml, click, requests, IPy, gandi.cli
Successfully installed IPy-0.83 click-6.6 gandi.cli-0.19 pyyaml-3.12 requests-2.11.1

			- init gandi credentials - cf https://www.gandi.net/admin/api_key
Welcome to GandiCLI, let's configure a few things before we start.

Api key: YOUR_GANDI_API_KEY
Environnment [production]/ote:
SSH keyfile [~/.ssh/id_rsa.pub]:

Setup completed. You can now:
* use 'gandi' to see all commands.
* use 'gandi vm create' to create and access a Virtual Machine.
* use 'gandi paas create' to create and access a SimpleHosting instance.


tuesday 1 november 2016, 11:33:22 (UTC+0100)	::	Setup done

This is it, now you’re ready to play!

Please note you don’t have to set your SSH keyfile in this DNS context. That’s not necessary.

If everything is ok, you should be able to list all the domains linked to your Gandi’s account:

$ ./dnsManager.sh setupAccount

tuesday 1 november 2016, 17:10:43 (UTC+0200)  ::  List all registered domains:

toucantoco.guru

tuesday 1 november 2016, 17:10:44 (UTC+0200)  ::  List done

Now, imagine a use case where we need to modify the toucantoco.guru DNS zone. The process could be as the following:

Dump the latest version of the zone file

$ ./dnsManager.sh getLastDomainZone toucantoco.guru

tuesday 1 november 2016, 17:16:43 (UTC+0200)  ::  Dump zone for toucantoco.guru

tuesday 1 november 2016, 17:16:44 (UTC+0200)  ::  Dump done, check new file: ./dns_zones/toucantoco.guru.txt

Edit the zone

$ vim ./dns_zones/toucantoto.guru.txt

Push the updates on Gandi

$ ./dnsManager.sh updateDomainZone toucantoco.guru

tuesday 1 november 2016, 17:19:20 (UTC+0200)  ::  Update DNS zone toucantoco.guru
Creating new zone file
Updating zone records
Activation of new zone version

tuesday 1 november 2016, 17:19:21 (UTC+0200)  ::  Update done, check new file: ./dns_zones/toucantoco.guru.txt

tuesday 1 november 2016, 17:19:21 (UTC+0200)  ::  Please don't forget to commit your changes
    suggestion:
            git add ./dns_zones/toucantoco.guru.txt
            git commit 'toucantoco.guru :: update/delete/add entries'

And finally commit and push your commit in your own repository

$ git add dns_zones/toucantoco.guru.txt
$ git commit -m 'toucantoco.guru :: add XXX subdomain'
$ git push

Thus, we quickly update a DNS zone by using simple commands. Everything is committed so you can easily compare versions and follow logs and contributors.

With this approach you could imagine more ambitious workflows:

  • you create pull requests
  • after reviewing and validations, the pull request is merged
  • once merged, the CI tool launches the update of the modified DNS zone. Or just use a post-receive to launch update of the zone.

Thus everything could be automated!

Easy, isn’t it? Now it’s your turn to play with it thanks to ToucanToco/gandi-dnsManager. If you have any suggestions or improvements, don’t hesitate to open an issue or push a pull request! We will be glad to discuss and improve this tiny project :)

Some useful notes:

  • if you have any doubts about your DNS modification, read the Zone file Wikipedia page
  • all zone files are stored in ./dns_zones/ (eg: ./dns_zones/mydomain.com.txt)
  • before editing and updating a zone, be sure to have the latest version of the zone (eg: ./dnsManager.sh getLastDomainZone mydomain.com). To avoid crushing uncommitted modifications
  • Gandi’s API doesn’t allow to download complete zones with more than 500 entries