{"id":25220749,"url":"https://github.com/7c/coredns-autodns","last_synced_at":"2025-04-05T11:22:28.569Z","repository":{"id":275449554,"uuid":"926065396","full_name":"7c/coredns-autodns","owner":"7c","description":"coredns plugins to be able to register subdomains of allowed domain(s) and resolved from coredns-redis plugin. Designed for tailscale/headscale/zerotier networks similar to magicdns","archived":false,"fork":false,"pushed_at":"2025-02-02T17:51:14.000Z","size":14,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-10T21:55:13.823Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/7c.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-02T13:22:48.000Z","updated_at":"2025-02-02T17:49:41.000Z","dependencies_parsed_at":"2025-02-02T16:39:03.521Z","dependency_job_id":null,"html_url":"https://github.com/7c/coredns-autodns","commit_stats":null,"previous_names":["7c/coredns-autodns"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/7c%2Fcoredns-autodns","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/7c%2Fcoredns-autodns/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/7c%2Fcoredns-autodns/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/7c%2Fcoredns-autodns/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/7c","download_url":"https://codeload.github.com/7c/coredns-autodns/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247326810,"owners_count":20920913,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-02-10T21:55:15.106Z","updated_at":"2025-04-05T11:22:28.546Z","avatar_url":"https://github.com/7c.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# coredns-autodns plugin\nautodns loads zones from redis server and can resolve them, under the hood it is using [coredns-redis](https://github.com/codysnider/coredns-redis) plugin.You should always use [acl](https://coredns.io/plugins/acl/) plugin with autodns plugins for access control. autodns main functionality is to register subdomains of given zones with a simple keyword `_reg.` as prefix. It is recommended to listen to a vpn/tailscale/zerotier network and allow only these trusted networks with 'register.network' directive.it can set `register.deny` to deny registration of some subdomains they might be used for other purposes. It is planned to be loose, meaning you can have ns1 and ns2 servers and they will be using their own redis-servers and zones. It is recommended to have 2 seperate nameservers for same domain on different datacenters. Every client should register at both ns1 and ns2. It is fine to have custom tlds which are not resolveable from the public internet, but i prefer to have dedicated domain for this purpose which can be resolved from the public internet. i would block ns1,ns2,ns3, www from registering, allow only trusted networks registration and serve only that domain to be resolved from the public internet and never allow \".\" to be served. `fallthrough` support for records plugin is added to https://github.com/7c/coredns-records plugin, in case you need to serve static records.\n\n## how to build\nthis plugin is designed to be built with coredns build system. Check https://coredns.io/2017/07/25/compile-time-enabling-or-disabling-plugins/ for more information. But basically you should clone the coredns repo and insert 'autodns:https://github.com/7c/coredns-autodns' to the `plugin.cfg` file and build it with `make` command inside the coredns directory.\n```\ngit clone https://github.com/coredns/coredns\ncd coredns\n# echo \"records:github.com/7c/coredns-records\" \u003e\u003e plugin.cfg\necho \"autodns:github.com/7c/coredns-autodns\" \u003e\u003e plugin.cfg\napt install -y make\nmake\n#./coredns -plugins | grep records\n./coredns -plugins | grep autodns\n\n```\n\n\n## autodns functionality\n\n\n## register\n```bash\n## register at ns1.example.com\nhost1 \u003e host -t TXT _reg.host1.example.com @100.64.0.1\n## register at ns2.example.com\nhost1 \u003e host -t TXT _reg.host1.example.com @100.64.0.2\n\n## lookup now should return the ip address available from public internet\n$ host host1.example.com\n## if you have choosen to use custom tlds, you should lookup like this\n$ host host1.custom.tld 100.64.0.1\n```\n\n~~~\nrecords {\n    ns1 3600 IN A 1.2.3.4\n    ns2 3600 IN A 1.2.3.5\n    fallthrough\n}\nautodns example.com {\n    ## redis server connection configuration\n    address ADDR\n    password PWD\n    prefix PREFIX\n    suffix SUFFIX\n    connect_timeout TIMEOUT\n    read_timeout TIMEOUT\n    ttl TTL\n    ## debugging\n    verbose\n    ## this will create SOA RR for the zone if it doesn't exist yet\n    autocreate ZONE1\n    autocreate ZONE2\n    ## networks to allow registration from\n    register.network 100.64.0.0/16\n    register.network 127.0.0.1/32\n    ## subdomains ns1.example.com, ns2.example.com, ns3.example.com, www.example.com are not allowed to register\n    register.deny \"ns1\"\n    register.deny \"ns2\"\n    register.deny \"ns3\"\n    register.deny \"www\"\n}\n\n~~~\n\n* `address` is redis server address to connect in the form of *host:port* or *ip:port*.\n* `password` is redis server *auth* key, default is empty\n* `connect_timeout` time in ms to wait for redis server to connect, default is 100ms\n* `read_timeout` time in ms to wait for redis server to respond, default is 100ms\n* `ttl` default ttl for dns records, default is 300s\n* `prefix` add PREFIX to all redis keys, default is empty\n* `suffix` add SUFFIX to all redis keys, default is empty\n* `verbose` print debug information, default is false   \n* `autocreate` create zone in redis if it doesn't exist, default is false\n* `register.network` networks to allow registration from, default is empty and no registration is allowed\n* `register.deny` subdomains to deny registration from, default is empty and all subdomains are allowed to be registered\n## examples\n\n~~~ corefile\n. {\n    autodns example.com {\n        address localhost:6379\n        password foobared\n    }\n}\n~~~\n\n## reverse zones\n\nreverse zones is not supported yet\n\n## proxy\n\nproxy is not supported yet\n\n## zone format in redis db\n\n### zones\n\neach zone is stored in redis as a hash map with *zone* as key\n\n~~~\nredis-cli\u003eKEYS *\n1) \"example.com.\"\n2) \"example.net.\"\nredis-cli\u003e\n~~~\n\n### dns RRs \n\ndns RRs are stored in redis as json strings inside a hash map using address as field key.\n*@* is used for zone's own RR values.\n\n#### A\n\n~~~json\n{\n    \"a\":{\n        \"ip\" : \"1.2.3.4\",\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### AAAA\n\n~~~json\n{\n    \"aaaa\":{\n        \"ip\" : \"::1\",\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### CNAME\n\n~~~json\n{\n    \"cname\":{\n        \"host\" : \"x.example.com.\",\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### TXT\n\n~~~json\n{\n    \"txt\":{\n        \"text\" : \"this is a text\",\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### NS\n\n~~~json\n{\n    \"ns\":{\n        \"host\" : \"ns1.example.com.\",\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### MX\n\n~~~json\n{\n    \"mx\":{\n        \"host\" : \"mx1.example.com\",\n        \"priority\" : 10,\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### SRV\n\n~~~json\n{\n    \"srv\":{\n        \"host\" : \"sip.example.com.\",\n        \"port\" : 555,\n        \"priority\" : 10,\n        \"weight\" : 100,\n        \"ttl\" : 360\n    }\n}\n~~~\n\n#### SOA\n\n~~~json\n{\n    \"soa\":{\n        \"ttl\" : 100,\n        \"mbox\" : \"hostmaster.example.com.\",\n        \"ns\" : \"ns1.example.com.\",\n        \"refresh\" : 44,\n        \"retry\" : 55,\n        \"expire\" : 66\n    }\n}\n~~~\n\n#### CAA\n\n~~~json\n{\n    \"caa\":{\n        \"flag\" : 0,\n        \"tag\" : \"issue\",\n        \"value\" : \"letsencrypt.org\"\n    }\n}\n~~~\n\n#### example\n\n~~~\n$ORIGIN example.net.\n example.net.                 300 IN  SOA   \u003cSOA RDATA\u003e\n example.net.                 300     NS    ns1.example.net.\n example.net.                 300     NS    ns2.example.net.\n *.example.net.               300     TXT   \"this is a wildcard\"\n *.example.net.               300     MX    10 host1.example.net.\n sub.*.example.net.           300     TXT   \"this is not a wildcard\"\n host1.example.net.           300     A     5.5.5.5\n _ssh.tcp.host1.example.net.  300     SRV   \u003cSRV RDATA\u003e\n _ssh.tcp.host2.example.net.  300     SRV   \u003cSRV RDATA\u003e\n subdel.example.net.          300     NS    ns1.subdel.example.net.\n subdel.example.net.          300     NS    ns2.subdel.example.net.\n host2.example.net                    CAA   0 issue \"letsencrypt.org\"\n~~~\n\nabove zone data should be stored at redis as follow:\n\n~~~\nredis-cli\u003e hgetall example.net.\n 1) \"_ssh._tcp.host1\"\n 2) \"{\\\"srv\\\":[{\\\"ttl\\\":300, \\\"target\\\":\\\"tcp.example.com.\\\",\\\"port\\\":123,\\\"priority\\\":10,\\\"weight\\\":100}]}\"\n 3) \"*\"\n 4) \"{\\\"txt\\\":[{\\\"ttl\\\":300, \\\"text\\\":\\\"this is a wildcard\\\"}],\\\"mx\\\":[{\\\"ttl\\\":300, \\\"host\\\":\\\"host1.example.net.\\\",\\\"preference\\\": 10}]}\"\n 5) \"host1\"\n 6) \"{\\\"a\\\":[{\\\"ttl\\\":300, \\\"ip\\\":\\\"5.5.5.5\\\"}]}\"\n 7) \"sub.*\"\n 8) \"{\\\"txt\\\":[{\\\"ttl\\\":300, \\\"text\\\":\\\"this is not a wildcard\\\"}]}\"\n 9) \"_ssh._tcp.host2\"\n10) \"{\\\"srv\\\":[{\\\"ttl\\\":300, \\\"target\\\":\\\"tcp.example.com.\\\",\\\"port\\\":123,\\\"priority\\\":10,\\\"weight\\\":100}]}\"\n11) \"subdel\"\n12) \"{\\\"ns\\\":[{\\\"ttl\\\":300, \\\"host\\\":\\\"ns1.subdel.example.net.\\\"},{\\\"ttl\\\":300, \\\"host\\\":\\\"ns2.subdel.example.net.\\\"}]}\"\n13) \"@\"\n14) \"{\\\"soa\\\":{\\\"ttl\\\":300, \\\"minttl\\\":100, \\\"mbox\\\":\\\"hostmaster.example.net.\\\",\\\"ns\\\":\\\"ns1.example.net.\\\",\\\"refresh\\\":44,\\\"retry\\\":55,\\\"expire\\\":66},\\\"ns\\\":[{\\\"ttl\\\":300, \\\"host\\\":\\\"ns1.example.net.\\\"},{\\\"ttl\\\":300, \\\"host\\\":\\\"ns2.example.net.\\\"}]}\"\n15) \"host2\"\n16)\"{\\\"caa\\\":[{\\\"flag\\\":0, \\\"tag\\\":\\\"issue\\\", \\\"value\\\":\\\"letsencrypt.org\\\"}]}\"\nredis-cli\u003e\n~~~\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F7c%2Fcoredns-autodns","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F7c%2Fcoredns-autodns","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F7c%2Fcoredns-autodns/lists"}